Archive for October, 2014

California Beefs up Data Breach Notification Law

California’s data breach notification law has been beefed up with the enactment of legislation.

The new law requires businesses to provide free identity-theft prevention services to subjects of a breach if their personally identifiable information has been compromised. The law, which is the result of AB 1710, covers both customers as well as employees of an organization.

In other words, even if you do not maintain customer credit card or other client information, your company would be subject to the law if you have employees.

The new law requires a business whose data has been breached to provide, for free, one year’s worth of “appropriate identity-theft protection and mitigation services” to affected California residents.

The new law will not change other parts of breach response practices as required by law.

It will require companies to do what many often do anyway after a breach. They offer identity-theft protection to help to ease the burden on their clients and alert them if in fact someone has hijacked their credit card data and is using it to make charges. It’s also a way to stave off lawsuits.

One of the issues with the law is that it requires business to provide “appropriate” identity-theft protection and mitigation services. Such a vague description won’t make it easy, as there are a number of services available to monitor the fallout from identity theft.

That said, it’s likely that offering a credit monitoring and fraud resolution service should suffice.

Credit monitoring services essentially keep a lookout for any unusual charging activity, such as excessive charges, or charges in faraway locations, including overseas. These companies will typically offer fraud resolution services as well, that help remediate the fallout from identity theft.

There is a myriad of companies offering these services online. If you store credit card data, it would be wise to at least do some research ahead of time into which service you might want to use. The services vary in price and the breadth of their service.

Most of the services will monitor at least one – if not all – of the nationwide credit bureaus for suspicious activity. Some services scan the Internet to see if an affected individual’s information is floating around on the web. And some offer personal assistance with identity-theft resolution.

While the law requires that you offer affected individuals these services, it does not require that you provide it to everyone affected (in other words, you don’t have to provide it to those who don’t take you up on your offer).

According to recent research, enrollment rates after breaches are typically no more than 10%. You should look for a service that only charges you for the individuals who actually enroll in the service.

 

AB 1710 basics

You are required to offer identity-theft protection services only if the compromised information includes a California resident’s name in combination with one of the following:

  • Social Security number,
  • California driver’s license number, or
  • California identification card number.

 

If other information may have been compromised, like credit card account numbers, medical information, health insurance information and login name and passwords, you would not be required to provide these services. That said, you would still be required to notify the individuals under the other portions of California’s breach notification laws.

 

The rest of California’s data breach law remains in effect. You would have to take certain actions if you experienced a breach that exposed a California resident’s name AND their:

  • Social Security number,
  • California driver’s license number;
  • California identification card number;
  • Credit card, debit card or bank account number,
  • Medical information;
  • Health insurance information, or
  • Online login credentials.

 

California law requires a business to notify any California resident whose unencrypted personal information above was acquired, or reasonably believed to have been acquired, by an unauthorized person.

Any person or business that is required to issue a security breach notification to more than 500 California residents as a result of a single breach of the security system shall electronically submit a single sample copy of that security breach notification, excluding any personally identifiable information, to the state attorney general.

 

If such a breach occurs, you should:

  • Contain and mitigate the breach;
  • Contact your attorney;
  • Purchase the most appropriate identity-theft protection and mitigation service if the breach involves Social Security numbers, California driver’s license numbers, or California identification card numbers;
  • Promptly notify affected individuals of the breach and offer identity-theft prevention services as needed; and
  • Take steps to prevent a recurrence of the breach.

    hand computer

So do you run your souvenir shop in a tourist area? I hope it goes well and that it hasn’t been affected by the coup.

Most of my business is based in the US although we have some Thai clients and this year has been quite good in terms of growth. I work hard though and sometimes have to stay up late to answer client calls from the US.

What do you like to do when you’re not working?

Basics of a Strong Lockout/Tagout Program

A lockout/tagout program will not be effective if your employees are not properly trained in how it works, and if you don’t have consequences for them if they don’t follow the program.

Every year, hundreds of workers in the US die because they don’t follow lockout/tagout procedures or their employers failed to have them in place or, if they did, failed to enforce their rules. Failure to train or inadequate training is one of the top-cited lockout/tagout violations by Cal/OSHA.

Improper training or failing to train all of your workers can have dire consequences, even for staff that are trained in procedures.

In this past year in California, two workers died because of inadequate training. One died on the job at a nut cannery because he had missed lockout/tagout training when he was on layoff.

In the other case, a worker at a clothing manufacturer was killed after a maintenance mechanic who had not been trained in lockout/tagout walked away when his co-worker entered part of the machine to remove finished product. The machine was de-energized but not locked out, and it started up when the worker entered it.

Under Cal/OSHA’s lockout/tagout standard, all authorized and affected employees, plus those who work in areas where energy control procedures are used, must be trained on lockout/tagout procedures.

 Training must include hazards related to:

  • Cleaning,
  • Repairing,
  • Servicing,
  • Setting-up and adjusting prime movers, and
  • Machinery and equipment.

“Affected” employees include:

  • Qualified persons who lock out or tag out specific machines for such operations.
  • Those whose jobs require them to operate a machine. They must be instructed on the purpose and use of energy control procedures.
  • Other employees include those whose work might be in an area where the procedures might be used. They must be instructed about the prohibitions on restarting or energizing machines that have been locked or tagged out.

The training provisions of the Cal/OSHA standard require that authorized employees be trained on hazardous energy control procedures (HECPs) and associated hazards.

Affected employees must be trained on the purpose and use of HECPs, and all other workers in the area must be instructed on the prohibition on attempting to restart machines which are locked or tagged out.

Pay especially close attention to training on controlling all sources of hazardous energy. That can sometimes require developing equipment-specific lockout procedures.

Turning off a machine is often not enough. It needs to be disengaged or de-energized. That’s because the control switch can still contain electrical energy. A release of stored energy can start the machine again briefly, but enough to do cause serious injury.

If possible, you should also block out moveable parts during lockout/tagout procedures.

You also need to develop, implement and enforce a lockout program.

Cal/OSHA requires that employers must develop and utilize an HECP for cleaning, repairing, etc., and shall clearly and specifically outline the scope, purpose, authorization, rules and techniques to be utilized for the control of hazardous energy, and the means to enforce compliance, including:

  • Shutting down, isolating, blocking and securing machines or equipment;
  • Placement, removal and transfer of lockout/tagout devices;
  • Testing machines to determine the effectiveness of lockout/tagout devices;
  • Separate procedural steps for safe lockout/tagout of each machine.

 

All workers involved in lockout/tagout should get their own locks. They should not use someone else’s lock and they should not install or remove another employee’s lock.

One final bit of advice: Once a machine is locked out, the operator should try to turn it on again to see if it has been effectively disengaged.

lockout tagout lock

Relief for Excepted Benefits under ACA

If you offer vision, dental and other similar additional benefits, you need to make sure they are offered as separate from your main health insurance policy to ensure they fall outside of certain health reform regulations.

The Obama Administration published this guidance in early October for so-called “excepted benefits” that many employers offer. Under the Affordable Care Act, certain rules apply to health plans, such as banning annual, lifetime limits and out-of-pocket limits, and requiring plans to cover preventative care services.

However, these rules are not supposed to apply to excepted benefits, such as dental, vision and long-term care benefits, as well as employee assistance programs.

The new rules on excepted benefits take effect for all plans incepting on or after Jan. 1, 2015.

 

Dental, vision and long-term care benefits

Specifically, the final rules provide that limited-scope dental, vision and long-term care benefits are considered not to fall under the ACA’s requirements as long as they are:

•             Provided under a separate insurance policy, or

•             Otherwise not an integral part of the group health plan.

The final rules are applicable to group health plans and issuers for plan years beginning on or after Jan. 1, 2015.

Benefits are not an integral part of a group health plan (whether the benefits are provided through the same plan, a separate plan, or as the only plan offered to participants) if:

•             Participants may decline coverage whether or not a participant contribution is required for the coverage, or

•             Benefit claims are administered under a separate contract unrelated to claims administration for any other benefits under the group health plan.

Also, the final regulations eliminate the need for employees to pay an additional premium for this coverage, and a self-insured plan can be “excepted” by not being an integral part of a major medical plan.

 

Employee assistance programs

Employee assistance plan (EAP) benefits are excepted as long as the following holds true:

1.            The plan does not provide significant benefits in the nature of medical care.

2.            The benefits are not coordinated with benefits under another group health plan, as follows:

– participants cannot be required to exhaust EAP benefits before becoming eligible for benefits under the other group health plan; and

– eligibility for the EAP benefits cannot be dependent on participation in another group health plan

3.            The program cannot require employee premiums or contributions.

4.            The program does not have a cost-sharing component.

In the end, employers and issuers are free to continue offering EAPs with major medical plans provided the program is ancillary to a major medical plan, it does not cost the employees anything and use of the program is not a “gatekeeper” to accessing the major medical benefits.

 

Non-coordinated excepted benefits

There is also a section in the new regulations about non-coordinated excepted benefits. These benefits include coverage for specific conditions, such as policies that cover only cancer, for example. They may also cover hospital indemnity or other fixed indemnity coverage.

Such policies pay out a fixed amount per diem if someone is hospitalized, for example, and that amount is not tied to treatment costs or service provided.

Non-coordinated benefits must meet <i>all</i> of the following conditions:

1.            The benefits are provided under a separate policy, certificate or contract of insurance.

2.            There is no coordination between the provision of the benefits and any exclusion of benefits under any group health plan maintained by the same plan sponsor.

3.            The benefits are paid with respect to any event without regard to whether benefits are provided under any group health plan maintained by the same plan sponsor.

 

The takeaway

What you should do before the 2015 policy year:

1.            Review any vision, dental and long-term care policies and EAPs you may offer your staff to ensure that they meet the conditions for excepted benefits.

2.            Review other benefits that may seem ancillary, but which could offer group health plan benefits.

3.            If any of those benefits do not meet the conditions for the excepted benefits category, you need to coordinate with us to make sure they do.

4.            Call us if you are concerned!

vision benefits

New Law Requires Anti-bullying Training

A new law that takes effect in January will require companies with 50 or more employees to provide supervisors with anti-bullying training.

The law essentially adds to the existing requirement that employers conduct anti-sexual harassment training for supervisors every two years.

The new requirement takes effect Jan. 1, 2015 thanks to Gov. Jerry Brown signing AB 2053 into law.

The new anti-bullying training can be folded into your company’s anti-sexual harassment training, under the new law.

 

Current law

Under present state law, companies with 50 or more employees must provide two hours of anti-sexual harassment training and education to supervisors within the first six months of them assuming their position as a supervisor. Additionally, employers must provide refresher anti-sexual harassment training every two years.

The training must include:

  • Information and guidelines on the prohibition of sexual harassment in the workplace,
  • Information and guidelines on prevention of sexual harassment,
  • Information and guidelines on corrective action after sexual harassment,
  • Information and guidelines on remedying sexual harassment in employment, and
  • Practical examples aimed at instructing supervisors in the prevention of harassment, discrimination and retaliation.

 

All training must be conducted by trainers or educators with knowledge and expertise in the subject.

 

<b>New requirements</b>

Starting next year, employers that are required to conduct anti-sexual harassment training must also include “prevention of abusive conduct as a component of the [anti-sexual harassment] training and education.”

Abusive conduct is defined as:

“Conduct of an employer or employee in the workplace, with malice, that a reasonable person would find hostile, offensive, and unrelated to an employer’s legitimate business interests. [It] may include repeated infliction of verbal abuse, such as the use of derogatory remarks, insults, and epithets, verbal or physical conduct that a reasonable person would find threatening, intimidating, or humiliating, or the gratuitous sabotage or undermining of a person’s work performance.”

 

That said, the law requires that such treatment must be regular or systematic and that a single incident is not enough to be considered “bullying,” unless it is “especially severe or egregious.”

The new law does not specify the content of the training or what, if any, training materials must be included. It does not specify how much time out of the two hours of anti-sexual harassment training must be focused on bullying.

 

What you should do

With this new law on the books, you should revisit your anti-sexual harassment training and make appropriate changes to account for the new requirements. You may want to schedule time with your employment law attorney to make sure that you proceed in accordance with the law.

While the new law does not create a private right of action, certain instances of bullying could land you on the receiving end of a lawsuit, particularly if the bullied person is part of a protected class because of their race, gender, religion, disability, age, etc. Theoretically, a plaintiff could argue that an employer’s lack of anti-bullying training contributed to workplace harassment or discrimination.

The way the law is written also should serve as a warning to employers, particularly the use of the word “malice.” This is important because in the context of punitive damages in lawsuits, malice is defined as conduct that’s “intended by the defendant to cause injury to the plaintiff or despicable conduct which is carried on by the defendant with a willful and conscious disregard of the rights or safety of others.”boss yelling

Workers’ Comp Insurers Crack down on Independent Contractor Classification

More businesses are getting hit up for additional premiums by their insurers during audits for using independent contractors, according to a new report in the insurance trade press.

According to the Workers’ Comp Executive trade publication, insurers are ratcheting up their scrutiny of independent contractor usage and sometimes demanding that the employer pay for workers’ comp coverage for the contractor.

The issue is typically coming up when companies use independent contractors that are one-man operations. According to the report, even companies that contract out work to computer programmers and graphic designers are getting hit with bills for additional workers’ comp premium during audits.

Sole proprietors of businesses are not required to carry workers’ comp coverage for themselves and do not have to obtain workers’ comp if they have no employees, under the California Labor Code.

The only exception to this is roofing companies with C-39 contractor classification. All roofing contractors are required to secure workers’ comp policies, even if they are sole proprietorships with no employees.

The press article cites the case of a small sign and graphics company that as part of its services offers sign installation. The company for years has been using independent contractors to do this work, according to the report.

The owner of the company told the Workers’ Comp Executive: “They’re installers and they sub out for tons of [other] businesses. Independently they’re just one guy. They’re incorporated and they have liability insurance, but as a business owner they’re not required to have workers’ comp insurance.”

The sign company’s owner said the issue of comp coverage for these installers had been raised for the first time in his latest audit. “I’ve shown [the auditor] that they’re incorporated businesses, I have their liability insurance certificate – I pushed back a couple times but they said this is the way it is,” he told the trade publication.

One of the biggest challenges for employers is the difficulty of defending against a carrier’s demand for additional premium. If the dispute can’t be resolved through discussion, the only solution is to go to court, but the cost of hiring an attorney will often outweigh the benefits – if the employer can find an attorney to represent them.

Insurers told the trade publication that they look at a number of factors to determine whether an “independent contractor” is that, or really just an employee.

In particular, they will typically check if the contractor is in the same line of business as the policyholder, or if the contractor has their own business or federal employer identification number.

Auditors may look at a number of factors to determine if someone is an independent contractor or employee, such as:

  • If the employer retains direction and control over how the independent contractor and its employees perform their work;
  • If either party terminates the contract at will;
  • If a person brings other workers to perform contracted services, and if they provide a certificate of insurance for workers’ comp in such cases;
  • Whether the person performing services is engaged in an occupation or business distinct from that of the principal;
  • Whether or not the work is a part of the regular business of the principal or alleged employer;
  • Whether the principal or the worker supplies the instrumentalities, tools and place for the person doing the work;
  • The alleged employee’s investment in the equipment or materials required by their task or their employment of helpers;
  • Whether the service rendered requires a special skill;
  • The length of time for which the services are to be performed; and
  • The method of payment, whether by time or by the job.

 

The takeaway

The biggest takeaway for you as an employer is to review all of your independent contractor relationships to make sure that they comport with the bullet points above. The biggest factor is typically the degree of control you exert over the work.

Besides workers’ comp carriers cracking down on the way employers classify independent contractors, the federal government and the IRS have also been scrutinizing their use.

If you have concerns or questions, feel free to call our office to discuss independent contractor usage.

Rising Danger of Hacks Spurs Need for Comprehensive Strategies

The “root cause” of the credit and debit card data breach at Target Corp. last year was the company’s lack of a chief information security officer (CISO).

That’s according to a former Target manager who made the comment during a talk at the “Work-Bench Enterprise Security Summit,” according to press reports.

The news came in the same week that the Ponemon Institute released a new study, which found that 43% of enterprises experienced a data breach in 2013 – up from 33% in 2012.

The study also found that the cost incurred for each lost or stolen record containing sensitive and confidential information increased to an average of $201 per record – or $5.9 million per breach. Those costs are up from $188 per record in 2012, and $5.4 million per breach.

The lesson from these two news items is that no business can afford a lackadaisical attitude towards cyber security, as hackers and other cyber threats are targeting small and large businesses alike. And while CISOs are out of reach for most companies because of the cost, there are outside consultants in the market who can review your plans and develop a strong security plan for your organization.

The primary reason for the increase in the cost of a breach is the loss customers incur following the data breach due to the additional expenses required to preserve the organization’s brand and reputation. In fact, the average rate of customer turnover or churn increased by 15% since the previous year in Ponemon’s study.

The study found that data losses were mainly caused by:

  • Malicious or criminal attacks (44% of companies reported this as the reason for their breach). These were the most expensive breaches, at $246 per record.
  • Employee negligence (31% of organizations). This factor typically cost the organization $160 per record.
  • System glitches (25% of organizations). This factor cost organizations an average of $171 per record.

 

Fighting the threat

While most companies are not the size of Target and cannot afford to have a CISO on staff, you can still learn from Target’s mistakes. Karl Mattson, who worked at Target from 2008 until 2013 – most recently as manager of cyber and global intelligence – said that the lack of a security culture was Target’s undoing.

Besides not having a solid infrastructure in place to prevent the breach, Target also responded poorly. When the company’s intrusion-detection software discovered the suspicious activity and alerted Target’s IT staff, the company did not take immediate action, he said.

However, many companies cannot afford a CISO, so they are turning to virtual CISO engagements. These are security executives for hire, and they will help develop a security roadmap for their clients.

They will typically conduct reviews of your information security, breach response plans, sensitive data, database, and more.

After the reviews, they will usually produce a report with recommendations for improvements in your policies, security framework, security culture, and more. They will also help you implement the recommended strategies – and they are typically on call in case of a breach.

hacker

Physical Therapy Key to Getting Injured Workers Back on Job

Many companies work hard to prevent on-the-job injuries for obvious reasons, not least that claims can drive increases in workers’ compensation premiums. An injury to an experienced and skilled worker also means lost productivity, the expense of training a replacement and the costs of low morale and absenteeism.

Ideally, preventing injuries is the way to control costs, but when an injury occurs, returning that worker to the job is the next best solution. Early return-to-work programs allow an employee to get back to work with light duties during recovery.

If an injury requires more than just some time off, rehabilitation can help a worker recover and return to the job ready to perform at 100%.

Some of the most common injuries among laborers are sprains and strains of the low back, neck and shoulder. In office workers it’s typically more strains of the lower back, and carpal tunnel syndrome.

These injuries result from ergonomic challenges in the workplace – repetitive tasks, stooping or crouching for long periods and working on uneven terrain.

Often, therapists see repetitive motion as a cause of injury, resulting in conditions such as tendonitis, carpal tunnel syndrome and “tennis elbow.” Many of these conditions require hand therapy to support recovery.

Laborers can also have traumatic injuries from accidents involving equipment, and those injuries won’t heal properly without physical therapy. Without such therapy, they have the potential for complications, such as excess scarring and muscle atrophy.

Physical therapy can correct improper body mechanics and help prevent re-injuries. A good program focuses specifically on work-related injuries and preparing patients to return to their jobs.

To make the process smoother, a program should work directly with doctors and insurers, ensuring the continuity of treatment and expediting the employee’s return to work.

Work injury management offers targeted, job-specific work conditioning that enables physicians to help their patients return to work in a timely fashion. Patients do work-related tasks under the close supervision of therapy staff.

Many physical therapy clinics use innovative equipment and job-specific materials to simulate the workplace. Therapists can observe the patient performing tasks specific to their job, then identify and address the factors that may have contributed to a person’s injury. Patients practice their job and strengthen key areas, so they are ready to return to work with a lower risk of re-injury.

The key to an injured worker returning to work after an injury or operation for a repetitive stress injury is coordination between the employer, the worker, the physician, the therapist and the insurer. A coordinated, one-stop shop can save money and time.

If one of your workers suffers an injury and requires physical therapy, talk to us and we will try to help you work with your insurer to see if they can be put into a physical therapy program focused on returning them to health and getting them back on the job.

 

physical therapy

 

New Threat to Employers: Pregnancy Discrimination

Since the Equal Employment Opportunity Commission issued an advisory about pregnancy discrimination in July, the agency has been busy targeting employers it accuses of breaching the Pregnancy Discrimination Act.

 

Consider these recent actions:

  • In September, a Wisconsin Merry Maids franchise owner agreed to pay $40,000 to settle a pregnancy discrimination lawsuit filed by the EEOC. The agency accused V&B L.L.C. of firing a woman because she had suffered from pregnancy-related issues at work.
  • Pet food manufacturer Triple T Foods Inc. in August settled a pregnancy discrimination case filed by the EEOC for $30,000. The company had been sued for firing a lab technician an hour after she had informed the company she was pregnant. The company said it had to let her go due to safety concerns for the mother and baby.
  • The EEOC in August sued a company for pregnancy discrimination after it withdrew a job offer upon learning the candidate had just given birth. Savi Technology Inc. is accused of withdrawing the offer for its human resources director position after the woman told the company vice president and general counsel that she had recently given birth and had had surgery related to her pregnancy.

 

If you are surprised, you shouldn’t be. Since the last quarter of year 2011, the EEOC has filed more than 45 lawsuits involving pregnancy discrimination.

Said an EEOC lawyer in a recent press release:

“Employers should be well beyond archaic prejudices against women who are pregnant. Too many employers have continued to deny female workers equal opportunity to earn a living for their families and themselves, simply because they are pregnant or ‘showing.’

“The EEOC continues to combat such prejudices and practices as part of its efforts to educate the public about the rights of women in the workplace [and] everyone should be free from this obvious form of sex discrimination.”

 

What you can do

Many employers erroneously make decisions to fire or remove pregnant employees from certain jobs out of misguided notions of protecting the employee or the unborn child from certain work conditions, or out of a general fear that the pregnant employee will get hurt and sue – or file a workers’ comp claim.

Hiring managers and supervisors must understand that this type of thinking is no longer acceptable for both the federal and many state governments.

The best strategy to take if you are concerned about the well-being of a pregnant worker or her unborn child is to make individual assessment of each situation and take appropriate action when necessary based upon the unique facts of that situation.

You should try to have in hand good data and all the facts before taking action. You should also talk to the employee and not overreact.

As an employer, you need to take this issue seriously because the EEOC has made one of its top priorities obtaining not just monetary damages, but also “targeted, equitable relief” such as all sorts of injunctions.

 

Your protection

A final word about being sued: The best protection, after having policies in place to ensure your business does not take any discriminatory actions against pregnant employees, is to have employment practices liability insurance.

Should you get sued, such a policy will pay for legal costs, fines and damages for not only pregnancy discrimination, but a myriad of other lawsuits your employees may file against your company.

 

Working-During-Pregnancy-–-Dos-Donts

New Workers’ Comp Audit Threshold for 2015

Starting Jan. 1, 2015, all policies with more than $13,000 in annual premium will be subject to yearly payroll audits.

The Workers’ Compensation Rating Bureau made the change – from $10,000 in annual premium, a threshold that’s been in place since – means that fewer employers are likely to be audited next year. However, all roofing companies, regardless of their premium, will be audited annually. In addition, construction firms with employees in high-wage classifications in the state’s dual-wage system will be subject to audits every three years.

Premium audits explained
Your insurer will review your records and operations to gauge if the premium it charged at the start of the policy period was correct. It does this by checking employee numbers, hours worked and if you have put your employees in the proper workers’ comp classification. It then compares that information with what you reported when the policy was written for the year.

An audit is usually performed shortly after your policy expiration, but the insurer can also perform it earlier.

What to do

It is important to keep detailed payroll records. It is even more significant if you wish to divide your wages between classification codes. This is often referred to as “payroll segregation”. If you have an employee who does more than one type of work during the day, you must detail that information.

In general, if an employee divides time between two or more activities that are separately classified, you can divide the employee’s wages if you maintain detailed payroll records documenting the number of hours they spend in each separately classified activity.

These records may include time cards or a daily log that tracks employee hours by activity or classification code.

If you do not maintain detailed time records, then you must assign the employee’s entire gross earnings to the highest-rated classification to which they are exposed. Please note that for some industries and classifications, including Clerical Office (8810) and Outside Sales (8742), payroll segregation is not allowed.

 

If you are going to be audited, you should prepare:

  • Payroll records (registers, journals, earnings cards, etc).
  • Payroll, overtime and Section 125 Cafeteria Plan (if any), which must be summarized by month, quarter or policy period for each classification code.
  • State tax reports (EDD: DE9 and DE-9C).
  • Payroll records associated with Waiver of Subrogation and/or Owner Controlled Insurance Policy, if endorsed on your policy.

 

The following records may be required to complete the audit and must be sent to the auditor if requested:

  • Federal tax reports and schedules (941s/940; 1099s/1096; W2s/W3; schedule C, K, E, F, etc.).
  • Check register and cash disbursements journal.
  • General ledger.

 

For all construction policies, insurers will typically also require:

  • Employee time cards with daily start/stop times, necessary to validate the use of a high-wage classification.
  • If independent contractors and/or sub-contractors were used, provide the Contractors State License Board (CSLB) number with expiration date for all contractors. If no CSLB, provide name, amount paid, date and work performed. (You may check licenses at www.cslb.ca.gov).

minimalism style stairs