Let’s start with the obvious: California law presents more significant compliance challenges for background screening companies than any other American state. It imposes extensive technical requirements, offers an inviting damage structure for plaintiffs’ attorneys, serves as a “hot spot” for class actions, and features a court-system that many observers regard as plaintiff-friendly.
The question for most background screening companies, however, is not whether to do business in California. Rather, it is how to appropriately manage the elevated risk levels associated with California. Below are some best practice tips to consider.
Tip #1: Think Through Your Criminal Reporting Policy.
California places unique restrictions on the reporting of criminal matters. Unlike the FCRA, it precludes CRAs from reporting criminal convictions if more than seven years has passed since “disposition, release, or parole.” Further, unlike the FCRA, it does not permit CRAs to report non-convictions at all (unless proceedings remain pending). Although most CRAs have some awareness of the aforementioned reporting limitations, they vary substantially as to how they interpret and apply these limitations. All CRAs are well advised to reevaluate their approach with counsel and make sure that they are comfortable with the risk management implications. In particular, CRAs ought to thoughtfully consider their treatment of pretrial diversions, adjudications withheld, matters where individuals are currently on probation, and situations where a probation violation has occurred. These areas are rife with risk.
Tip #2: Reconsider Your Privacy Policy.
California has very specific privacy-policy requirements. It actually mandates that CRAs include certain sections in their privacy policy, one of which must even have a specific subtitle. The majority of CRAs are not yet accounting for California’s privacy policy requirements. Given the ability of consumers to assert very technical claims under California law (and receive a minimum of $10,000 per violation and attorneys’ fees), CRAs are well advised to double-check that they are meeting California’s unique privacy policy requirements.
Tip #3: Audit Your Dispute Resolutions Procedures.
Many CRAs do not realize that California imposes technical requirements in the context of disputes that go well beyond the FCRA’s requirements. For example, in the dispute resolution notice, CRAs must generally describe the changes that were made or not made to the report and explain why desired changes were not made. In addition, CRAs must alert the furnisher of the disputed information in writing to the results of the reinvestigation and send a copy of this furnisher letter to the consumer. CRAs are well advised to establish a procedure in which they double-check California’s dispute-related requirements each time a dispute arises involving a California consumer, applicant, or employee.
Tip #4: Reevaluate Your Disclosure And Authorization And Adverse Action Samples.
We frequently review disclosure and authorization and adverse action samples made available by CRAs to their employer clients. In our experience, such documents routinely fall short of California’s requirements. For example:
- Many sample disclosure and authorization forms still do not include the website location where consumers can find information regarding the CRA’s privacy policy.
- Many sample disclosure and authorization forms combine the summary of a consumer’s rights under Cal. Civ. Code 1786.22 with either the FCRA disclosure or the authorization.
- Many sample adverse action letters do not have the end-user identify the part of the report that is causing the adverse action or detail the consumer’s right to file a claim with the Department of Fair Employment and Housing.
Given the popularity of background screening claims in California, it is more important than ever for CRAs to try to make sure they are providing clients with quality samples…and ensure that their client contract describes such samples in a manner that limits the CRA’s risk if something “goes wrong” with the samples.
Tip #5: Double-Check Your Errors and Omissions Policy Language…Again.
Even the best CRAs are not perfect. Accordingly, it is critical for CRAs to be able to count on their insurance coverage. From our standpoint, CRAs are well advised to reassess their Errors and Omissions coverage on an annual basis to try to make sure that they have appropriate coverage if a California plaintiffs’ attorney comes calling. For example:
- Double-check that no insurance exclusions are likely to bar coverage of claims focused upon California law.
- Assess coverage limits. In general, the more that work involves California clients/consumers, the higher they should be.
- Examine deductibles. Is the deductible so high that a screening company is unlikely to have material coverage for a single-plaintiff case?
Too many CRAs—particularly small ones—do not find out what their Errors and Omissions Policy covers until they have already received a complaint. That’s often too late.
Written by Scott Paler
Scott Paler is an attorney and partner at DeWitt LLP. He serves as Chair of the Firm’s Background Screening Practice Group and assists dozens of background screening companies of varying sizes with compliance, risk management, contracts, and lawsuit defense.
THIS BLOG ENTRY SHOULD BE CONSIDERED GENERAL INFORMATION ONLY. IT IS NOT LEGAL ADVICE. FOR LEGAL ADVICE, PLEASE CONSULT WITH YOUR BACKGROUND SCREENING ATTORNEY.
