New York State harassment law now in force

On October 9, 2018, New York State’s sexual harassment law, officially known as the New York Labor Law, came into force following final amendments. Under the new legislation, companies with staff in New York State must have implemented sexual harassment training for all staff. One of the key amendments to the legislation is that the training must now be completed by October 9, 2019, rather than by January 2019.

You can find a host of compliance tools, such as guides, policy templates and more by searching our sexual harassment prevention resource page.

What does the new sexual harassment law cover?

Non-employees in a workplace covered

New York State Human Rights Law was amended in April 2018 to protect non-employees, i.e. 1099ers, contractors, vendors and consultants, from sexual harassment in the workplace. An employer may be found liable if they failed to take immediate action against harassment of a non-employee. This is an important change because prior to April 2019, you had to be a W2 employee to be covered by the state sexual harassment law which was similar to the federal Civil Rights Act of 1964.

A non-employee is someone who is, or is employed by, a contractor, subcontractor, vendor, consultant, or anyone providing services in the workplace. Protected non-employees include persons commonly referred to as independent contractors, “gig” workers and temporary workers. Also included are persons providing equipment repair, cleaning services or any other services provided pursuant to a contract with the employer.

Confidentiality revised in sexual harassment cases

The revised New York State Human Rights Law puts the decision on confidentiality in the hands of the person making the claim of harassment. The employer or harasser cannot insist on confidentiality.

Mandatory arbitration clauses banned

Mandatory arbitration clauses to resolve allegations or claims of sexual harassment are deemed null and void. This means no one can be forced to submit their claim to a private judge or a closed-door arbitration session.

Non-disclosure provisions banned

Any action or claim of sexual harassment with a factual foundation cannot be prohibited due to a non-disclosure agreement or provision in a contract.

Mandatory anti-harassment training

From October 9, 2018, all employers in the state of New York are required to implement mandatory annual anti-harassment training programs and distribute various policies, including complaint forms. Crucially, the training must be interactive. By October 9, 2019, all companies participating in competitive bidding for public contracts must have their training and policies in place.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.