Quick Hits

• The rapid transformation of healthcare, including advancements in nanomedicine and AI, has significantly increased cyber risks, with PHI breaches escalating from 6 million in 2010 to 170 million in 2024.
• Cybercriminals are increasingly targeting healthcare infrastructure and clinical systems, manipulating patient records and devices, which can compromise patient safety and impose substantial financial and reputational costs on providers.
• Preparedness and disciplined incident response are crucial for healthcare employers to mitigate the impact of cyberattacks, requiring immediate action, thorough documentation, law enforcement engagement, and post-incident security enhancements.

Cybercriminals no longer aim to simply steal or encrypt data—they increasingly seek to manipulate critical healthcare infrastructure and clinical systems in terrorist-like cyber-attacks. This includes altering patient records—such as medication dosing, and infiltrating or reprogramming devices used in surgical procedures or oncology treatments, placing patient safety and clinical outcomes directly at risk. Cyber incidents can compromise continuity of care, degrade clinical quality, and erode public trust—all while imposing enormous financial and reputational costs on providers.

Ransomware remains the most disruptive and prevalent attack modality. Cybercriminals deploy double extortion techniques—first exfiltrating health data, then encrypting it—to force payment both to restore access and to prevent public disclosure of stolen information. Even when organizations maintain robust backups, cybercriminals increasingly target those backups to eliminate recovery options and to pressure payment. The challenge extends into the future as data stolen today may be stored for later decryption as cybercriminals anticipate leveraging quantum computing capabilities to decode currently secure encryption methods, further amplifying the long-term risk profile of compromised data. Healthcare employers have reported recovery timelines of more than a month, and some providers have elected to pay ransoms to stabilize operations and protect patient care.

Preparedness and disciplined incident response are paramount. When a cyberattack occurs, speed, clarity, and precision in execution can substantially reduce patient risk, regulatory exposure, and operational downtime. The following action framework provides a practical guide for healthcare employers facing an active incident:

• Activating the internal person who has been designated in your organization to stop cyberattacks and mitigate further losses
• Immediately assessing and auditing the situation, which includes identifying the nature of the attack, and the scope of data and systems affected
• Disconnecting impacted systems from the network to prevent further compromise or spread of the attack, while preserving forensic integrity
• Documenting the incident, including recording details including suspected start time, observed behaviors, compromised systems, and initial response steps
• Engaging relevant law enforcement authorities promptly, for example, by reporting attacks to law enforcement, Federal Bureau of Investigation (FBI), and/or other government agencies (e.g., Cybersecurity and Infrastructure Security Agency (CISA)) to assist in investigating, and/or recovering data that has been encrypted
• Timely notifying compromised parties, which includes informing persons whose data may have been accessed,  such as patients, employees, or other partner providers
• Thoroughly sanitizing and restoring data, a step that involves removing malware from infected systems, restoring validated data from backups, and updating software/firmware to latest versions to eliminate known vulnerabilities
• Once stabilized, shifting to enhance security, e.g., conducting a comprehensive post-incident review to identify control gaps and systemic weaknesses/vulnerabilities, then investing in targeted improvements such as multifactor or biometric authentication, stronger encryption, segmented network architecture, and ongoing employee training to reduce susceptibility to credential compromise

Vigilance is essential in an era when threat actors continuously refine their tools, techniques, and access. Healthcare employers cannot afford to be complacent. The convergence of digital healthcare innovation and cybercriminal sophistication demands a proactive approach, which includes testing employer incident response plans, validating backups and restoring procedures, clarifying decision authority for ransom scenarios, mapping critical systems and data flows, and routinely exercising cross-functional coordination with clinical, legal, compliance, and technology stakeholders. With deliberate preparation, and rapid, coordinated action, organizations can protect patients, preserve trust, and recover faster when the next cyberattack occurs.

Ogletree Deakins’ Cybersecurity and Privacy Practice Group and Healthcare Industry Group will continue to monitor developments and will post updates on the Cybersecurity and Privacy and Healthcare blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• On December 18, 2025, President Trump signed an executive order directing the attorney general to expedite the rescheduling of marijuana from a Schedule I to a Schedule III drug.
• As a Schedule III drug, marijuana researchers would face far fewer barriers, which could impact state or federal efforts to legalize the drug for medicinal or recreational use.
• The legal impact on employers, however, is likely minimal.

According to studies conducted by the U.S. Department of Health and Human Services (DHS), more than 30,000 licensed healthcare practitioners were recommending medical marijuana to more than 6 million registered patients nationwide. The move to Schedule III would place marijuana and its derivative products in the same category as drugs such as ketamine, buprenorphine, anabolic steroids, and Marinol—a synthetic version of THC used to treat nausea, vomiting, and loss of appetite.

While the executive order does not reclassify marijuana as a Schedule III drug, the administration is signaling its support for the move. Furthermore, rescheduling marijuana would not legalize it for recreational or medicinal use, but it would ease restrictions on research of the drug. The move would come over fifty years after the federal government first classified marijuana as a Schedule I drug in the 1970s, and a year after the Biden administration first proposed transferring marijuana to Schedule III. The U.S. Department of Justice accepted public comment through July 2024 and considered the move, but ultimately did not order the rescheduling.

In addition to research impact, rescheduling marijuana to Schedule III would, according to reporting from The Hill, “allow marijuana businesses to deduct expenses or add credits to their annual federal taxes,” which is currently not permitted for businesses that deal with Schedule I and Schedule II substances.

The Schedule System

The Controlled Substances Act (CSA) governs federal drug policy in the United States. The CSA created the drug scheduling system, which places drugs onto five Schedules based on a drug’s potential for abuse, accepted medical uses, and the potential for addiction. Presently, the Drug Enforcement Administration (DEA) and U.S. Food and Drug Administration (FDA) jointly classify drugs on a I through V schedule.

According to the DEA, Schedule V drugs, substances, or chemicals are those with the lowest potential for abuse and contain limited quantities of narcotics. These drugs are typically used to treat common conditions, such as coughing and diarrhea, as well as rarer conditions like seizures. Schedule I drugs, on the other hand, are drugs, substances, or chemicals with no currently accepted medical use and a high potential for abuse. This includes drugs such as LSD, ecstasy, heroin, and—presently—marijuana. In the middle are Schedule III drugs, which the DEA recognizes as having a moderate to low potential for physical and psychological dependence. This schedule includes some pain medications with less than 90 milligrams of codeine per dose, ketamine, and anabolic steroids.

Consequences of the Move

Historically, it has been a cumbersome process to study the effects of Schedule I drugs. Under the CSA, researchers who wish to conduct research on Schedule I drugs must register with the DEA and provide the agency with information about their qualifications, research protocol, and the institutions where the research takes place. As a result, as of December 2019, fewer than 600 researchers were registered with the DEA to study any Schedule I substance. In 2018, the DEA streamlined the process by moving it online and into a web portal. The hurdles for research do not stop there. Even researchers who are registered with the DEA to research Schedule I drugs are barred from using certain sources of funding (such as any National Institute of Health grant) to fund research that requires purchasing cannabis.

As a Schedule III drug, researchers would face far fewer barriers to entering the marijuana space. This could, in turn, impact state or federal efforts to legalize the drug for medicinal or recreational use. Currently, most states have legalized marijuana in some capacity for medicinal use, with a smaller subset legalizing marijuana for recreational use. While technically still illegal at the federal level, the federal government has historically not interfered with the state-level programs. Rescheduling in and of itself would have little to no impact on existing laws that regulate workplace drug testing and safety, although again, future impacts on state or federal efforts to legalize the drug remain to be seen.

Importantly, rescheduling would not override existing state legalization laws and related employment protections. Employers must continue to navigate the complex landscape of state laws, including those concerning disability discrimination and lawful off-duty conduct, when addressing issues related to marijuana testing and adverse employment actions. Employers should remain mindful of the continued challenges in handling state-specific laws and issues arising from testing for marijuana or taking adverse employment action based on a positive test result.

Ogletree Deakins’ Drug Testing Practice Group will continue to monitor developments and will provide updates on the Drug Testing blog as additional information becomes available.

This article and more information on how the Trump administration’s actions impact employers can be found on Ogletree Deakins’ Administration Resource Hub.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• The California Court of Appeal held that an employee’s reasonable, good-faith belief that an employer violated the law may support a whistleblower retaliation claim under California Labor Code section 1102.5(b), even if the employee’s legal interpretation is ultimately mistaken.
• The court emphasized that section 1102.5(b)’s “objective reasonableness” of the employee’s belief is a question of fact for the jury, not a matter of law for the court.
• The decision underscores that section 1102.5(b) is intended to encourage employees to report suspected legal violations without fear of retaliation, even if they lack legal training.

Background

The plaintiff, Manuel Contreras, a sanitation department employee, believed his employer was violating the California Equal Pay Act (EPA) by paying him less than coworkers performing similar duties. Contreras did not contend that his unequal wages were based on his sex, race, or ethnicity. After consulting with a deputy labor commissioner who mistakenly advised that there was a “potential violation” and reviewing a California Labor Commissioner’s Office frequently-asked-question (FAQ) guidance document—which was itself incomplete and ambiguous, stating that the EPA was strengthened by “[r]equiring equal pay for employees who perform ‘substantially similar work,’ when viewed as a composite of skill, effort, and responsibility”—Contreras (a layperson without formal legal training) concluded, mistakenly, that the EPA required equal pay for substantially similar work, regardless of protected class status. He raised his concerns with management, presenting the FAQ document and requesting a raise. Shortly thereafter, his employment was terminated.

Contreras filed suit, alleging, among other claims, whistleblower retaliation under section 1102.5(b). At trial, the jury found in his favor on all claims, awarding economic and non-economic damages, as well as statutory penalties. The employer moved for JNOV on the whistleblower claim, arguing that the employee’s mistaken understanding of the EPA—specifically, his failure to allege pay disparity based on sex, race, or ethnicity—precluded liability under section 1102.5(b). The trial court granted the motion, finding the employee could not claim whistleblower protection based on a nonexistent or inapplicable legal violation.

Key Holdings

Reasonable but Mistaken Legal Belief Sufficient for Whistleblower Protection. The Court of Appeal reversed the trial court’s entry of JNOV, holding that section 1102.5(b) does not require an employee to be legally correct, only that the employee have “reasonable cause to believe” a violation occurred. The court distinguished between claims based on a “nonexistent law” and those based on a reasonable misinterpretation of an existing statute, finding that the latter might support a whistleblower claim.

Jury’s Role in Assessing Reasonableness. The court found substantial evidence supported the jury’s determination that the employee’s belief had been reasonable, given the ambiguous language in the Labor Commissioner’s FAQ document and the deputy labor commissioner’s statements. The court noted that the FAQs’ omission of protected class language in several sections could have reasonably misled a layperson.

Legislative Purpose and Public Policy. The decision reaffirms the broad remedial purpose of section 1102.5(b), which is to encourage employees to report suspected violations of the law without fear of retaliation, even if their legal analysis is imperfect. The court cautioned that requiring legal accuracy would undermine the statute’s protective intent.

Key Takeaways

• Employers in California may be liable for whistleblower retaliation under section 1102.5(b), even where an employee’s belief that a violation of the law has occurred is mistaken, so long as the belief is objectively reasonable.
• An employee’s reliance on guidance by enforcing agencies, even where such guidance is legally incorrect, may be relied upon in determining whether the employee’s belief is objectively reasonable.
• Nevertheless, as the court noted, “Section 1102.5 requires ‘objective reasonableness,’ and it ‘does not protect employees who do not believe or who unreasonably believe that the information they are disclosing shows a violation of the law.’” (Internal citations omitted.)
• Employers should be careful when responding to employee complaints about potential legal violations, even if an employee’s legal theory appears flawed.
• The decision highlights the importance of clear communication and training regarding wage and hour laws and the need for careful handling of employee complaints to avoid potential retaliation claims.

The Contreras decision serves as a reminder that California’s whistleblower protections are broadly construed and that employee complaints based on a mistaken understanding of the law may still provide a basis for a retaliation claim. The decision may lead enforcement agencies, such as the Labor Commissioner’s Office, which are charged with protecting employee rights, to provide more vague and less precise guidance, as the court system will ultimately determine whether the law was violated. Employers may want to review their internal complaint procedures and train managers to respond appropriately to employee concerns regarding potential legal violations.

Ogletree Deakins’ California offices, Pay Equity Practice Group, Wage and Hour Practice Group, and Whistleblower and Compliance Practice Group will continue to monitor developments and will provide updates on the California, Ethics / Whistleblower, Pay Equity, and Wage and Hour blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• The D.C. Circuit upheld President Trump’s power to remove NLRB member Gwynne Wilcox and MSPB member Cathy Harris without cause.
• The court ruled that statutory “for-cause” removal protections for officials at federal agencies that wield substantial executive power are unconstitutional.
• The decision addresses constitutional questions about the extent of presidential authority over independent agencies, particularly concerning the removal of officers at agencies established by Congress.

In Wilcox v. Trump and Harris v. Bessent, a D.C. Circuit panel majority reversed a district court ruling that had reinstated both Wilcox and Harris, both Democratic appointees, to their respective agencies after President Trump had removed them without citing cause earlier this year. Instead, the D.C. Circuit panel held that statutory “for-cause” removal protections for members of the NLRB and MSPB are unconstitutional.

The ruling comes as the Supreme Court of the United States is considering a similar case, Trump v. Slaughter, concerning President Trump’s removal of Rebecca Slaughter from the Federal Trade Commission (FTC) and whether Humphrey’s Executor v. United States—a 1935 Supreme Court decision upholding restrictions on the president’s authority to remove officers of certain types of independent agencies—should be overruled.

The D.C. Circuit read Humphrey’s Executor narrowly:

“[T]he NLRB and MSPB wield substantial powers that are both executive in nature and different from the powers that Humphrey’s Executor deemed to be merely quasi-legislative or quasi-judicial,” the D.C. Circuit majority wrote. “So, Congress cannot restrict the President’s ability to remove NLRB or MSPB members.”

‘Substantial Executive Power’

The D.C. Circuit panel based its ruling on the Supreme Court’s 2020 decision in Seila Law LLC v. Consumer Financial Protection Bureau, which declined to extend Humphrey’s Executor and instead applied the rule under the 1926 Myers v. United States case, which held that Congress could not restrict the president’s ability to remove government officers who wield significant executive power.

The court found that the NLRB, a five-member board created by the National Labor Relations Act (NLRA) that enforces federal labor law through representation and unfair labor practice cases, and the MSPB, a three-member bipartisan board that adjudicates personnel and merit systems issues involving federal employees, exercise powers beyond quasi‑legislative (i.e., investigatory/reporting) and quasi‑judicial (i.e., judge‑like, non‑policymaking adjudication) functions.

Specifically, the panel pointed out that the NLRB wields substantial executive power in ways that distinguish the agency from the FTC as it functioned in 1935, which was at issue in Humphrey’s Executor. The D.C. Circuit pointed out that the NLRB exercises:

• broad rulemaking authority with the power to issue binding rules necessary to carry out the NLRA, including industry-wide rules, such as those defining appropriate bargaining units;
• policymaking authority through administrative adjudications, changing labor policy on a case-by-case basis;
• remedial power to issue cease-and-desist orders and order reinstatement, backpay, and other affirmative relief sometimes akin to compensatory damages;
• independent litigating authority to seek to enforce its orders in federal court; and
• administrative authority to oversee union elections and bargaining units.

The D.C. Circuit panel likewise stated that the MSPB had “more executive powers” than those deemed to be quasi-legislative or quasi-judicial, including substantial rulemaking authority to issue binding regulations necessary to perform its functions and adjudicatory authority—even if “less aggressive than the NLRB in naked appeals to shifting policy preferences.”

Separation of Powers

The Trump v. Slaughter case, as well as Wilcox’s and Harris’s cases regarding their removals, have raised significant constitutional questions about the president’s authority to remove officers of independent, multimember agencies for whom the U.S. Congress imposed statutory “for-cause” removal protections.

Under the NLRA, members of the NLRB may be removed by the president only “upon notice and hearing, for neglect of duty or malfeasance in office, but for no other cause.” MSPB members are protected from at-will removal absent “inefficiency, neglect of duty, or malfeasance in office.”

The Trump administration has argued that such statutory removal protections violate the separation of powers doctrine by unconstitutionally limiting the president’s executive authority. President Trump’s removal of Wilcox and Harris earlier this year left both the NLRB and MSPB without quorums.

The D.C. Circuit panel’s decision, while falling short of granting the president absolute authority to remove federal agency officers, severely limits for-cause protections for officers at independent agencies. The panel’s majority suggested that the Humphrey’s Executor protection standard survives only for multimember expert bodies that do not wield substantial executive power, or “only agencies with purely advisory functions—like, say, the United States Commission on Civil Rights.”

However, writing in a separate dissenting opinion, D.C. Circuit Judge Florence Y. Pan criticized the panel majority’s decision to “strike down the independence of a traditional multimember expert agency.” She stated that the Trump administration’s position urged an “unprecedented interpretation of the Constitution that would lead to the full politicization of our government and a massive transfer of power to the President.”

Next Steps

The D.C. Circuit panel’s ruling upholds President Trump’s removal of Wilcox and Harris from their respective appointed positions at the NLRB and MSPB, but the litigation could continue. Harris has already petitioned for en banc review by the full D.C. Circuit Court of Appeals. Still, the likelihood of either Harris or Wilcox being reinstated is at best unclear. While the D.C. Circuit sitting en banc ruled in their favor earlier in the litigation, the Supreme Court later blocked their reinstatement. In that ruling, which was on an emergency basis and not on the merits, a majority of the justices agreed that the Trump administration had likely shown that members of the NLRB and MSPB “exercise considerable executive power.”

The Supreme Court’s forthcoming ruling in the Slaughter case could also have a significant influence. A decision overturning Humphrey’s Executor and holding that restrictions on the president’s power to remove officers of independent agencies that wield executive power are unconstitutional would support the D.C. Circuit panel’s ruling in the Wilcox and Harris case.

Furthermore, questions remain about the practical implications of reinstating members to agency boards after they have been out of the agency for months, and whether this would impact the legitimacy of actions taken by the agencies in their absence. In the meantime, President Trump’s two NLRB nominees, whose appointments would restore a Board quorum, are nearing confirmation by the full U.S. Senate.

Ogletree Deakins’ Traditional Labor Relations Practice Group will continue to monitor developments and will provide updates on the Governmental Affairs and Traditional Labor Relations blogs as additional information becomes available.

This article and more information on how the Trump administration’s actions impact employers can be found on Ogletree Deakins’ Administration Resource Hub.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• New York Governor Hochul signed a law that requires healthcare facilities, defined as general hospitals and nursing homes, to develop workplace violence prevention programs.
• General hospitals will additionally be required to conduct safety assessments, develop specific violence prevention plans for preventing and dealing with workplace violence incidents, and maintain trained security personnel for emergency rooms.
• The New York workplace safety requirements come as the federal Occupational Health and Safety Administration (OSHA) halted plans for a nationwide workplace violence prevention standard that had been in the works under the Biden administration.

Senate Bill (S) 5294-B, which was initially passed by the state legislature on June 11, 2025, creates new workplace violence prevention obligations for healthcare “facility[ies]” defined as general hospitals or nursing homes. The law requires facilities to establish prevention programs by September 2027.

The law adds additional workplace safety obligations on healthcare facilities in New York as workplace violence incidents in healthcare settings continue to rise across the country, creating particularized hazards for such workplaces.

The new state standard follows OSHA’s delay of a nationwide workplace violence safety standard for healthcare settings that had been under development during the Biden administration. Meanwhile, a bill that would require OSHA to issue a specific standard for healthcare was introduced in the U.S. Congress in April 2025, but it has not gained traction.

Workplace Violation Prevention Programs

S5294-B requires all general hospitals and nursing homes to establish workplace violence prevention programs within twelve months of the effective date of the law, which is set for 280 days after its enactment.

General hospitals are required to establish programs consistent with the federal Centers for Medicare and Medicaid Services (CMS) Hospital Conditions of Participation regulations for safe settings and emergency preparedness, 42 CFR Section 482.13(c)(2) and Section 482.15(a) and (d)(1), and with the workplace standards of the hospital’s CMS-deemed accreditor.

Those federal CMS regulations set forth requirements for an “emergency preparedness plan,” which must be reviewed and updated at least every two years. Those plans must:

• be based on a facility and community risk assessments;
• provide strategies for specific emergency events;
• address patient populations, the types of operations the facility can provide during an emergency, and plans for continuity of operations; and
• include a process for coordination with federal, state, and local authorities.

Additionally, those federal regulations outline hospital violence training programs, including new training each time the emergency preparedness plans are updated. 

Nursing homes will be deemed compliant if they follow federal regulations for facility risk assessments and long-term care (LTC) emergency preparedness plans outlined in 42 CFR 483.71(a)(3), (b)(1), and 483.73(a)(1), “provided that such assessments and plans address workplace violence threats and hazards.”

Assessments and Security Plans for General Hospitals

Beginning on January 1, 2027, general hospitals must conduct on an annual basis, “a workplace safety and security assessment and develop a safety and security plan that addresses identified workplace violence threats or hazards.”

The safety and security plans must include security measures and policies, including “personnel training policies designed to prevent or minimize identified workplace violence threats or hazards.” In developing those plans, general hospitals must “ensure the active involvement of employees,” including their collective bargaining representatives.

General hospitals must also tailor their plans to the “size, complexity, and local geographical factors” and consider “relevant threats and hazards,” such as workplace violence incidents and complaints or concerns raised by employees, patients, or visitors, as well as specific problems related to the general hospital’s layout.

Implementing Security Plans for General Hospitals

General hospitals must implement their safety and security plan based on the assessments and any findings from those assessments, and update plans as necessary. The plan must include methods to reduce identified risks, such as employee training, increased staffing, security measures, and hospital modifications. Further, they must provide a written summary of the plan to employees and collective bargaining representatives and inform them about reporting incidents of workplace violence.

Security Personnel for Emergency Rooms

Additionally, S5294-B will require hospitals with emergency rooms to maintain trained security personnel. Hospitals in jurisdictions with a population of 1 million or more must have “at least one off-duty law enforcement officer or trained security personnel” present, at all times, in the emergency departments, subject to “emergent circumstance[s].”

Small jurisdictions of less than 1 million must have “at least one off-duty law enforcement officer or trained security personnel” somewhere on the premises, at all times, though in “a manner that prioritizes physical presence near, or within close proximity to, the emergency department” and with direct responsibility to the emergency department.

The above smaller-jurisdiction requirement does not apply to critical access hospitals, sole community hospitals, or rural emergency hospitals. However, if any such exempt hospital experiences increased rates of violence or abuse of emergency department personnel (as determined by the New York State commissioner of health or evidenced by internal program reporting or reports to law enforcement), the commissioner will work with the hospital to bring it into compliance with the “on‑premises at all times” staffing requirement over a reasonable period of time.

Next Steps

Overall, the New York law aims to enhance the safety and security of healthcare environments and their employees by requiring comprehensive violence prevention programs and ensuring adequate security measures, particularly in emergency departments. Healthcare facilities in New York may want to assess their workplace violence risks and begin preparations to comply with the law’s workplace violence prevention programs and develop emergency plans.

Ogletree Deakins’ Workplace Violence Prevention Practice Group and New York offices will continue to monitor developments and will provide updates on the Healthcare, New York, Workplace Safety and Health, and Workplace Violence Prevention blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• The California Court of Appeal reversed a trial court’s denial of class certification for meal break and derivative unfair competition claims, finding that the trial court had failed to apply the burden-shifting framework established in Donohue v. AMN Services, LLC.
• The court affirmed the trial court’s denial of class certification for the rest break and expense reimbursement claims, holding that the evidence did not demonstrate a predominance of common issues or a community of interest among class members.
• The court reversed the trial court’s order striking the plaintiff’s PAGA claim on manageability grounds.
• The appellate court remanded the case for further proceedings to determine whether the PAGA claim was preempted by federal law, consistent with the Federal Motor Carrier Safety Administration’s December 28, 2018, preemption decision and subsequent federal and state appellate authority.

Background

Plaintiff Stephen Dieves, a truck driver employed for approximately nine months in 2018, brought claims against his former employers for damages and civil penalties resulting from their alleged failures to provide meal and rest breaks and reimbursement for work-related expenses, and from their alleged violations of California’s unfair competition law. Dieves also asserted a representative claim for civil penalties under PAGA. The trial court denied class certification for all claims and granted the employers’ motion to strike the PAGA claim on manageability grounds, citing the anticipated need for individual testimony from seventy-five drivers and the lack of common evidence.

Key Holdings

Class certification—meal breaks and unfair competition. The appellate court found that the trial court had erred by not applying the Donohue burden-shifting framework to the meal break claim. Under Donohue, time records showing missed, short, or delayed meal periods with no indication that premium pay was provided create a rebuttable presumption of a violation. Dieves’s evidence—including time records, expert analysis, and declarations—was sufficient to trigger this presumption. The burden then shifted to the employer defendants to show that individual issues predominated, such as voluntary choice or unrecorded breaks. The appellate court held that the trial court’s failure to apply this framework was prejudicial, requiring reversal and remand for reconsideration of class certification for the meal break and derivative unfair competition claims.

Class certification—rest breaks and expense reimbursement. The court affirmed the denial of class certification for the rest break claims, noting that the Donohue presumption does not apply to rest breaks because employers are not required to maintain rest break records. The only evidence supporting the rest break claim was Dieves’s own declaration, which did not compel a finding of predominance of common issues. Similarly, the expense reimbursement claim failed for lack of substantial evidence that personal cell phone use was required or that the reimbursement was insufficient, as most drivers reported infrequent work-related phone use and no inadequacy in reimbursement.

The PAGA claim—manageability and preemption. The trial court had struck the PAGA claim as unmanageable, relying on Wesson v. Staples (2021) 68 Cal.App.5th 746. The appellate court, however, reversed, citing the Supreme Court of California’s decision in Estrada v. Royalty Carpet Mills, Inc. (2024) 15 Cal.5th 582, which held that trial courts lack inherent authority to strike PAGA claims for manageability. The appellate court rejected the employers’ argument that due process concerns warranted striking the claim, finding no record basis for such a conclusion.

FMCSA preemption of meal and rest break rules. On the issue of federal preemption, the appellate court addressed the Federal Motor Carrier Safety Administration’s (FMCSA) 2018 decision preempting California’s meal and rest break rules for property-carrying commercial motor vehicle drivers. Distinguishing the decision of the California Court of Appeal in Garcia v. Superior Court (2022) 80 Cal.App.5th 63, which concluded the FMCSA’s 2018 preemption decision did not bar meal and rest period claims under California law arising from conduct that occurred prior to the decision (i.e., before December 28, 2018), the court adopted the Ninth Circuit Court of Appeals’ reasoning in Valiente v. Swift Transportation Co. of Arizona, LLC, 54 F.4th 581 (9th Cir. 2022), holding that preemption applied regardless of when the underlying conduct occurred. Nevertheless, the court remanded the issue for the trial court to determine whether the plaintiff’s PAGA claim was preempted, as preemption applies only to drivers subject to federal hours-of-service rules.

Key Takeaways

There are several key points to consider from the Court of Appeal’s recent decision:

• Courts must apply the Donohue burden-shifting framework when time records indicate missed meal breaks and no premium pay, shifting the burden to employers to show individualized issues.
• The Donohue presumption does not extend to rest break claims, as employers are not required to maintain rest break records.
• Manageability is not a valid basis for striking PAGA claims; trial courts must use case-management techniques to address complexity without abridging due process. It should be noted, however, that this case involved a version of PAGA in effect prior to the PAGA reforms enacted in July 2024. Under those PAGA reforms, a trial court may limit the scope of a PAGA claim to make the claim manageable at trial. Specifically, courts may limit the evidence the parties may present at trial, limit the scope of a PAGA claim such that the claim can be manageably tried, or consolidate or coordinate actions that allege legally or factually overlapping violations against the same employer.
• Federal preemption under the Motor Carrier Safety Act bars enforcement of California’s meal and rest break rules for covered drivers, regardless of when the alleged violations occurred, but factual determinations regarding coverage must be made by the trial court.

The appellate court’s decision underscores the importance of accurate timekeeping, proper application of legal presumptions, and careful consideration of federal regulatory developments in defending against wage and hour claims. Employers in the transportation industry may want to review their wage and hour policies, recordkeeping practices, and litigation strategies in light of evolving standards for class certification, PAGA enforcement, and federal preemption.

Ogletree Deakins’ California Class Action and PAGA Practice Group, Wage and Hour Practice Group, and Trucking and Logistics Industry Group will continue to monitor developments and will provide updates on the California, Class Action, Trucking & Logistics, and Wage and Hour blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• The D.C. Circuit ruled that members of the MSPB were not insulated by statutory for-cause removal protections, emphasizing that at-will presidential removal is the constitutional baseline for entities exercising “substantial executive power.”
• The court’s decision focused on the MSPB’s role in issuing final, binding decisions with legal consequences, categorizing such actions as execution of the laws and thus requiring direct presidential accountability, leading to the severance of tenure restrictions rather than curtailment of adjudicatory authority.
• This ruling places OSHRC commissioners’ for-cause protections under scrutiny, potentially leading to their conversion to at-will status to align with accountability under Article II of the United States Constitution, while maintaining the adjudicatory functions of the Commission.

Two features of the opinion are especially consequential. First, the court focused on what the MSPB does, not how the U.S. Congress labeled it. Final agency adjudications that impose penalties, alter rights, or grant affirmative relief were characterized as execution of the laws, not as the “quasi-judicial” activity Humphrey’s Executor envisioned. Second, the remedy was severance of the tenure restriction, not curtailment of adjudicatory authority. That remedial posture mirrors the Supreme Court’s approach in Free Enterprise Fund v. Public Company Accounting Oversight Board (2010) and Collins v. Yellen (2021): when insulation violates Article II, courts remove the impediment to supervision rather than dismantle statutory schemes. Read together, these features provide a template for challenges wherever multimember bodies or adjudicators wield binding, remedial authority within the executive branch.

The decision also reframes “layering” concerns. Free Enterprise Fund condemned double for-cause barriers that meaningfully obstruct presidential oversight. Post-decision, MSPB members are removable at will, eliminating one such layer in the administrative hierarchy. Yet the opinion underscores that even a single for-cause barrier for principal officers who exercise substantial executive power is constitutionally suspect, and that inferior officers with stringent tenure protections can compound supervision problems when paired with insulated leadership. That analytic structure will shape litigation across adjudicatory agencies.

Implications for OSHA and OSHRC

The Occupational Safety and Health Review Commission (OSHRC) is a multimember adjudicatory body whose decisions are final within the executive branch and carry legal consequences, including confirmation or modification of civil penalties. Those features track the functions the D.C. Circuit deemed executive in nature. Applying the MSPB logic, courts are likely to scrutinize OSHRC commissioners’ for-cause protection and may sever it on the same theory: Humphrey’s Executor does not extend to principal officers who resolve cases with binding, remedial effect. Severance would preserve OSHRC’s adjudicatory jurisdiction while making commissioners removable at will, aligning accountability with Article II without disrupting ongoing case processing.

OSHRC administrative law judges (ALJs) remain protected by the Administrative Procedure Act’s (APA) “good cause” regime, enforced through the MSPB. With MSPB members now at-will, one layer of insulation above ALJs has been reduced. Still, litigants can argue that robust ALJ tenure—combined with Commission-level for-cause protections (unless severed)—creates an unconstitutional obstruction to presidential supervision under Free Enterprise Fund.

The Bottom Line

By invalidating the MSPB’s for-cause insulation and severing the restriction, the D.C. Circuit sharpened a doctrine that treats binding administrative adjudication as executive power requiring presidential control. That template places OSHRC commissioners’ tenure provisions under immediate pressure and invites renewed, though narrower, “layering” arguments about ALJ protections. The likely near-term outcome is not the unraveling of the Occupational Safety and Health Administration’s (OSHA) enforcement system, but rather the conversion of OSHRC leadership to at-will status—preserving adjudication while tightening Article II accountability.

Ogletree Deakins’ Workplace Safety and Health Practice Group will continue to monitor developments and provide updates on the Workplace Safety and Health blog as additional information becomes available.

This article and more information on how the Trump administration’s actions impact employers can be found on Ogletree Deakins’ Administration Resource Hub.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• Consistency and transparency in enforcement are central themes in a batch of seven interpretation letters recently issued by OSHA.
• The letters collectively address recurring questions in construction, general industry, and recordkeeping.
• The letters reflect OSHA’s current enforcement posture: clearer guidance, and insistence on fundamental obligations.

Why These Letters Matter

Interpretation letters are OSHA’s authoritative explanations of how specific standards apply to particular conditions. They are especially critical in gray areas where text, preambles, and historical guidance leave room for debate, or where technology and work practices have outpaced older regulatory language. This is particularly important in the wake of the Loper Bright Enterprises v. Raimondo and other Supreme Court of the United States decisions that undermined Chevron deference. Consistency and transparency in enforcement are central themes of the new letters, which collectively address recurring questions in construction, general industry, and recordkeeping. Employers operating in OSHA State Plan jurisdictions are reminded that state standards must be at least as effective as federal OSHA and may differ; nonetheless, federal interpretations often influence state-level enforcement and are a valuable guidepost.

1. Permit-Required Confined Spaces: Draining Water-Filled Pipes Before Entry

One letter addresses whether the permit-required confined spaces (PRCS) standard requires employers to drain water from pipes before entry for repairs when a hazard assessment shows no risk of rupture or leaks. OSHA’s interpretation underscores two central principles: first, the primacy of a systematic hazard evaluation that considers the potential for hazardous atmospheres, engulfment, or rapid flooding; and second, the obligation to eliminate or control hazards before entry using the hierarchy of controls. Where a credible hazard of rupture or sudden inflow exists, isolation and energy control steps—such as line breaking, blanking and blinding, or double block and bleed—remain the benchmark. Where the employer’s documented assessment demonstrates no such hazard and adequate isolation is achieved, entry without draining may be consistent with the standard. Practically, this elevates the importance of defensible pre-entry hazard analyses, engineering isolation verification, and robust permit documentation.

• COVID-19 Recordkeeping and Reporting Status Under 29 C.F.R. 1910.502

Another letter clarifies the enforcement status of COVID-19 recordkeeping and reporting obligations. The agency signals continuity with its longstanding position that recordability hinges on work-relatedness, a diagnosis meeting recording criteria, and the general Part 1904 framework. At the same time, OSHA’s interpretation aligns enforcement with current public health conditions and applicable standards. The practical message is that the work-relatedness analysis expectations are unchanged as are those related to serious event reporting where criteria are met. Employers are encouraged to ensure consistency between respiratory protection, exposure control measures, and any site-specific health protocols that may trigger recordability or reporting duties.

• Powered Industrial Truck (PIT) Training: Live-Streamed Proficiency

OSHA addressed whether operators may demonstrate competence via live-streamed or remote training. The letter reaffirms the core of the PIT standard: training must be both knowledge- and performance-based, tailored to the specific truck and workplace conditions, and include practical evaluation by a qualified person. Remote or live-streamed classroom components can satisfy the knowledge element, but they do not obviate the requirement for hands-on evaluation in the actual or substantially similar environment. Employers can blend virtual theory with on-site practicals, provided the evaluator verifies safe operation, site-specific hazards, and the operator’s ability to perform assigned tasks.

• Recordkeeping Software: Using Company-Generated Equivalents to Forms 300 and 300A

A frequent pain point is whether employers may maintain injury and illness logs using proprietary or third-party software that generates documents equivalent to OSHA Form 300 and the annual summary, Form 300A. OSHA’s interpretation confirms that employers may use software-generated equivalents so long as the records capture all required fields, are easily reviewable, and the 300A annual summary is properly certified by a company executive and posted in the workplace during the prescribed period. Employers must also be able to provide records to OSHA and employees in the required time and format upon request. For establishments subject to electronic submission, the software should support accurate, timely e-reporting.

• Engineering Controls Under the Benzene and 1,3‑Butadiene standards: Valving and Leak-Tightness

In response to whether bellows valves, leak-proof valves, or double-seal valves qualify as “engineering controls” for purposes of the Benzene and 1,3‑Butadiene standards, OSHA emphasizes function over form. Engineering controls are measures that physically remove or isolate the hazard to reduce exposures to or below permissible limits, before reliance on respiratory protection. Properly specified and maintained low-emission valves may constitute engineering controls where they demonstrably reduce fugitive emissions and exposures. However, the sufficiency of any given configuration depends on exposure data, process conditions, maintenance integrity, and the overall control strategy, including enclosure, local exhaust ventilation, and leak detection and repair (LDAR) programs.

• Audiometric Testing for Workers With Cochlear Implants

OSHA clarifies how hearing conservation program requirements apply to employees with cochlear implants. The letter indicates that while standard audiometric testing protocols may be unsuitable or invalid for some implanted workers, the employer’s obligation to prevent noise-induced hearing loss remains. OSHA recommends employers consult with qualified audiologists to determine feasible and valid evaluation methods, document medical opinions on testing limitations, and continue to implement noise control measures, hearing protection fit and attenuation strategies, and training. The focus shifts from conventional audiogram trend analysis to prevention and individualized assessment.

• Stair Angle and Tread Depth: Dimensional Compliance

The stairways interpretation tackles whether certain stair angles and tread dimensions comply with OSHA requirements. The letter reiterates that compliance is not merely a function of an angle range, but a matrix of riser height, tread depth, stair angle, and uniformity, plus slip resistance and landing design. Minor departures in one dimension cannot be “cured” by overcompensating in another if the result degrades safety or violates explicit tolerances. For construction and general industry alike, the emphasis is on meeting stated dimensional ranges and ensuring uniformity to prevent trips and missteps—two of the most common sources of fall injuries.

Cross-Cutting Themes and Strategic Implications

Three themes run through these letters. First, OSHA continues to prioritize the hierarchy of controls and site-specific verification. Whether in confined spaces or under carcinogen standards, the agency expects employers to demonstrate hazard identification and control effectiveness with data, not assumptions. Second, technology is welcome but bounded by performance requirements. Remote learning platforms and recordkeeping software are acceptable if they deliver all substance the standards require—hands-on proficiency, complete data capture, executive certification, and timely access. Third, ergonomic and human-factors considerations remain central to fall prevention. Stair geometry, surface conditions, and dimensional uniformity are not design niceties; they are primary defenses against high-frequency injuries.

For safety leaders, the letters also reflect OSHA’s current enforcement posture: clearer guidance, but no retreat from fundamental obligations. Even as the agency emphasizes consistency and transparency, employers should expect inspectors to test the quality of hazard assessments, training evaluations, exposure monitoring, and documentation.

Looking Ahead

The renewed opinion letter program suggests more interpretive guidance to come, which can aid planning and reduce uncertainty. Employers may want to monitor future letters, align internal policies and training, and maintain a documentation mindset that anticipates enforcement scrutiny. While interpretation letters are not new rules, they are roadmaps to how OSHA will apply existing ones. When incorporated into compliance systems, they can materially reduce risk, improve worker protection, and strengthen the defensibility of employer decisions.

Ogletree Deakins’ Workplace Safety and Health Practice Group will continue to monitor developments and provide updates on the Construction, COVID-19/Coronavirus, and Workplace Safety and Health blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• Even where an employment contract is governed by foreign law, in this case Delaware law, English courts may still apply English principles to how discretion (including bonuses) is exercised.
• Employers must exercise bonus discretion rationally, in good faith, and for the purpose set out in the contract.
• Where a bonus clause links awards to individual financial performance, employers cannot rely on unrelated behavioural or reputational factors.

Background

Mr Gagliardi was a U.S. citizen who moved to London and acquired a UK resident permit in 2012. In 2013, Evolution Capital Management (ECM), a US-based investment manager, hired him to establish and grow its block trading fund.

He performed work for the company from London. He rented a house in London and his children lived and attended school there. He paid U.S. federal income tax.

The fund was extremely successful, far exceeding expectations. However, disagreements emerged over risk management and strategy. In November 2021, ECM separated Mr Gagliardi’s fund from its core business. In April 2021, he signed a further contract with ECM.

His contract included a discretionary bonus clause:

“For each calendar year, provided you are an employee in good standing on each fiscal-year-end bonus payday, you may receive a discretionary bonus based on your individual performance and [ECM]’s overall performance (“Discretionary Bonus”). The target range of the Discretionary Bonus will be 10%-15% of profit of your revenue contributions but will be purely discretionary.”

Shortly afterwards, Mr Gagliardi was served with a subpoena from the U.S. Department of Justice (DOJ) as part of a broader market investigation into block trading. He was dismissed in February 2022 on one week’s notice.

Bonus day fell on 15 March 2022. ECM decided not to award Mr Gagliardi a discretionary bonus.

In August 2022, he issued proceedings in England, claiming he was entitled to a discretionary bonus.

Why Didn’t ECM Pay a Bonus?

The High Court found that ECM’s reason for not paying a bonus was its desire to “wait and see” how the DOJ and U.S. Securities and Exchange Commission (SEC) investigations unfolded.

Crucially, Mr Gagliardi was never charged with any offence. The SEC ultimately took no enforcement action against him, and a separate DOJ investigation concluded with a non-prosecution agreement involving another institution.

The High Court’s Decision

Although the contract was governed by Delaware law, the High Court held that English law principles still applied to how discretion was exercised. In particular, the High Court relied on the Supreme Court of the United Kingdom’s decision in Braganza v BP Shipping Ltd., which requires contractual discretion to be exercised:

• in good faith;
• in accordance with its contractual purpose; and
• not arbitrarily, irrationally, or capriciously.

Analysis

The High Court identified several weaknesses in ECM’s case:

1. The wrong factors had been taken into account.

The bonus clause focused on individual revenue performance. The High Court rejected ECM’s argument that it could rely on behavioural or reputational concerns. Those factors were not part of the contractual bonus criteria.

2. “Good standing” did not mean “still employed.”

ECM argued that Mr Gagliardi was not an employee “in good standing” on bonus day. The High Court disagreed. The contract expressly contemplated bonus payments to former employees and required payment within one month of the termination of employment. “Good standing” meant that the employee had not been dismissed for cause.

3. Investigations were not tantamount to misconduct under the contract.

The mere existence of a regulatory investigation was not evidence of wrongdoing. Nor did it justify withholding a bonus or deferring the decision indefinitely.

4. Post-event justifications are problematic.

The High Court found that many of ECM’s arguments were constructed after the fact. At the time the decision was made, there was little evidence that reputational concerns played any real role. Courts will focus on what the employer actually considered at the time—not what it later wishes it had considered.

Conclusion

Mr Gagliardi had generated 97 percent of the fund’s profits. On a rational and proper exercise of discretion, the High Court held that ECM would have awarded him the maximum bonus within the target range. The result was $5,385,000 (15 percent of profits), plus interest.

Key Takeaways for Employers

This case reinforces some important principles around discretionary bonuses:

• Cross-border contracts do not insulate employers from English standards of fairness, particularly where discretionary decisions affect employees with a strong connection to England.
• Employers must exercise discretion rationally and in line with the purpose of an employment contract’s bonus clause.
• Only factors permitted by the bonus wording can be taken into account.
• Unless a contract expressly allows it, employers cannot defer bonus decisions pending investigations.
• Courts will closely scrutinise contemporaneous documents showing how the decision was made. Employers cannot rely on hindsight to justify a weak or flawed process.
• A well-drafted bonus clause and a careful, well-documented exercise of discretion may be the best protection against challenge.

Ogletree Deakins’ London office, Cross-Border Practice Group, and Employee Benefits and Executive Compensation Practice Group will continue to monitor developments and will post updates on the Cross-Border, United Kingdom, and Employee Benefits and Executive Compensation blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Quick Hits

• New York State and New York City enacted several laws in 2025 with which certain employers need to comply.
• These laws concern time off for prenatal care and other health and safety needs, new protections for retail and fashion workers, and among other things.
• In addition, the New York State Legislature delivered several bills to the governor on December 8, 2025, which, if enacted, will also impact the landscape for employers.

The following are some of the new employment laws that were enacted or took effect in New York State and New York City in 2025:

• Statewide Paid Leave for Prenatal Care: A new state law requires employers to provide twenty hours of paid leave per year as a stand-alone leave benefit for pregnant employees. This law took effect on January 1, 2025. The New York Department of Labor released guidance in the form of answers to frequently asked questions (FAQs) on this topic.
• New York City’s Paid Leave for Prenatal Care: On June 3, 2025, New York City adopted the Department of Consumer and Worker Protection’s (DCWP) proposed amended paid prenatal leave rules, which took effect on July 2, 2025. New York City’s Earned Safe and Sick Time Act’s amended rules impose additional requirements beyond the state Paid Prenatal Leave Law, such as a required written policy, balance notification, and recordkeeping.
• Expanded Reasons for Sick and Safe Leave: On October 25, 2025, New York City adopted Int. No. 0780-2024 to amend the Earned Safe and Sick Time Act (ESSTA) to incorporate the requirements under the New York City Temporary Schedule Change Law, expand covered reasons to take ESSTA, and add a separate bank of thirty-two hours of unpaid ESSTA in addition to the forty or fifty-six hours already provided under the ESSTA. The law will take effect on February 22, 2026.
• Anti-discrimination Coordinators for Colleges: On August 26, 2025, Governor Kathy Hochul signed into law Senate Bill 4559B,which requires every college campus in the state to have a dedicated coordinator to address and prevent discrimination under Title VI of the federal Civil Rights Act of 1964. It will take effect on August 26, 2026.
• Protections for Retail Workers: The New York Retail Worker Safety Act took effect on June 2, 2025. It establishes new rules for workplace violence prevention in retail settings. The New York State Department of Labor released guidance on some key issues under the law, as well as a model policy and training program.
• Protections for Fashion Workers: On December 21, 2024, Governor Hochul signed the New York State Fashion Workers Act, which regulates model management companies and their clients, including retail stores, fashion designers, advertising agencies, photographers, and publishing companies, and provides enhanced protections for fashion models. The law imposes requirements for model agency contracts, payment practices, and workplace safety. It took effect on June 19, 2025. The New York State Department of Labor published FAQs and guidance to help employers comply with this new law.
• New Pay Data Reporting Obligations: On December 4, 2025, the New York City Council overrode a mayoral veto to enact two new pay data reporting laws, Int. 0982-2024-A and Int. 0984-2024-A. They will require private employers with more than 200 employees working in New York City to submit annual reports with pay data by race, ethnicity, and sex, modeled after the former federal EEO-1 Component 2 reports, and permit the city to perform annual pay equity audits based on the information submitted.

On December 8, 2025, the legislature delivered several bills to the governor, which, if enacted, will impact employers.

• Stay-Or-Pay Clauses: On June 12, 2025, the state legislature passed the “Trapped at Work Act” (Assembly Bill 584C) to nullify promissory notes that require employees to repay employers for certain costs, such as training expenses, if they leave their jobs within a set time period.

• Disparate Impact Discrimination: State legislators passed S8338, which establishes “disparate impact” as a valid ground for employment-discrimination claims under state law even without showing an intent to discriminate. Disparate impact is defined as a “discriminatory effect where it actually or predictably results in” a disproportionate effect on a group of people because of their membership in a legally protected class.
• Remedies for Labor Law Violations: State legislators passed S7388, which requires courts to interpret Labor Law protections broadly in favor of workers to accomplish appropriate remedies for legal violations. This specifically includes rules concerning minimum wage, equal pay for equal work, retaliation, and unfair competition.

Next Steps

Staying abreast of changes in state and city laws will help employers to avoid lawsuits alleging wage and hour violations, discrimination, or other matters. Employers may wish to review their employee handbooks, training materials, and policies to ensure they are up-to-date and legally compliant.

Ogletree Deakins’ Buffalo and New York offices will continue to monitor developments and will provide updates on the Higher Education, Leaves of Absence, New York, Pay Equity, Retail, Unfair Competition and Trade Secrets, Wage and Hour, and Workplace Violence Prevention blogs as new information becomes available.

Richard A. Braden is a shareholder in Ogletree Deakins’ Buffalo office.

Patrick M. Collins is a shareholder in Ogletree Deakins’ New York City office.

Simone R.D. Francis is a shareholder in Ogletree Deakins’ New York City and St. Thomas offices.

This article was co-authored by Leah J. Shepherd, who is a writer in Ogletree Deakins’ Washington, D.C., office.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts