Although there are no statutory limitations on the length of time that a prior citation was issued as a basis for a repeated violation, the following policy shall generally be followed.

Extending the look back period policy was just one of several actions OSHA took early during the Obama Administration to deliberately seek and cite more Repeat violations. David Michaels, Obama’s Assistant Sec’y of Labor for OSHA, complained frequently that OSHA’s enforcement teeth were not sharp enough. Without being able to change OSHA’s civil penalty authority, OSHA changed numerous policies and practices with the specific intent to find and cite more Repeat violations, because Repeat violations carried 10 times higher penalties than Serious and Other-than-Serious violations. In other words, finding ways to characterize more violations as Repeat was a way to raise OSHA penalties without being granted any new authority from Congress—so that is precisely what OSHA did.

In addition to expanding the look-back period to 5 years, the Obama Administration’s OSHA also broke down barriers between individual establishments, so that a violation at one location of a multi-establishment company could be used as the basis for a Repeat violation at any other location in fed OSHA state within that organization. OSHA also became more proactive in how it selected targets for inspections, which made it more likely for an employer to be visited multiple times during the look-back period.

Those policies were “successful,” in that the percentage of OSHA violations characterized as Repeat doubled during the Obama Administration. Citations characterized as Repeat now make up more than 5% of all OSHA citations.

That trend continued even after Congress gave OSHA new penalty authority, increasing the max price tag for a Repeat violation from $70,000 per violation to approx. $130,000. As a result, we are seeing more $100K+ and $1M+ OSHA enforcement actions than ever before.

In light of OSHA’s Repeat violation philosophy, particularly in the context of the Second Circuit’s ruling in the Triumph case, employers need to be extra vigilant in defending against initial citations if the cited standard presents a risk of future Repeat violations, even if the initial penalty is very low. Paying the fine for a Serious or Other-than-Serious citation today may seem like no big deal if it carries a relatively small fine, but if can easily lead to a Repeat citation in three or four years (or eight years now that OSHA knows its look-back period is unlimited) could turn that initial violation into a costly burden.

Employers also need to understand the numerous other ways that Repeat violations can harm employers beyond just the 10x higher penalties. First, even under the Trump Administration, OSHA is continuing to issue inflammatory and embarrassing press releases about OSHA citations in significant cases, which includes most enforcement actions involving Repeat violations. So reputational harm can come to an employer just for being alleged to have committed a Repeat violation. Worse still is falling into the dreaded Severe Violator Enforcement Program (SVEP). The qualifying criteria for SVEP include Repeat and Willful violations in certain categories, but the data shows the vast majority of employers “sentenced” to SVEP are there because of Repeat violations.

Even more reason to fight the initial violation, regardless how low that initial penalty may be.

Finally, a Repeat citation could increase insurance premiums and disqualify contractors and subcontractors from government and private contracts. There are potentially costly consequences for accepting a citation that has a high potential to become a Repeat citation. Therefore, employers should strongly consider contesting OSHA citations if a settlement cannot be reached that mitigates the risk of future Repeat violations.

Contesting a citation, however, is a post-hoc solution. The best way to avoid a Repeat citation is to understand the hazards most commonly found in your workplace, develop a program to regularly inspect for and correct them, and track your efforts to comply the applicable requirements.

In the hospitality industry, the most frequently cited OSHA standards include Hazard Communication, Electrical Safety, Wiring Methods and Components, Lockout/Tagout, Fire Extinguishers, Respiratory Protection, Walking/Working Surfaces, Bloodborne Pathogens, Protective Equipment, and Exit Routes.

OSHA Penalties
Below are the maximum penalty amounts adjusted for inflation as of Jan. 23, 2019. (See OSHA Memo, Jan 23, 2019).

State Plan States
States that operate their own Occupational Safety and Health Plans are required to adopt maximum penalty levels that are at least as effective as Federal OSHA’s.

This article is part of our Conference Materials Library and has a PowerPoint counterpart that can be accessed in the Resource Libary.

HospitalityLawyer.com® provides numerous resources to all sponsors and attendees of The Hospitality Law Conference: Series 2.0 (Houston and Washington D.C.). If you have attended one of our conferences in the last 12 months you can access our Travel Risk Library, Conference Materials Library, ADA Risk Library, Electronic Journal, Rooms Chronicle and more, by creating an account. Our libraries are filled with white papers and presentations by industry leaders, hotel and restaurant experts, and hotel and restaurant lawyers. Click here to create an account or, if you already have an account, click here to login.

Severe Thunderstorm Classification
Thunderstorms are classified as “severe” when they produce one or more of the following:

• Wind gusts of 93 kph (58 mph) or greater
• Hailstones with a diameter of at least 2.5 cm (1 inch)
• A tornado

Severe thunderstorms are volatile weather systems that can result in serious damage to business and residential infrastructure. Depending on the strength and weather conditions a thunderstorm produces, prolonged disruptions to transportation and utility networks and business operations are possible. Frequent lightning, strong straight-line winds, flooding downpours, and hail are common during the passage of a severe thunderstorm.

Depending on atmospheric conditions, severe storms could also spawn destructive tornadoes. A tornado typically consists of a funnel-shaped cloud that reaches the ground. Winds associated with a tornado can exceed 322 kph (200 mph). Damage paths can be greater than 1.6 km (one mile) wide and 80 km (50 miles) long.

Business Continuity for Severe Thunderstorms
It is important to know how to effectively prepare for a severe weather event in order to protect life and property and ensure business resiliency following the passage of a storm. This includes conducting a severe thunderstorm hazard assessment ahead of time, categorizing all business assets, developing a severe thunderstorm risk assessment, and practicing site-specific emergency management plans.

Severe Thunderstorm Hazard Assessment
Understand the potential impacts on business operations by conducting a severe thunderstorm hazard assessment ahead of the storm. To do so, list what types of damage may be possible during the passage of a thunderstorm, ensuring all aspects of a storm are considered (hail, flooding, damaging winds, lightning, etc.). Assess the possibility of prolonged disruptions that might continue in the days following a severe thunderstorm (protracted power outages, supply chain disruptions, etc.).

Categorize all business assets that could potentially be exposed to severe thunderstorm activity and assess their degree of vulnerability. Note that thunderstorms (especially those that produce tornadoes) may cause direct losses to physical assets, indirect losses to business function (e.g., loss of production during recovery efforts), and intangible market losses (e.g., missed opportunity to sell to new buyers).

Severe Thunderstorm Risk Assessment
Develop a comprehensive severe thunderstorm risk assessment for your company that speaks to the vulnerability of exposed assets and outlines what are considered tolerable or unacceptable risks.

Use this information to perform a cost-benefit analysis to determine what mitigation measures would be best suited for your company, as well as what options are available to you to ensure business continuity during and after the passage of a storm. The two following tactics can support your risk assessment:

• Create inventories of products, equipment, and vehicles that might need to be moved to a safe location before a severe weather outbreak occurs.
• Ensure that critical datasets are backed up at a secure, offsite facility or through cloud storage.

Emergency Management Planning
Research, create, and practice site-specific emergency management plans to enact during the passage of a severe thunderstorm:

• Reference regional authorities’ local disaster management plans.
• Create a list of emergency contacts (emergency services, essential staff, and suppliers).
• Practice evacuation plans and safe-sheltering protocols to ensure employees are ready to act on short notice.

Always verify the details of your insurance coverage for hazards associated with severe thunderstorms. While your scheme may cover wind damage sustained during a passing thunderstorm, supplementary protection policies may be required for other threats such as flood and hail damage.

For more information on coping with thunderstorms, read our advice sheet on How to Prepare for Thunderstorms.

Click here to see the Enhanced Fujita Scale for tornadoes according to wind speed and damage created.

Among attorneys, there’s another equally well-known fact: Whenever a plaintiff slips and falls on ice—whether it is in a parking lot, a sidewalk, near a spigot or fountain or anywhere else—she will almost always argue that the defendant should have known of the condition because it was foreseeable that water would turn to ice and create a slip hazard. The Fourth Circuit Court of Appeals, however, has just ruled that knowing water freezes is not enough to establish foreseeability.

In the case of Thomas v. Omni Hotels, 2018 U.S. App. LEXIS 21459 *; 2018 WL 3689248 (4th Cir. August 2, 2018), an Omni Hotel guest slipped and fell on a 22° Fahrenheit day after ice had formed on the floor near a semi-enclosed fountain. The Plaintiff argued that the ice must have formed from water blown out of the fountain by the wind. At the trial court level, the US District Court granted defendant’s summary judgment motion, and held that the Plaintiff had failed to create a genuine dispute of material fact as to whether Omni had actual or constructive notice of icy conditions or water escaping from the fountain. On appeal, the Fourth Circuit affirmed the District Court’s dismissal. Despite the higher duty of care placed upon an innkeeper, Virginia law still required the Plaintiff to show actual or constructive knowledge of the unsafe condition.

In this case, there was no evidence of prior reports of water escaping form the fountain or ice forming on the walkway. There was no evidence that any Omni employee actually knew about the ice that had formed

Despite the lack of those facts, Plaintiff argued that the cold temperature and existence of icicles on the fountain were sufficient to show constructive knowledge. The 4 th Circuit disagreed, holding that, “[t]hese facts certainly demonstrate the conditions upon which ice could form generally, but they are not sufficient to impose actual or constructive notice to Omni that ice would form on the walkway beside the fountain that morning when neither ice nor standing or escaping water had previously been observed in that location” Id. at 7 (emphasis added). Thus, knowing that water freezes at 32° does not mean that the defendant knew that ice had formed at the specific spot where plaintiff had fallen.

The Plaintiff then argued that, due to the time it takes for ice to form, a jury could infer that the ice existed for sufficient time, such that Omni should have known it was there. Again the Court disagreed, stating the “[a]ppearence of an item cannot be used to infer that it had been on the floor long enough” to create constructive notice.” Id. (citing Powers v Wal-Mart, Inc., 2006 US Dist. Lexis 74009 (W.D. Va. 2006). Thus, other than the fact that ice was present, there was no evidence as to when the ice formed. This was insufficient to demonstrate constructive knowledge.

Moreover, the fact that Plaintiff could not establish when the ice had formed doomed any argument that Omni’s inspections had been insufficient. In order to argue that Omni’s inspections had been insufficient, the Plaintiff would need to show that the ice had been present and visible during those inspections. If the Plaintiff could not prove that the ice had been present at a given time, she could not claim that the inspector should have seen it when performing his inspection.

Finally, Plaintiff argued that the danger had been foreseeable because Omni created the dangerous condition by deciding to place the fountain near the cold elements. Under the “genesis doctrine,” a business is liable for injuries caused by foreseeable dangers it creates. The Court, however, rejected this argument. It held that there was no evidence showing what had caused the icy conditions near the fountain that morning. Moreover, there was no evidence that Omni created the icy buildup by placing the fountain in a partially covered area or by failing to turn off the water. Given this—along with the fact that there had never been any prior complaints about water freezing near the fountain and the fact that no Omni employees knew of any prior instances where splashing, condensation, or moisture buildup occurred—there was no evidence as to how the ice would have been foreseeable. Accordingly, the Court found no evidence that Omni actively caused the icy conditions on the floor.

The takeaway from this holding is the longstanding rule of law: a plaintiff must prove the defendant had notice of the specific condition that caused her injury. It is not enough to show that there were other spills on the floor of a store; the defendant must have known of the specific spill that injured her. It is not enough to show that merchandise had fallen in the past; the business must have known that some specific piece of merchandise was likely to fall. And in this case, it was not enough to show that the hotel knew it was cold outside; the plaintiff must prove that the defendant knew ice was forming in a particular location.

Having lawyers who understand the latest opinions and who can effectively respond to arguments on foreseeability, creation of condition or some other creative twist is critical for managing a company’s risk. KPMLAW is ready to answer any questions you may have about this case or any others.

Why is the hospitality industry such a frequent target? What makes this industry uniquely vulnerable to information threats? This article will examine those questions and suggest certain measures that hotel and restaurant companies can employ to try to mitigate the risks to information that they own or possess.

Multiple Parties Are Involved In The Equation

Hotel companies and many restaurant companies face unusual problems when it comes to cyber security and vulnerability to data theft/loss due to traditional ownership/management/franchise structures as well as the way hotels and restaurants tend to operate.

For branded hotels (and many branded restaurants) there are typically at least three parties are involved in a functioning hotel business: the franchisor or “brand,” the owner (or owners’ group) and the operator a/k/a the management company. Each of those entities plays a particular role in the function of the hotel as a business, and each may have its own computer systems or stored information:

Franchisor

• Owns the “flag” of the brand and in exchange for use of its marks and marketing services, can impose its own standards for hotel features, including the process for booking rooms;
• Typically mandates that the owner install a particular hardware/software suite to handle the reservations functions;
• Maintains ownership and control of that system through contractual means; and
• Typically claims ownership of guest data that is input into the reservations system by hotel employees or others.

Owner

• Typically not the brand; could be individuals, investor groups or major asset holding companies, including investment funds, insurance companies, banks;
• May have varying degrees of involvement in operational issues that include guest or employee data; and
• May own separate “point of sale” payment card systems for food/beverage/retail outlets situated within the hotel; and

Operator

• If independent from Owner, will usually have a management agreement with the Owner that establishes an agency relationship with Owner for purposes of all day-to-day hotel operations;
• Third party operators are usually the formal employers of hotel personnel and maintain all employee data (including Social Security Numbers);
• May collect guest data prior to inputting same into the reservations and management system owned by the franchisor, if the hotel is branded; and
• May obtain and maintain payment card information associated with group bookings.

Sometimes the complex relationship between franchisors, owners and operators requires that information be shared, or that separate computer systems be tied to each other. For example, as indicated above, major hotel brands require all of their franchised hotels to utilize the brand’s reservations and management computer system when booking or checking in all guests. Thus, hotel owners and operators are forced to have their own on-site personnel utilize the computer system of another company when transacting business with guests. In addition, hotels, like restaurants and other consumer businesses, often permit interfacing between their own computer systems and those of third party vendors or credit card processors.

All of this means that hotel and restaurant systems are to some extent dependent upon the security measures and practices of other entities which the hotels and restaurants do not control. A classic example of this is the Wyndham Worldwide breaches which occurred 2008 and 2010, where hackers were able to penetrate Wyndham’s central reservations database through a hack of a single franchised hotel, and then use the Wyndham system’s connections to dozens of other individual franchised hotels to steal hundreds of thousands of sets of credit card data.

The Hospitality Industry Does Business By Payment Card

Credit and debit card data has long been a preferred target of data thieves. Payment by card is the mainstay of most hotels and restaurants.. Therefore, hotels and restaurants represent a tantalizing treasure chest of data for cyber criminals to try to crack open.

The Wyndham Worldwide series of data breaches, where the brand’s reservations system was the subject of the attacks, were certainly notorious in the world of hotel data incidents, but statistically most credit card data theft in hotels occurs due to malware affecting point-of-sale (“POS”) systems, rather than the brand reservations systems for guest room bookings. Of the twenty-one most high-profile hotel company data breaches that have occurred since 2010, twenty of them were a result of malware affecting point-of-sale systems in hotel restaurant, bar and retail outlets. This is also true for the recent restaurant data breaches affecting Wendy’s, Arby’s, Landry’s and Noodles & Company, which were all the result of malware affecting point-of-sale systems in several locations.

Cyber criminals, through a variety of methods, are able to infect POS systems with credit card data-scraping malware that captures personal account data at some point during the payment process. This malware is often capable of moving between connected systems and may infect groups of hotels and restaurants that are either related by common brand or by a common third party operator and may often operate for several months or even years before being detected by the operator.

Some hotel credit card compromises are not high-tech in nature. Many hotels still tend to receive faxed credit card authorization forms for company bookings or group bookings, and often the faxed paper forms, which contain credit card numbers and expiration dates, are kept in a non-secure manner, such as in binders behind the hotel front desk. These paper forms are susceptible to being lost or stolen, and while many state breach notification laws do not expressly cover loss or theft of paper data, a growing number of state laws do. For example, the data breach laws of California, Hawaii and Alaska all protect data in any form, including paper, that contains personally identifying information.

In addition to these “paper” breaches, the hotel industry is also vulnerable to identity thieves targeting guests who may be unfamiliar with the area or the hotel. The thieves use various schemes including calling hotel guests, posing as the front desk, to ask for updated credit card information or leaving fliers for pizza delivery with phone numbers directed to thieves who take down the guest’s credit card information.

Employee Turnover and Fluidity Contribute to Security Problems

In the hospitality world there tends to be a high degree of movement of employees in and out of particular locations. Hotel operators will transfer their skilled employees to other locations where they may be needed. Employees in less skilled positions tend to come and go frequently as well. Hotel or restaurant owners may decide to change third-party operating companies, and the new operator will bring in its own management-level employees to manage the location. Maintaining a consistently trained workforce can be a challenge for both the hotel industry shares with the restaurant industry.

In recent years many information security industry experts have identified a company’s employees as its most vulnerable point from a data security perspective. A fluid workforce means that it is more difficult to train employees in the secure receipt and treatment of personal information, in complying with privacy and security policies, in protecting and changing user access credentials, and in being alert for social engineering attempts. Keeping up with which employees have access to different levels of information is also challenging when there are frequent changes of personnel at particular job levels. Only certain job functions within a hotel setting require access to guest or employee personally identifying information, and hotel companies (as well as companies in other industries) are not always as careful as they should be about controlling access by job grade/description and making sure access is eliminated when an employee moves out of a particular position or is terminated.

How Can Hospitality Companies Better Prepare for and Combat Cyber Threats?

While hospitality companies have unique problems that tend to make them more vulnerable to threats of compromise and theft of personal information, there are ways that these companies can prepare for and mitigate against such risks, and there are lessons to be learned from looking at prior data security incidents. In analyzing recent breaches, it is likely that utilization of the following practices could have mitigated or prevented such incidents.

• Contractual Risk-Shifting and Secure Handling Requirements: Franchisors, owners and operators, in their dealings with each other and third parties such as vendors and contractors, can help to control the risks inherent in sharing systems or information with others. Requiring specific cyber incident indemnification, where negotiating leverage permits, is useful to protect hotel companies from the economic consequences of a breach incident caused by or contributed to by another party. In addition, contract provisions requiring compliance with minimum information security standards (e.g., compliance with Payment Card Industry Data Security Standards a/k/a “PCI-DSS”) or mandating third party compliance with a hotel company’s own security policies can reduce the risk
  of cyber incidents.
• Employee Policy Enforcement and Training: Despite the fluidity of management and staff employees that is attendant to operating a hotel or restaurant, operators can and should consistently update their employee policies on data security and rigorously train employees who have access to data or systems. Where employees do not require access to personal information to perform their job functions, that access should be terminated. Policies concerning use of mobile devices, external information storage devices and internet usage should be enforced. In addition, to protect against identity thieves, employees should be trained on how to advise guests on potential risks and how to identify suspicious behavior and when to report suspected identity theft or data breaches.
• Guard Guest and Customer Card Data: Considering that POS malware attacks are a very common type of cyber incident affecting hotels and restaurants, operators and owners should take extra care in selecting their POS system vendors and credit card processors. Agreements with those entities should be vetted and, if possible, modified to add protection and minimum data handling standards for the outside vendor. Compliance with PCI-DSS not only helps to ensure that data security software, hardware and practices are safer, but also helps to protect against fines and penalties which may be levied against hotels by the credit card industry for noncompliance with PCI-DSS when a breach occurs.

Authors

Sandy Brian Garfinkel Mr. Garfinkel is a member with the law firm of Eckert Seamans Cherin & Mellott, LLC. He maintains a busy and diverse business litigation practice with a particular emphasis in the hospitality industry. As part of his work in the hospitality world he regularly assists hotel management and ownership companies in preparing for and responding to breaches of data security. He is also the founder and chair of the firm’s Data Security & Privacy Practice Group.Mr. Garfinkel can be reached at 412.566.6868 or at sgarfinkel@eckertseamans.com.

Malgorzata “Gosia” Kosturek Ms. Kosturek focuses her practice on hospitality law and general corporate law. She assists clients in numerous types of corporate transactions, including acquisitions, mergers, and financings, primarily in the hospitality industry. She is also a member of the firm’s Data Security & Privacy Practice Group. Ms. Kosturek can be reached at 412.566.6180 or at gkosturek@eckertseamans.com.

A CPTED survey identifies exposures within the enterprises built and natural environments and recommends enhancements that reduce risks to people, operations and facilities. The survey is a component of the risk assessment process and focuses on identifying human behaviors, along with other potential exposures within specific areas. Survey findings identify solutions that, if implemented, enhance the safety and security of various industries

CPTED involves the design use of five strategies: natural surveillance; natural access control; territorial reinforcement (using buildings, fences, pavement, signs and landscaping to express ownership); activity support (placing the right activity in the space); and maintenance (addressing the inspection, repair and general housekeeping of the space). Accepted CPTED industry strategies are described below:

• Natural surveillance. This strategy involves reducing crime by decreasing target opportunities in a space/area by placing physical features, activities and people to maximize visibility.
• Natural access control. Channeling people into, alongside or out of spaces/areas and deterring entry elsewhere along the boundary are the concepts of this principle (through the judicial placement of entrances, exits, fencing, landscaping and lighting); This concept denies access to crime targets and creates a perception of risk for adversaries.
• Territoriality. Territoriality notifies users and non-users of the boundaries of a space/area or facility. It creates a psychological deterrent to crime by notifying users of the space/area/facility that they are being watched and that the community is the space/area/facility for purposeful activities.

Other CPTED Elements
Maintenance and activity support aspects have been added to CPTED as of recent, but are often treated separately because they are not physical design elements within the built environment.

• Activity support. By encouraging authorized activities in public spaces, guests of a business understand its intended use. Criminal acts are discouraged, and an increase in safety and security of the immediate area is realized.
• Maintenance. Care and upkeep demonstrates expression of ownership for the intended purpose of the area. A lack of care indicates loss of control of a space or area and can be a sign of tolerance for disorder. The Broken Windows Theory is a valuable tool in understanding the importance of maintenance in deterring crime. Broken Windows theory proponents support a zero tolerance approach to property maintenance, observing that the presence of a broken window will entice vandals to break more windows in the vicinity. The sooner broken windows are fixed, the less likely it is that such vandalism will occur in the future. Establishing care and maintenance standards and continuing the service preserves the intended use of the space/area. CPTED maintenance and care standards also safeguard the best interests of the community and the enterprise.

What is Seasonal Influenza?

Seasonal influenza, also known as the flu, is a very contagious viral disease that spreads through droplets created when an infected person coughs, sneezes, or talks. There are several viruses that cause influenza – including H1N1, H3N2, and influenza B. Influenza vaccines are available and must be received every year to be protective. Protection against infection typically begins within two-to-three weeks of immunization. It is important to note that the flu cannot be treated with antibiotics since it is caused by a virus.

The Current Trend of Seasonal Influenza in the Northern Hemisphere

The influenza season in the Northern Hemisphere generally begins in October and can last as late as May. According to the most recent influenza report from the WHO, dated Nov. 27, overall disease activity in North America continues to increase while activity in Europe remains low. The dominant circulating virus in North America is influenza A(H3N2), while influenza A(H3N2) and influenza B viruses are the primary strains circulating in Europe. Influenza A(H3N2) and influenza B viruses are covered by the traditional influenza vaccine.

Strategies to Prevent the Spread of Influenza in the Workplace:

1. Raise Awareness about Seasonal Influenza

Employees who believe they are at risk of becoming infected with influenza, and who understand the consequences associated with influenza infection, are more likely to alter their behaviors in order to reduce the risk of infection. Therefore, it is important that employers educate workers about how influenza is spread, what symptoms the flu causes, and the potential complications related to influenza infection. This information should be communicated to employees in a number of ways, such as through emails and by placing flyers or posters in high-traffic areas, to maximize visibility.

2. Encourage Proper Coughing Etiquette and Hand Washing

It is extremely important for employers not only to teach and remind employees the proper way to cover coughs and sneezes but also to remind them to regularly wash their hands throughout the flu season.

3. Keep the Workplace Clean

Since the flu can spread on contaminated surfaces or objects, it is extremely important that employers develop procedures and policies that ensure all commonly touched work surfaces, work areas, and equipment – for example, telephones, doorknobs, lunch areas, copy machines, etc. – are cleaned frequently. Routine cleaning agents are sufficient to disinfect surfaces against influenza, but employers should provide easy access to cleaning supplies.

4. Encourage Annual Flu Vaccinations

Even though the effectiveness of influenza vaccines depend on how well-matched the vaccine is to active influenza viruses, influenza vaccination remains an important additional defense against influenza infection. However, vaccination is arguably the most difficult measure to implement due to misconceptions about the influenza vaccine. For example, many people believe that the influenza vaccine makes people sick. In reality, the standard influenza vaccine contains virus that has been inactivated and is, therefore, unable to make people sick. Furthermore, many non-influenza illnesses have symptoms that can be described as flu-like. As a result, individuals may incorrectly attribute such symptoms to a recent vaccination instead of illness due to another infectious agent.

Employers should consider hosting a flu vaccination clinic at their place of business. The US CDC recommends providing vaccines to employees at little-to-no cost and promoting vaccination within the local community. If hosting a flu vaccination clinic is not plausible, employers should consider notifying their employees of local pharmacies and clinics offering influenza vaccinations. Since many pharmacies and clinics are only open during normal business hours, employers should consider allowing their employees the time to go to these clinics while still on the clock.

Conclusion

The flu can cause widespread business disruptions resulting in financial losses. Employers can mitigate such losses by implementing measures that will help prevent the spread of the influenza virus within the workplace: raising awareness about seasonal influenza, promoting proper hygiene, keeping the workplace clean, encouraging employees to receive their annual flu vaccination, and adopting flexible leave plans.

To help keep your workplace well this flu season, we’ve created this handy infographic: Top 6 Tips for Workplace Wellness this Flu Season. Download it now and share with your colleagues.