The short legislative session will begin on February 5. Here are some issues that we are following for you.
Cap and Trade: This is modeled after legislation in California to decrease greenhouse gas emissions and create a complex market to sell credits. This proposal will likely impact many large companies in Oregon. Two proposals were presented this week, LC44 and LC176.
Oregon’s carbon footprint is one of the lowest in the country and continues to shrink as businesses comply with existing regulations. Additionally, these businesses invest in technology to reduce carbon emissions.
Cleaner Air Oregon: The Oregon DEQ recently proposed new rules to regulate air toxic emissions from industrial facilities. These would be the most stringent in the country. Oregon businesses have made great strides in reducing air contaminants. In fact, 80% of the air pollution comes from everyday activities such as driving and wood burning stoves for heat. Oregon industrial resources account for less than 15% of air pollutants.
The imposed toxins levels could severely harm many businesses in our area. There are over 11 businesses in McMinnville, and 30 businesses in Yamhill County with threats to business operations due to these new regulations. A 25-page list of Oregon companies, ones you would never expect such as veterinary clinics, cities, colleges, hospitals, and retail stores will be impacted. You can see the list here.
DEQ will regulate businesses based on air emissions from their neighbors, too. You can write a letter to the DEQ (testimony is open until January 22nd), submit it here: firstname.lastname@example.org, to let them know the impact on your business.
Oregon State Chamber of Commerce has crafted a letter of testimony to the DEQ that can provide additional information for you.
Measure 101: will be the subject of a special election on January 23rd. A “Yes” vote will preserve a 1.5% provider and health care insurance premium tax passed by the legislature during the 2017 session. A “No” vote will repeal the tax. At stake is between $222 and $333 million of state funding that is directed toward the state’s Medicaid program – also known as the Oregon Health Plan – which funds health services for low income Oregonians.
A yes vote will keep the law as written, 0.7% assessment (tax) on certain hospitals and a 1.5% tax on insurers and coordinated care organizations that facilitate the State’s Medicaid program. A no vote would force the legislature to look for funding from other sources, repealing the tax. Senator President Courtney and Senator Ted Ferrioli both support maintaining the law, and not repealing any parts of it. Representative Julie Parrish has been the chief petitioner of the ballot measure.
The McMinnville Chamber has scheduled a panel discussion on January 17th at Michelbook Country Club from 8:00am to 10:00am. You can register here: http://cm.mcminnville.org/events/details/today-s-healthcare-and-you-16059
GDPR – The EU General Data Protection Directive
- The upcoming European Union General Data Protection Regulation. The regulation applies to the personal information of any EU resident. Since McMinnville has international visitors and international business dealings, I thought this was important to share.
- Basically, the regulation is an overhaul of former legislation protecting personal information. It covers all personal data belonging to any person from the EU. Personal data, as defined by the regulation, includes any information relating to a person who can be identified by their name, id number, location, online name or any other factors such as physical, psychological, genetic, mental, economic, cultural or social identity.
- Organizations outside of the EU are subject to the regulation should they collect data from any EU resident. There will be some stiff penalties for non-compliance, up to 4% of global annual revenue or €20 million whichever is the highest.
- Things you can do right now if you have any data relating to residents of the EU:
- 1. Determine your risk – Do you market to residents of the EU (web-based marketing or other types)? Do you transfer personal data of EU residents or customers from outside the US to the US? Do you collect social security numbers, credit card numbers, birthdays, home addresses, etc? Where do you keep this information and is it secure
- 2. Perform an audit of the data you collect – location, retention reason, length of time retained, disposal plan
- 3. Establish a team to create a plan for compliance, if necessary.
- 4. Appoint a Data Protection Officer to ensure compliance is met if necessary.
- 5. Create consent and disclosure information and communicate that to your customers.
- 6. Speak with your legal counsel if you have questions.
- 7. Speak to your IT department or IT provider for help.
The deadline for compliance is May 25, 2018.
A summary article can be found here: https://www.dataiq.co.uk/blog/summary-eu-general-data-protection-regulation. The GDPR overview can be found here: https://www.eugdpr.org/. Here is another article of interest from Inside Big Data for US companies: https://insidebigdata.com/2017/02/23/prepared-data-discovery-requirements-meet-eus-new-costly-gdpr-privacy-requirements/.
Data Breach Workgroup:
Senator Prozanski (D-Eugene) and Representative Holvey (D-Eugene) formed a workgroup on data breaches due to concerns related to the Equifax breach which occurred last year.
Data security is of concern to all of us, however, if the proposed changes pass, they could cause significant legal expenses and issues for any business that retains personal identifying information.
Here’s what they propose:
* Remove fees for consumers who wish to freeze, thaw, or lift a freeze on their credit. Some Legislators and advocates want these actions to be free to the consumer, regardless of the number of times performed. Others propose one free freeze, thaw, or lifting of freeze, with reduced fees on subsequent ones.
* Establish deadlines – the current proposal is 45 days – for reporting data breaches to affected consumers.
* Restrict upselling, the practice of offering additional services for a fee when providing free credit monitoring after a data breach.
What is of concern, is the inclusion of data breach as a private right of action under Oregon’s Unlawful Trade Practice Act, exposing businesses to greater risk of lawsuits.
The Oregon Retirement Savings Program known as OregonSaves is a state-run program to help Oregonians save through payroll deduction at work. Every employer in Oregon that does not offer an employer-sponsored retirement plan will need to facilitate OregonSaves for their employees. Due to the overwhelming positive response to the program, Oregon Saves is opening the program to any employer of any size with employees in Oregon. We can expect to see notification on how to enroll sometime within the next month. For more information or to register your business, claim an exemption, go to www.oregonsaves.com or call 844-661-1256.
If you have questions or need further information, please do call me at 503-472-6196 or email at email@example.com.