LP Magazine

MAY-JUN 2019

LP magazine publishes articles for loss prevention, asset protection, and retail professionals covering shrinkage, investigations, shoplifting, internal theft, fraud, technology, best practices, and career development.

Issue link: http://digital.lpportal.com/i/1121134

Contents of this Issue

Navigation

Page 74 of 84

continued from page 72 continued on page 76 New Court Cases Show Liability for Security Lapses Can Go Beyond What Retailers Might Expect By Garett Seivold, LPM Senior Writer Three recent verdicts exemplify the importance of proactive security, as plaintiff's attorneys often find ways around efforts to limit liability. In one case, after an employee assault on a coworker, a retailer learned it must face a lawsuit without its insurance carrier. In another, a state Supreme Court issued a verdict that reflects a growing intolerance for employer security breaches involving employee data. Lastly, despite a favorable ruling in the US Supreme Court, retailers learned they can still be on the hook for time that workers spend in post-shift anti-theft security lines. Case 1: When Insurance Protection Fails When prevention fails, and workers are hurt on the job, retailers often hope to mitigate their losses through liability limits afforded under state workers' compensation schemes or company insurance policies. In many cases, they keep losses in check; but as a recent case in Texas suggests, protection sometimes has gaps. Workers' compensation usually provides employees an exclusive remedy for injuries sustained on the job, including injuries caused by on-the-job violence. Under certain circumstances, however, laws allow employees to sue their employers for injuries that were intentionally inflicted or due to the employer's negligence. Some of the possible legal rationales under which a retailer might be sued or face penalties for violence-related injuries sustained by employees include foreseeable violence, sexual harassment, negligent hiring, retention, training, and supervision. Kent Distributors, a convenience store chain in Texas, faces just such a lawsuit. A store clerk sued the retailer, claiming that another Kent employee from a different store attacked and sexually assaulted her while she locked the store at closing time. The worker alleged that Kent negligently hired, retained, trained, and supervised its employees; failed to identify the threat posed by the employee; failed to warn her of the threat; failed to correct the dangerous condition; and that she sustained physical and mental injuries as a result. Still, the retail chain probably hoped to limit financial harm from the incident. It had purchased two liability policies from United Fire and Casualty Company, a commercial general liability policy and a commercial liability umbrella policy. Hit with the lawsuit, the retailer turned to its insurer to defend it in court and to indemnify it under those policies. United initially agreed to defend Kent but later denied coverage and withdrew from the defense, asserting that the employee's claims against the retailer were excluded from coverage under both insurance policies. Kent then sued the insurance carrier. In its verdict in January, the Fifth Circuit affirmed that United had no duty to defend or indemnify the retailer in the lawsuit, agreeing with a Texas federal judge that the worker's claims fall within policy exclusions. The first, the Employer's Liability Exclusion, excluded coverage for an employee's "bodily injury" suffered during employment or while "performing duties related to the conduct of" the business. The second, the Texas Abuse or Molestation Exclusion, excluded coverage for molestation or actual or threatened abuse of anyone in Kent's "care, custody, or control," or arising out of Kent's negligence in the employment, investigation, supervision, or retention of the alleged assailant. The retailer tried to argue that the assaulted worker did not specifically allege "abuse" or "molestation" and that it was unclear if she had finished her work duties at the time of the attack. However, on both points, the Fifth Circuit court concluded that the facts alleged "unambiguously exclude coverage under Kent's insurance policies" (United Fire and Casualty Company v. Kent Distributors, Incorporated, United States Court of Appeals for the Fifth Circuit, Case No. 18-50134, Jan. 11, 2019). Case 2: An Employer's Duty to Protect Employee Data On the issue of data breaches involving employee data, several courts have held the risk of future harm is insufficient to give workers the standing to sue. This view has shielded employers from expensive class action claims in the past. However, a new ruling by the Pennsylvania Supreme Court suggests the tide may be turning in favor of employee victims. In Dittman et al. v. University of Pittsburgh Medical Center, the court reversed two lower court decisions and concluded that employers have an affirmative legal responsibility to protect the confidential information of their employees. The justices ruled that by collecting and storing employees' personal information as a precondition to employment, employers had the legal duty to take reasonable steps to protect that information from a cyber attack (Case No. 43 WAP 2017, Nov. 21, 2018). Some legal analysts suggest the case could be a watershed. "The Pennsylvania Supreme Court has drastically changed the data breach litigation landscape by holding that an employer has a common law duty to use reasonable care to safeguard its employees' personal information stored on 74 MAY–JUNE 2019 | LOSSPREVENTIONMEDIA.COM

Articles in this issue

Links on this page

Archives of this issue

view archives of LP Magazine - MAY-JUN 2019