- Going into 2020, HR professionals are most concerned about complying with marijuana laws and keeping data secure, according to a new XpertHR survey released Jan. 16. Compensation, scheduling, leaves and employee handbooks are also areas of concern from a compliance perspective.
- Almost a quarter (24.6%) of the more than 700 HR respondents reported challenges relating to medical and recreational marijuana laws, along with managing employee drug use. This was a significant increase from the 5.7% reporting these concerns in 2017. The study press release noted that "[r]apidly changing laws create complications for employers who want to implement drug-free workplace policies, ensure employee safety and maintain workplace productivity."
- Survey respondents were also concerned about protecting confidential information and preventing data breaches. Nearly a third (29.8%) of respondents said they felt extremely challenged in these areas.
Given the wide array of state laws pertaining to medical and recreational marijuana use, as well as the fact that marijuana remains illegal at the federal level, it's no surprise that HR is experiencing compliance challenges in this area. The best course of action gets particularly tricky when employees use medical marijuana for an impairment that may be protected by the Americans with Disabilities Act (ADA).
Experts recommend that employers get up to speed on the medical marijuana laws that apply to their particular jurisdictions, review and re-think potentially problematic "zero tolerance" drug policies and focus more on unacceptable behaviors (such as performance, safety or conduct problems) rather than drug test results.
In terms of data security, while the XpertHR study found this to be a top concern for HR professionals, other research indicates otherwise. According to a new GetApp survey, two-fifths (41%) of employers don't train all of their HR staff on protecting employee data and only 19% revise their policy quarterly. More than a third of surveyed employers reported operating without a policy in place to protect employee data.
Employers may want to train HR on how to prevent cyber breaches, including employees' role in creating security risks. Willis Towers Watson research found that a significant majority (66%) of cyber breaches are caused by workers' negligence or malfeasance. And the breach risk increases when employees are allowed to use personal devices at work.