Physical security remains a big deal across many industries, providing protection and peace of mind. Physical security is about risk management and creating ways to promote resilience in any workspace. Most people don’t know all the detail and care that goes into managing physical security companies. For these organizations, it’s not just about having the right people but also complying with numerous standards set by the government.
Accountability and Documentation
When it comes to HR compliance, many physical security companies suffer fines and setbacks because of a lack of preparation. The way to circumvent this starts at the very foundation. The company policies should detail all information about the business practice securely. That also means understanding who accesses this information and what they do with it.
Once rules are in place, the information must spread to the workforce. They must be informed of and study any new processes.
From here, the biggest issue that often comes with auditing is a lack of compliance with record-keeping laws. There are three privacy and record laws that every physical security company should keep:
This applies to their company and the businesses they partner with. Each member must practice care in avoiding leaking sensitive information about associates. These laws state how to document information and how long the company should keep them. For example, if a company deals with security for the disabled, the ADA dictates that they have medical information separate.
The job of the HR team here is to ensure that everyone understands these standards and applies them. If someone violates them, they should take the appropriate action to remedy the situation.
Healthcare Benefit Compliance
A major step in maintaining compliance within the physical security sector comes down to the actual benefits offered to guards and company employees. According to Todd Bellistri President and CEO of August Benefits, Inc, classifying employees properly as full-time, part-time, or contracts is a key first step in maintaining healthcare benefit compliance.
According to the IRS guidelines and the Affordable Care Acts’ (ACA) Employer Shared Responsibility (ESRP) – also referred to as the Employer Mandate - Applicable Large Employers (ALEs) must offer affordable health benefits which meet certain coverage standards to its full-time employees. The offer of health insurance must occur at least once each year.
A full-time employee is an individual who is hired into a position (or promoted to such position) whereby the expectation is that the individual will be employed on a full-time basis – working at least 30 hours per week. The full-time employee may be paid a salary or on an hourly basis – and the employer has no need to track hours for this employee because this is a designated full-time position. Additionally, because this employee is hired into a designated full-time position, the ACA requires such employee to be offered health benefits no later than 90 days upon hire or eligibility. In many security organizations, approximately 10-15% of the workforce will be considered designated full-time employees – these individuals typically comprise the operations and management team.
A part-time employee is an individual who is hired into a position whereby the employer cannot make a reasonable determination if that individual will work 30 or more hours per week during their employment period. The part-time employee is typically paid on an hourly basis and will have varying shift schedules. For these part-time employees (also referred to as variable hour employees) – the ACA allows for an employer to evaluate and monitor the hours worked for a duration ranging from 3 to 12 months in length. This duration is referred to as the look-back / measurement period (LBMP). During the LBMP, the employer is not obligated to offer health benefits. If the employee averages 30 or more hours during the LBMP – and is still employed at the end of the LBMP – the employer will then be required to offer health benefits for the following period – known as the coverage/stability period. These part-time employees are then considered calculated full-time during the coverage/stability period.
A Clear Security Process
Physical security companies are there to minimize the risk of internal and external security issues. One of the biggest adjustments companies make is the popular hybrid work setup many have adopted. They must take measures to ensure that the workplace is secure and account for the employees and their location.
Much of this is new, and many companies are still adjusting to how they’ll deal with staff members in other locations. For the most part, companies will only need protection in the office space, but that may soon change.
One of the biggest things necessary for auditing is detailing all the procedures that come with physical security. Complete information will help prevent any issues that could derail a company’s work. Some of the information that should be in documents include:
- Policies and procedures in and out of the workplace
- Clauses in employment contracts
- Crisis management
- Contingency plans
- Workplace violence prevention procedures
- Information on security systems
- Other documents relevant to a company’s physical security
An HR team should know and understand all these procedures. At the very least, they should know where to access information as it can get overwhelming. That way, they ensure compliance even if someone comes knocking.
Applying Physical Security Laws
One of the biggest concerns when maintaining a physical security company is adherence to laws. There are many to look out for, and they update regularly. There may be some additions that come with lawmakers passing ordinances that change how these systems work.
For example, if the company deals with construction or maritime, they may need to apply the OSH Act of 1970. The OSHA has standards for training, record-keeping, and reporting. Other laws that the company may need to consider include:
- State and federal wire-tapping laws
- Fair Credit Reporting
- Individual privacy rights
- State-specific privacy rights
While companies are eager to ensure that their clients have the most protection, there are limits. These laws dictate what is acceptable and not in today’s society. HR must remain vigilant in assuring that these practices are in place. Every new client will have a new set of rules to adhere to.
All in all, maintaining these things helps when you need it the most. You won’t have to worry about violations during auditing or any other examination.
The Consequences of Not Maintaining Compliance
We asked Mr. Bellistri about the worst compliance situation he’s seen within the physical security sector, and he offered a horror story scary enough to set any business owner on the right path to compliance:
Security Company (real-life case) – 600 employees
- Did not offer affordable, adequate coverage (offered MEC only)
- Classified all employees as full-time and offered MEC coverage immediately upon hire (their health broker advised this was the easiest way to go)
- Did not implement a LBMP
- Did not train internal team regarding the basics of the health plan nor ACA compliance (even management was not informed)
- Failed to furnish Form 1095-C to its employees each year (6 failed years)
- Failed to file Forms 1095-C and 1094-C with the IRS each year (6 failed years)
- IRS letters were sent to the employer, yet never routed to management (someone thought junk mail?)
- Employer has hired legal and tax counsel in efforts to abate ESRP penalties exceeding $2M.
The Bottom Line
Physical security is increasing in demand with all the violence that has occurred in recent years. Even with the changes that came from the pandemic, there is no room to be aloof about compliance. It is not only the responsibility of the HR team but also all employees under the company. All of this can affect the earnings they get and the company’s overall profit.
Knowing and applying can be a big step, but it is something you cannot rush. Consider each aspect and adjust to ensure HR benefits compliance. Rather than trying to handle handle these situations yourself, consider working with a company like August Benefits, Inc to assist with your benefits compliance.
Todd and his team can help you with:
- Applying an appropriate employee classification methodology (designated full-time and part-time classifications)
- Selection of appropriate look-back/measurement period for variable shift/hourly guards
- Simplification of a time-consuming, costly and risk prone process.