Exit Interviews
Exit interviews are generally conducted by companies when an employee is leaving. Some employers limit these interviews to employees who are resigning or retiring voluntarily, but some will conduct them for terminated and/or laid-off employees as well. The circumstances of the situation will likely dictate the appropriateness of an exit interview.
Typically, an exit interview can take two forms: face-to-face or a written questionnaire. Each has its own benefits and drawbacks. A face-to-face conversation may offer opportunity to delve deeper into topics and ask follow-up questions–but may also limit responses if the exiting employee is intimidated. Conversely, a written questionnaire may make the employee feel more comfortable and uninhibited but can also limit the amount and quality of information collected.
Finding the Value
Exit Interviews provide information in deciding how to improve the company to avoid turnover; there may have been issues with company policies, culture, personnel, management, or ethics that caused the employee to leave the company. Departing employees may even suggest process improvements or training tips to help the position function more smoothly in the future. Employees are often more likely to be candid in their responses on their way out because they no longer fear repercussions. However, if the company-employee relationship ended negatively, be mindful that the exiting employee may exaggerate or misrepresent their answers out of anger or disappointment.
Exit interviews are only as valuable as the company makes them. Many employers conduct exit interviews but do nothing with the information they gathered. For these interviews to be effective, employers must take action to correct or improve problem areas that have been brought to their attention. Analyzing exit interview responses as an aggregate rather than individually may make it easier to identify common areas of dissatisfaction.
Exit interviews can also uncover harassment or other legal concerns and allow the employer to take action before the former employee turns to litigation. If the employee perceives that his or her claim is being taken seriously and that action will be taken, the employee may not pursue legal action. Also, it is always important to fully document the interview and any steps taken thereafter in case the former employee does sue the company for any reason; the information gathered in the interview could possibly protect the company against the former employee’s claims.
Essential Questions
Having a structured set of questions allows you to compare different people’s answers against each other–but if the interview is face-to-face, remember to allow for flexibility and ask follow-up questions to ensure thorough answers. Here are just a few ideas for relevant and appropriate questions to ask:
- Why have you decided to leave the company? (If they left voluntarily)
- Have you shared your concerns with anyone in the company prior to this?
- Was one incident responsible for your decision?
- What did you like and dislike about this company?
- What did you like and dislike about your position?
- What would you change about either?
- How was your relationship with your manager/supervisor?
- What could they have done differently or better?
- Did you receive adequate training to do your job properly?
- Did you receive adequate feedback on your performance?
- Were your manager’s expectations of your position clearly articulated?
- Did anyone in this company discriminate against you, harass you or cause hostile working conditions?
- Would you consider working for this company again in the future?
- Would you recommend it as a good place to work for your friends and family?
- Do you have any other suggestions or recommendations for areas we could improve?
If applicable, consider asking questions about their perception of company culture, values, ethics, management styles, benefits, and any other relevant topics. For face-to-face interviews, explore their answers and ask follow-ups. Make it a conversation, not an interrogation.
Feedback Matters
Although the exit interview process can be valuable to employers, it should not be the only time employees are asked to provide feedback. The best way to retain employees is to make sure they remain satisfied and attempt to remedy any dissatisfaction before they decide to leave the company. Offer frequent opportunities for feedback through surveys, department meetings or suggestion forms.
HHS Reminds HIPAA Covered
Entities of Obligations
Following the ransomware cyberattack on Change Healthcare, the Department of Health and Human Services (HHS)’s Office for Civil Rights (OCR) has announced in a letter that it is initiating an investigation into the incident, given the “unprecedented magnitude” of the attack. As a unit of United Healthcare Group (UHG), Change Healthcare serves as a HIPAA business associate for health plans and health care providers nationwide.
The investigation will focus on whether a breach of protected health information (PHI) has occurred and on Change Healthcare’s and UGH’s compliance with HIPAA’s privacy, security, and breach notification rules. The letter does not mention that a breach notification report was formally filed. Typically, OCR enters into resolution agreements with business associates after there are allegations of noncompliance to ensure that they are protecting ePHI on behalf of covered entities by having both risk analysis and management plans in place.
According to the letter, “OCR’s interest in other entities that have partnered with Change Healthcare and UHG is secondary,” but OCR reminds these entities that safeguarding PHI is a “top priority.” The letter also reminds covered entities that engage with business associates of their regulatory responsibilities under HIPAA: ensuring that business associate agreements are in place, and that timely breach notifications are made to HHS and affected individuals. OCR also provides links to resources to help protect record systems and patients against cyberattacks, such as:
- sample business associate agreement provisions
- the OCR HIPAA Security Rule Guidance Material webpage
- a video on the HIPAA security rule and cyberattacks
- a webinar on HIPAA security rule risk analysis requirements
- the HHS Security Risk Assessment tool
- a fact sheet on ransomware
OCR urges covered entities to review cybersecurity measures “with urgency,” and has outlined in its latest report to Congress key areas of improvement for covered entities to focus on. This notice is a good reminder that covered entities, which include group health plans sponsored by employers, should address their due diligence process in selecting business associates as part of their risk analysis and risk management plans. This includes ensuring that contracts include appropriate provisions to safeguard ePHI. If a covered entity knows of a pattern of activity or practice of a business associate that constitutes a material breach of the contract, it may be obligated to take certain steps to cure the breach and, if those steps are unsuccessful, to terminate the contract.
In other words, it is important that plan sponsors consider the HIPAA compliance of vendors used in plan operation–and that such vendors are contractually required to maintain (or implement) appropriate HIPAA procedures.
What Happened to the ACA’s Insured Health Plan Nondiscrimination Requirements?
The Affordable Care Act (ACA), passed in 2010, contained provisions that would require insured health plans to satisfy non-discrimination rules. Do you ever wonder about the status of those rules, and whether employers sponsoring fully-insured plans must comply?
The ACA still includes that same provision for insured group health plans, which prohibit discrimination in eligibility or benefits in favor of highly-compensated employees (i.e., no management plans, no shorter waiting periods or lower cost for highly-compensated employees, etc). Those familiar with benefits compliance may notice that this provision is similar to those applicable to self-funded (self-insured) health plans under IRS Code § 105(h). The Code § 105(h) rules applicable to self-funded plans long pre-date the ACA, but do not apply to fully-insured plans.
Insured group health plans initially were required to comply with the ACA nondiscrimination rules for plan years beginning on or after September 23, 2010. However, the IRS announced in Notice 2011-1 that compliance is not required until the agencies issue regulations or other guidance regarding how the rules apply to insured plans. The agencies still have not issued such regulations or guidance, so sanctions for failure to comply do not yet apply for insured plans. It is unclear if, or when, those rules will ever go into effect. Nondiscrimination rules under Code § 105(h), on the other hand, continue to apply to all self-insured health plans, which includes level funded plans, health FSAs and HRAs.