Job Descriptions Improve Your Company’s Ability To Manage Employees In Many Key Ways

A well-written job description will do the following:

Clarify expectations:  Employers need to spell out their expectations of what an employee should be doing on a day-to-day basis. Providing a clear description of tasks ensures that both employers and employees are on the same page and prevents misunderstandings of what needs to be done and when.

Provide structure:  Organizations must ensure that their needs are being met on a company-wide basis. Job descriptions provide the discipline and structure a business needs to make sure all necessary duties and responsibilities are assigned. They enable an organization to allocate and manage roles in a uniform way which increases efficiency and effectiveness of recruitment, training and development, organizational structure, workflow, and customer service.

Enable fair pay scales:  Most employers assign pay scales, or grades, to jobs. A transparent system which provides a “salary range” can ensure that those within the same, or similar, job functions are compensated fairly and logically across the board.

Identify skill sets and training needs:  Job descriptions can help employers gauge skill sets to understand who knows what, who doesn’t, and what types of training and development to provide employees. It can also be helpful in succession planning and career advancement for employees.

Set a standard for performance review:  Job descriptions allow employers to identify what has, and has not, been achieved since an employee’s last performance review. Many employers base merit increases on job performance linked directly to a job description as it provides objectivity for appraisals, performance reviews, counseling, and disciplinary issues.

A good job description is easy to create. 

In a nutshell: keep it simple, describe the actual duties, & leave it at that.

Consider the following task identified in a job description:Monitor office supplies and order replacements when stock runs low.There’s no room for interpretation of what’s expected in the above. Sadly, many employers try to wordsmith a bit too much and fall back on corporate speak to “jazz” things up a bit. 

Here’s another example of the same job description, but written differently:

Systemically integrate office material processes and facilitate cooperation and synthesis to achieve corporate goals. We’ve all seen job descriptions like this, and we should all agree that they are terrible. Using corporate speak simply doesn’t help anyone. Say what you mean and everyone will understand what’s expected. Also, keep job descriptions fairly generic so you don’t have to continually update them and the tasks described are general enough to achieve business needs.

The following tweak to our example would be entirely too specific: Monitor office supplies on Tuesday afternoon at 2 pm and order more when needed using Form Number XYZ and then submit to Mary Smith.As business attorneys, we can help you craft job descriptions that can benefit employees and the company as a whole – especially when workflows or processes change and a job description becomes outdated.

Our Strategic Partner this month is Brandon V. Woodward
Brandon V. Woodward is the founder and Managing Partner of Woodward, Kelley, Fulton & Kaplan, a business law firm with offices in West Palm Beach and Stuart. Brandon has more than 20 years of experience in business and corporate law. He and his WKFK partners offer legal services in the areas of: Business Law, Business Sales, Litigation, LLCs/Corporations, Asset Protection and Real Estate. He is also an Adjunct Professor of Business Law at Indian River State College, as well as a certified SCORE Mentor. Brandon and his family are proud “Hobe Sound Locals” and he enjoys golfing, cooking, and craft beers.

In Today’s business climate, business owners face many challenges on their road to success.

Containing costs while increasing profits is the formula for growth.

Developing a competitive edge takes a willingness to react to market conditions, modify business plans, and adapt to change.

Why then if the method is this simple, do so many businesses fail?

Employers spend up to 30% of their time and resources on the non-revenue aspects of their business, primarily in the area of employee administration and government compliance.

How would you like to have the advantage of your employees without having the headaches of employee administration!

Outsourcing your employee administration to a Professional Employer Organization (PEO), will relieve your company from the increasing liability associated with state and federal employment compliance regulations and you will be able to provide your employees expanded benefits that will increase your ability to hire and retain productive and dedicated personnel.

When working with a PEO, your company enters into a Co-Employer relationship. The PEO becomes the employer of record and is responsible for payroll and payroll tax compliance, workers compensation insurance, benefits administration, unemployment claims processing and other related administrative tasks. Your company remains the worksite employer and continues to retain day-to-day control and direction of the worksite employees, and you can focus more of your time on the bottom line. 

Working with a PEO becomes a one stop shop for your employee administration and the PEO will take care of your Payroll, Workers Comp Insurance, Benefits, Human Resources, Regulatory Compliance and ACA reporting. So what do they do for you in every area of your administration?

PAYROLL TAXES

Payroll has become a complex process which requires up to date knowledge of tax laws. Human Capital has both the technical expertise and advanced technology to meet your needs and reduce your overhead by relieving you of the unproductive burden of payroll. Human Capital will eliminate the hidden cost of compliance and the risks created by ever-changing regulation.

The PEO will prepare, file and pay your payroll taxes, issue payroll checks and direct deposits, provide unlimited reports, issue annual W-2’s, file new hire reports, process Garnishments and maintain compliance, track PTO and sick and vacation time. Provide 24/7 online access to payroll and HR data including insurance, 401K and PTO benefits. When it comes to time and attendance tracking, we can use your current system or set up a new system to streamline your payroll process and use this data to import your payroll and saving you time and money!

WORKERS COMPENSATION INSURANCE

Human Capital has a comprehensive workers compensation program, which includes Workers compensation insurance, claims administration and loss control. Included within our loss control services, we can provide onsite inspections, develop and implement safety programs, as well as provide assistance with federal and state OSHA compliance.

Human Capital’s risk management program provides their PEO clients with a multitude of services designed to prevent or mitigate their exposure to workers comp losses, leading to lower cost to the client and improved employee well-being and satisfaction.

Claims management and adjusting oversight, accident investigation, modified or light duty return-to-work programs, Safety program development and implementation, On-site hazard assessments, safety committee coordination, OSHA regulation and compliance assistance, job task analysis, worksite hazard training, Annual experience modifier analysis and audit and quarterly review of loss runs.

Pay-as-you-go workers compensation payments, based on actual payroll, paid with every payroll, with a PEO you have No deposits, No annual audits and No surprise lumpsums at the end of the year.

BENEFITS ADMINISTRATION

A competitive benefits program is crucial to attracting and retaining quality employees. Human Capital can provide a customized benefits program tailored to your specific needs at a competitive cost. Human Capital administers your benefits by collecting and remitting the insurance premium, coordinating enrollments and assisting co-employees with questions and concerns. Unlike other providers, our clients have the freedom to use their existing benefits, human capital sponsored benefits, or both.

Our benefit solutions include:

Medical/Health Reimbursement Arrangement (HRA), Health Savings Account (HSA), Flexible Spending account (FSA) & Medical and Dependent Care Reimbursement, 401K, Dental, Basic Life/AD&D, Vision, Short-Term Disability, Discount Dental & Vision, 24hour Accident Plan, Hospital Indemnity, Critical Illness and universal life coverage.  

HUMAN RESOURCES SOLUTION’S

Human Capital’s HR solutions are designed with compliance and efficiency in mind. We can enhance your existing HR department or help fill any voids that you may have. Regulatory compliance can be overwhelming. Which laws apply to your company? How do you comply? Our staff can assist you in your decision-making process.

Human resource database and employee file maintenance. Assistance with immigration and Naturalization Service compliance (including Form I-9 and E-Verify). Assistance with independent contractor issues. Administer unemployment claims. Legal research and dispute resolution assistance. Compensation administration and compliance with FLSA and state wage and hour laws. Guidance with general employment situations and concerns, such as EEOC, ADAAA, ADEA, FMLA and CRA. Sexual Harassment and discrimination training (employee and managerial). Assist with the development of policies, procedures and documentation for employees. Access to experienced professionals who will identify possible government incentives for your business. Potentially resulting in real savings and tax credits.

ACA Compliant Programs, Products, Technology, Training and Support. Human Capital’s ACA solution provides a comprehensive and affordable solution for all your ACA requirements. We know that employers will have varying levels of understanding when it comes to ACA regulations. That is why our team of ACA experts can customize and tailor a solution based on your needs. Our solutions were designed to assist employers in mitigating the risk of IRS penalties, accurately file the required IRS tax forms and maintain access and control over your employee data.

Minimum Essential Coverage (MEC) and Minimum Value Plan (MVP) health solutions options. E-File Services to IRS & Mail to employees. Eligibility Management. Real Time Risk Assessment reporting. Employee Hors and Status Tracking. 1095-C Offer Code & Safe Harbor Calculation. Dynamic Data Import.

Our Strategic Partner & author of this post this month is Michael Athmer !

Michael Athmer is multilingual with 35 years of International Sales and Marketing Management experience.

Born in Montreal, Canada and lived in Paris, France, Copenhagen, Denmark and The Hague, The Netherlands and moved to Florida in 2000.

Started an Insurance Agency in Florida in 2000 and later became Sales Manager for Southeast Employee Management Company. Worked as a Business Consultant for Progressive Employer Management Company and is currently Regional Manager for Human Capital Florida, providing Payroll, Workers Comp, Benefits and HR Services in Florida and 32 other states.

Michael is past President of BNI North Palm Beach, Past President of Toastmasters in Jupiter, Graduate of Leadership Palm Beach County Class 2006. Past Board member of Big Brothers Big Sisters of Palm Beach County, past Board Member of the Human Resource Association of Palm Beach County, past Chairman of the Board of The Hispanic Chamber of Commerce and past Board member of The Beyond Blind Institute. Michael is President of the Leadership Business Council and currently serves on the Palm Beach Public School Strings Foundation board.

He is also active with the Palm Beach Chamber of Commerce and Leadership Palm Beach County.

Michael is divorced, has a daughter Vivienne and lives in West Palm Beach.

Michael Athmer can be reached at 561-644-8315 or 888-736-9071.

Michael.athmer@human-capital.com 

It seems like we’re hearing about cyber-attacks every day. Over 70 million of Target’s customers’ accounts were compromised from their data breach. Home Depot admitted to having over 56 million payment card accounts put at risk after their cyber-attack. Sensitive information on 21.5 million people was stolen from the federal government’s background-check database and it’s believed that Equifax’s data breach could have put over 143 million consumers’ sensitive information records at risk. Human sacrifice, dogs and cats living together, mass hysteria (Bill Murray, Ghostbusters, 1984). It’s a bit much.

Cyber-Attacks are Costly to SMBs

It can’t just be ignored, however, because for small and mid-sized businesses especially, cyber-attacks can be very costly. How costly? According to the National Cyber Security Alliance 60% of small and mid-sized business that get hacked fail within 6 months (Galvin, 2018). That’s 6 out of every 10 small businesses, and with 1 in 5 small businesses falling victim to a cyber-attack each year (Bright House Networks Business Solutions, 2019) that’s a lot of blood, sweat, and tears’ equity lost each year. What’s more alarming is that according to Keeper Security’s 2019 SMB Cyber-threat Study, 60% of small businesses report that they don’t have any cyber attack plans in place (Lurey, 2019).

Is 88% Good Enough for Your Business?

That means that the majority of small businesses are choosing to accept at 12% failure rate per year (on top of all the other risks they already face). How comfortable would you feel about a plane ride or surgery with an 88% chance of survival? 

It’s serious and put into proper perspective, frankly terrifying. The problem can seem daunting and unconquerable which is perhaps why many small business owners choose to ignore it. But with a structured approach this is something that small businesses can get control of without having to throw tons of money at it (although if this is your preferred approach please see our contact information below – operators are standing by).

Cybersecurity 101 – The Biggest Bang for Your Buck

With apparently so much to cover, it can be difficult to know where to start and while each business is unique, ultimately the vast majority will be able to satisfy a good portion of their cyber-security woes with the following 6 steps. Additionally, many of these can be implemented without additional expense by leveraging systems and resources that are already in place.

1.      Adopt a Cybersecurity Framework

There are many (NIST, ISO, SOC2, etc.) but for small businesses especially, I prefer the CIS20 (which also happens to be a requirement if you do business in California).

As the name implies, the CIS20 (Center for Internet Security, 2019) is a set of 20 best practice controls. Each of these has multiple sub-controls requirements which depend on the size and scope of your organization. More boutique companies without highly sensitive data (such as those in healthcare or finance) have less requirements/suggestions than a larger company would.

What’s great about the CIS20 is that their core controls and subcontrols are easy to understand. Their structure also provides a great implementation roadmap with the first 6 being considered a must for every organization (what they refer to as “Cyber Hygiene”). As previously stated, each control also references the size of the company (called an “Implementation Group”) so each business knows what is most appropriate for them. Properly utilized, the CIS20 can help an organization get a structured handle on their current cyber-security situation and easily plan the next 2 or 3 years’ goals as well.

2.      Perform a Risk Assessment

Once you’ve decided on a cyber-security framework, your organization can conduct a thorough risk assessment to identify all the current risks (cyber-security related and otherwise) to the business. This will include a full inventory of all assets such as hardware (CIS Control #1) and software (CIS Control #2) used by the business.

This should also include an analysis of each risk’s impact to the mission, objectives, and obligations to the business and the likelihood that each risk will occur. Once completed, the organization can identify the most critical issues and appropriately allocate resources to resolve them.

It should also be noted that for most organizations (especially those in healthcare and finance) an annual risk assessment is a regulatory requirement. So not only will completing it get everyone at your organization on the same page and allow you to appropriate resources intelligently, it will also help your organization maintain regulatory compliance.

3.      Cybersecurity Policies and Procedures

A company’s policies and procedures allow the directors to communicate their vision and gets everyone in the company moving in the same direction. They also provide clear directions on how things should be done, and what steps to take.

Your policies should include incident response procedures (CIS Control #19), a business continuity and disaster recovery plan, and general workforce and security policies. Not only will this provide direction to your technical teams for how things should be done (CIS Control #5) it can also be used for your security awareness and training (CIS Control #17). They can also give clear goals and requirements for each position which increases the effectiveness and training of your staff for their actual job duties. Finally, policies and procedures are a regulatory requirement for practically every organization. They’re very important.

4.      Cybersecurity Best Practices Configuration

No doubt your organization is already utilizing multiple pieces of equipment and, if you’re like most other organizations, they may not be configured based on cybersecurity best practices. In fact, there is a good chance that there are at least a few devices still utilizing their factory default credentials.

You’ve already made the investment in the equipment you have so put it to work in securing your business. First ensure that no device is using default usernames or passwords and that administrative accounts are being used only when absolutely necessary, also remove those accounts that are not needed (CIS Controls #4 & 16). Then harden each device by removing unneeded services and ports, configuring firewalls, enabling audit logging, and blocking non-required connections (CIS Controls #6, 9, 11, 12, 15, & 16). This is an area that requires a very small spend (if any) and provides tremendous payouts.

5.      Backup Your Data

Hopefully you already are, but if not, be sure to set up both onsite and offsite backups. From step 2 above, you should have an inventory of all your critical data (CIS Controls #10 & 13). Be sure that you are backing up your critical data at the very least. You should also evaluate the need to keep backups of critical systems so should they fail, you can quickly bring them back online.

Proper backups will keep your business running from standard hardware failures, natural disasters, and equipment theft. They’ll also protect you from ransomware keeping your business from having to pay out costly ransoms.  Just like many of the other recommendations too, backups are typically a regulatory requirement, so they help keep you compliant.

6.      Remote Monitoring and Management Solutions

With reasonable cost, Remote Monitoring and Management (RMM) solutions can provide a host of benefits and satisfy multiple control requirements. Ultimately, they provide a centralized view of all your technical assets while allowing for centralized management. They can typically ensure that all systems are properly patched, properly inventoried, have appropriate security configurations, and considerably more. Some even provide enhanced security and auditing capabilities.

Properly implemented they can help satisfy practically every one of the CIS20 controls, and whether implemented in-house or with a third-party, they should be part of your security considerations.

Security is a Culture, Not a Destination

It’s scary out there, but not unconquerable. With proper attention and a structured approach, you can better protect your business. Additionally, with proper planning and implementation, your security program can not only provide greater insight into your business practices but help you to discover ways to improve your operations and maximize your productivity.

James Bowers II

James is a security and compliance architect with Input Output, LLC who focused on cybersecurity, regulatory compliance, and risk management solutions for businesses of all sizes. He has over 15 industry recognized IT and security certifications and collaborates with the Department of Homeland Security’s AIS and CISCP cybersecurity programs. He is also a member of the FBI Infragard cybersecurity collaborative program.

          Input Output, LLC
          www.InputOutput.tech
          844-InputOut (467-8868)

References

Bright House Networks Business Solutions. (2019). Why every small business should care about cyberattacks, in 5 charts. Retrieved Oct 2019, from Vox.com: https://www.vox.com/sponsored/11196054/why-every-small-business-should-care-about-cyber-attacks-in-5-charts#targetText=One%20in%20five%20small%20businesses,annoying%20to%20the%20deeply%20destructive.

Center for Internet Security. (2019). CIS Center for Internet Security. Retrieved Oct 2019, from cissecurity.org: https://www.cisecurity.org/

Galvin, J. (2018, May 7). 60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack. Here’s How to Protect Yourself. Retrieved Oct 2019, from Inc.com: https://www.inc.com/joe-galvin/60-percent-of-small-businesses-fold-within-6-months-of-a-cyber-attack-heres-how-to-protect-yourself.html

Lurey, C. (2019, July 24). Cyber Mindset Exposed: Keeper Unveils its 2019 SMB Cyberthreat Study. Retrieved Oct 2019, from KeeperSecurity.com: https://keepersecurity.com/blog/2019/07/24/cyber-mindset-exposed-keeper-unveils-its-2019-smb-cyberthreat-study/

Verizon. (2019, May 19). 2019 Data Breach Investigations Report. Retrieved from Verizon.com: https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf

John Dalton, Owner of Optimum RTS would like you to join him and James F Bowers, Security & Compliance Architect, at the UCaaS “Communications for Better Patient Care and HIPPA Management” Complimentary Luncheon and Conversation Event! Looking for a clean bill of health regarding HIPAA? Are you interested in improving your patient’s experience while making communication easier and cheaper? Join RingCentral and Input Output at the Marriott in West Palm Beach for lunch and a conversation about the salutary benefits of UCaaS for the healthcare industry.

While you’re there, you’ll be entered in our raffle, with a chance to win a $200, $300 or $500 Visa gift card!

Spots are limited! PLEASE REGISTER TODAY!