Maier Law Group
suji@maierlawgroup.com

Life Sciences Guide

Life Sciences Companies
Legal Compliance Checklist

Get set up to do business and be an employer in California

  1. File for an Employee Identification Number (EIN) from the IRS.

  2. Register with California’s Employment Development Department (EDD), and submit all their required forms. Details and links to forms are at: https://maierlawgroup.com/employment-law-guide-1

  3. Purchase a Workers’ Compensation Insurance Policy, and ensure it covers each of your employees as you hire them.

  4. Post California, federal, and local (if applicable) workplace postings in your office - generally available at the CA Chamber of Commerce ready-made.

  5. Find and hire a reputable payroll company (if your company does not handle this function internally).

 

Hire and manage employees and contractors

  1. Determine the positions you need to fill and draft detailed job descriptions that will remain on file. Make sure the descriptions are accurate and up-to-date (and truly reflect what the employee does) in case you are audited.

  2. Learn California wage and hour exemptions and carefully consider whether to classify various positions as exempt (overtime and meal and rest breaks are not required) or non-exempt; or employee vs. contractor. This is the area most litigated and audited in employment law.

  3. Draft or procure forms to be used in the hiring process, including an employment application, offer letters for various types of employees (e.g., exempt vs. nonexempt), independent contractor agreement, and confidentiality and invention assignment agreement.

  4. Establish an equity program to entice candidates, particularly if you need to offer below-market salaries.

  5. Report all new hires to the EDD.

  6. Provide new hires with an employee handbook and ensure that it contains all provisions required by law (some of which vary based on headcount and/or location). Make sure that employees sign an acknowledgment of having received the handbook and an individual acknowledgment of key forms, such as at-will employment, harassment policies, etc.

  7. Provide employees with all legally required forms upon hire, and make sure to obtain their completed W-4 and I-9 within 3 days of hire.

  8. Ensure that you are paying your employees correctly, since California has many requirements in this area, as do certain cities.

  9. Determine what non-mandatory benefits you would like to provide, such as paid parental leave or vacation time, and draft legally compliant policies (which should appear in your handbook and intranet).

  10. Ensure your company’s bonus or commission plans are in writing and otherwise comply with California law.

  11. Provide all trainings required by law or recommended for your industry.

  12. Devise a system for performance management and apply it consistently to all employees.

  13. Consult with an employment attorney before terminating employees, in case there is a hidden legal risk or certain layoff laws have been triggered.

  14. Draft or procure forms to be used for termination, especially so that you can get a release of claims in exchange for severance in higher-risk situations.

  15. Consult with an employment attorney when employees request accommodations, such as leaves of absence or special equipment.

  16. Make sure you are granting employees all required leaves and giving them paid sick time as required by state, and sometimes municipal, law.

  17. Read Maier Law Group’s employment law primer (a 5-10 minute endeavor) to get a sense of employment law in California, which is not intuitive! https://maierlawgroup.com/employment-law-guide-1

 

Protect the data of your company, clients, and employees

  1. Implement strong cybersecurity and data privacy policies and practices and ensure that they are followed. You should have a privacy policy to use externally on your website and another to use internally to establish company procedure regarding privacy.

  2. Contractually require your business partners to comply with the above policies.

  3. Draft a Nondisclosure Agreement (NDA) and have all employees and potential employees sign it (employee candidates should sign the agreement when they come on-site or are otherwise exposed to confidential information during the application process.)

  4. Routinely train your employees on cybersecurity and data privacy.

  5. Determine if and when HIPAA applies to you and your business contacts and ensure your practices are in compliance with all relevant requirements.

  6. Do not sign a business associate agreement (BAA) if you are not truly a business associate of a covered entity under HIPAA.

  7. Set up a bring your own device (BYOD) policy and ensure it is followed.

  8. If you are processing data in, or importing data from, another country, make sure you understand any legal requirements associated with the processing or importing of that data. This is especially important for clinical trials.

  9. If you conduct clinical trials in Europe, make sure your consent forms are General Data Protection Compliant (GDPR) and listen to MLG’s webinar on the Top 5 Data Security and Privacy Threats for Life Sciences. https://maierlawgroup.com/privacy-webinar

  10. If you conduct trials in Europe, or otherwise collect personal data of EU citizens, or have an office in Europe, make sure you are compliant with the GDPR. Again, this webinar will spell out most most of your obligations. https://maierlawgroup.com/privacy-webinar

  11. Read MLG’s Privacy Law primer to get a sense of global and local privacy laws and obligations, as well as top practices you should use at your company to practice good data security. https://maierlawgroup.com/cyber-security-and-data-privacy-law-guide

DISCLAIMER

This checklist has been prepared by Maier Law Group for general informational purposes only and does not constitute advertising, solicitation, or legal advice. If you have any questions about a particular matter, please contact Maier Law Group at (415) 737-5317 or info@maierlawgroup.com.