Top Ten Tips for Terminating Employees

1.  Don't make snap decisions to terminate an employee.  Suspension is a better immediate response.

2.  Investigate the facts first. Don't rely on assumptions.

3.  Review the personnel file before a termination. Does the file (prior evaluations, warnings) support the decision?

4.  Review written policies. Is the termination consistent with policy? If not, does the policy need to be revised?

5.  Draft appropriate policies if yours are lacking.  Having a formalized procedure can be an important tool to help supervisors handle separations appropriately and consistently (but as with all policies include them in a handbook with an at-will disclaimer that the policy does not create a contract and can be changed.)

6.  Treat the employee respectfully during the process.  How the message is delivered can be as important as the message itself.

7.  How were other employees in similar circumstances treated? If they were treated differently, what is the objective and defensible reason for terminating this employee? Can the employee claim discriminatory treatment?

8. Document performance issues as they happen.  Progressive discipline is easier to defend then immediate and unsupported terminations.

9.  What is the employee's status? Has the employee recently taken a protected leave of absence or made a complaint that could be the grounds for a retaliation claim?

10.  Train employees on personnel issues, especially managers and supervisors.

More on Retaliation Claims

Not only the victims of alleged harassment or discrimination are protected for exercising their right to complain and be protected.  Employees who oppose such practices or participate in an investigation of a harassment or discrimination claim also are protected from retaliation for those activities.    The Equal Employment Opportunity Commission ("EEOC") recently filed suit against Sara Lee Corp. for firing an African American employee employed at its Houston facility who complained about allegedly discriminatory practices directed at her and other employees.  The director of the EEOC's Houston office commented, "Even if an alleged discriminatory action is found to lack merit, the EEOC will still hold employers accountable for any retaliation related to it."

An employee's stated dissatisfaction regarding diversity efforts alone, however, may not be protected activity.  For example, in Hood v. Pfizer, the Third Circuit held that an employee who asked at a meeting "why more wasn't being done to promote diversity within [his department]" did not complain about discrimination but rather expressed a generalized concern about the extent of his employer's affirmative diversity efforts.

As part of any investigation of a harassment or retaliation complaint, employers must ensure that the complainant and any employee participating in the investigation are protected from retaliation.  The best way to prevent retaliation is to keep complaints as confidential as possible - if managers and employees don't know about a claim, then they can't take an adverse action related to it.  While absolute confidentiality cannot be promised, only those with a need to know should be privy to a complaint.  In addition, once the complaint is resolved, even if it is determined to be without merit, as I stated in my last post - it ain't over.

It Ain't Over When It's Over



Employers who take an adverse action against a current employee who brought a complaint or participated in an investigation of a complaint by another employee may face a claim that such action was in retaliation for protected activity. Federal and state anti-discrimination laws prohibit retaliation against an employee for protected activity to the same extent as the harassment or discrimination itself.  An employee may even have a claim for retaliation where the underlying claim is resolved or unfounded.

In Burlington Northern v. White, the United States Supreme Court expanded the meaning of retaliation under Title VII in determining that the anti-retaliation provisions were not limited to those actions that affect the terms and conditions of employment. Rather, retaliation can include acts that go beyond those that are employment related, such as conduct by co-workers.

In a recent New Jersey state court decision, Fernando Roa et al v. LaFe and Marino Roa, the Appellate Division, consistent with Burlington Northern, held that the plaintiff could pursue his claims for actions that occurred after his termination ended. Specifically, plaintiffs alleged that their former employer unfairly claimed that the plaintiffs were dismissed for misconduct when they applied for unemployment benefits. In addition, Mr. Roa claimed that the company improperly cut off his health benefits, which he did not discover until after he left employment.

In addition to the conduct alleged in the Roa case, employers need to be careful of other post-employment conduct, such as negative references.

In light of the judicial expansion of the type of conduct that can constitute retaliation under anti-discrimination laws, employers who take adverse action against an employee who has complained about harassment or discrimination, participated in an investigation or engaged in other protected activity need to make sure there is no causal link. If an employee presents a performance, attendance or other issue, then managers should promptly and progressively discipline the employee and not expect to initiate such action about a prior problem following a protected complaint by the employee. Employers also should be aware of whether any employees slated for a lay-off have engaged in protected activity that could be the basis for a retaliation complaint. Such steps protect employee rights and protect employers from retaliation claims that ultimately may be more challenging to defend than the underlying harassment or discrimination allegations.

What Employers Can Do to Get the Laptop Back

If a departing employee refuses to return his laptop, in many states an employer cannot deduct the value of the laptop from the final pay, or at least without employee authorization.  And the laptop itself in many cases is the least significant aspect of the loss as documents, intellectual property and confidential information most likely went with it.

The Computer Fraud and Abuse Act (CFAA) may provide some relief.  In Lasco Foods, Inc. v. Hall and Shaw Sales Marketing & Consulting, 2009 WL 151687 (E.D.Mo. 2009), the court held that the employer satisfied the "loss" and "damage" elements of the CFAA by showing that the employees at issue refused to return a computer when requested and deleted information from the computer.  Significantly, the court noted that  "loss" within the meaning of the CFAA included the cost of investigating or remedying damage to a computer, and the cost incurred because service was interrupted. In this case, the employer had to conduct a forensic investigation to determine what was lost.

Under this decision, deletion of information from a single laptop could constitute damage under the CFAA.  Notably, the court did not consider the availability of the information elsewhere, such as on the company's network, as a factor.  Moreover, the Lasco court considered withholding the laptop to be an "interruption in service" under the CFAA because the company could not use its property.  Finally, the cost of hiring an expert constituted a "loss."

Under Lasco, the CFAA can be an effective way for employers seeking to retrieve laptops and confidential or proprietary information from departed employees.  


Are you safe from sabotage?

 The risks of employee terminations no longer end with a signed separation agreement and release. Now employee saboteurs can cause catostrophic damage weeks or months after discharge, even after they are off-site. Computer sabotage can destroy a business.

The “Lordstown Syndrome” of Today

 In response to a rigid system of quality control imposed by General Motors at its Lordstown, Ohio plant in the 1970’s, employees who perceived their assembly line work to be dehumanizing committed acts of employee sabotage on the assembly line that resulted in the manufacture of lower quality cars. This event gave rise to what is now commonly known as the “Lordstown Syndrome,” defined as acts of sabotage committed by workers who perform dehumanizing, monotonous work. Aspects of the syndrome include high absenteeism, low productivity, sabotage and wildcat strikes.

Employees can wreck havoc in many ways – damaging supervisors’ cars or personal items; damaging company property; arson; destroying retail merchandise; interfering with deliveries; failing to perform assigned duties or performing them improperly; damaging the company’s reputation – the list is limited only by the imagination of the employee. Dependence on computers, however, has raised the stakes to an unprecedented level, and in this area computer savvy employees can destroy a business without warning. In addition to the horrendous practical and economic consequences of computer sabotage, an employer can face liability for release of the confidential information of clients and customers and for failure to protect assets under the Sarbanes Oxley Act.

 Who is the Employee Saboteur?

Generally, the employee saboteur is seeking revenge for a perceived wrong inflicted on the employee, peers, or even society as a whole. Employees subject to performance warnings, demotion, or termination can be suspects. Employees who oppose the employer’s activities on philosophical or political grounds could also seek to commit harm. Unfortunately, an employee can be laying the groundwork for an act of sabotage, perhaps as insurance against the inevitable discipline or discharge, long before the employer takes any action against the employee.  

 Computer Sabotage

Employees can intentionally misuse or exceed an authorized level of network, system or data access in an unauthorized or illegal attempt to view, disclose, retrieve, delete, change or add information to an employer’s interactive systems. Employees can use techniques such as “data diddling” (alteration of data before or during its entry into the system); “piggybacking” (accessing the system without detection); “Trojan horses” (instructions imbedded in a program that carry out unauthorized functions); “logic bombs” (special programming instructions scheduled to detonate at a specified time); and, viruses.

U.S. v. Lloyd  is an illustrative case. Omega Engineering Corp. employed Timothy Lloyd as its only computer system administrator. The government alleged that during the course of his employment Lloyd was an uncooperative, obstructionist, and belligerent employee who had engaged in verbal and physical altercations with other employees. Witnesses testified that he repeatedly elbowed, shoved and bumped colleagues in the hallways. In May, 1995, because of these interpersonal problems, Omega transferred Lloyd to a non-supervisory position. Although the company characterized the move as “lateral,” Lloyd’s supervisor testified that the removal of supervisory responsibilities actually constituted a demotion. In addition, Lloyd’s percent increase and evaluation were lower than in prior years. In June, 1996, Lloyd instituted a policy requiring all employees to “clean-up” individual computers and save files to the file servers as opposed to their own back-ups. Shortly thereafter, concerned that access to the computer network was too centralized in Lloyd, the company directed Lloyd to provide access to three other management employees, but Lloyd never did so. Following another altercation with a co-employee, Omega terminated Lloyd’s employment on July 10, 1996.

On July 31, 1996, Omega lost more than 1,200 programs, some used to manufacture Omega’s specialized products, causing Omega a 9% decrease in growth and losses of approximately $10 million. Not one individual computer had back-up and the programs on the file server were deleted and purged and could not be retrieved. 

The government alleged that Lloyd sabotaged the network of Omega by planting a time bomb prior to his termination following his transfer/demotion and less than favorable performance review and raise. The government pointed to Lloyd’s level of access to the network; advanced computer programming skills; tests of the time bomb while Lloyd was present in the office; program and commands on Lloyd’s home computer hard-drive; acceptance of another position prior to his termination from Omega; and, threatening and boastful comments Lloyd made to co-workers prior to his termination. Lloyd was convicted on one count of computer sabotage in violation of the Computer Fraud and Abuse Act. The court sentenced Lloyd to 41 months in prison and fined him $2,043, 394 in restitution damages.

 An Ounce of Prevention

 Employers must take both legal and practical steps to prevent employee sabotage before it occurs.

Legal advice:

            °           Draft and implement policies that address the use of the internet; use of computers, information networks, and systems policies; and, use of passwords. Make sure employees understand the limits of their access and the employer’s right to monitor employee use. Obtain signed acknowledgements from employees.

            °           Include computer system use and confidentiality provisions in employment and separation agreements.

             °           Enforce contracts, agreements, collective bargaining agreements, policies and rules.

 Practical protections:

            °           Carefully screen applicants, particularly for computer or technology positions. Employers should be wary of applicants with a persecution complex or cause.

            °           Justice and fair treatment are important to employees. Equitable personnel policies, evaluation processes, progressive discipline, open communication with management, and employee assistance programs can give employees a voice. Job demands should be reasonable.

            °           Increased security measures should be implemented. Employers should:

                          -           Advise employees in writing, via policy, on-screen pop-ups, and/or agreement, that the employer monitors their activities and that their privacy rights in the workplace are limited. 

                           -           Take advantage of the monitoring rights permitted them and ensure that management is vigilant about employee actions.

                            -           Limit the personal items that employees can bring into the workplace (personal laptops, camera phones). 

                            -           Monitor remote access to a company’s system.

                            -           Use and rotate confidential passwords.

                            -           Limit access to the employer’s facilities and computers.

                            -           Include in job descriptions responsibility for all information with which an employee works.

                            -           Raise the computer sophistication of supervisors and managers. The computer savvy of employees often exceeds that of management.

                            -           Decentralize data and access.

                            -           Conduct periodic audits of computer accounts.

                            -           Improve computer security.

                             -           Protect the premises from physical attacks such as fire and floods.

            °           Train employees about the company’s policies on computer usage and confidentiality.

            °           Use a termination checklist for employees, temporary employees, and contractors to ensure that procedures are in place to terminate access to the computer systems and facilities.

            °           Consider purchasing Cyber Insurance.

Responding to an act of sabotage

Once the fox is in the henhouse, there are still steps employers can take against an employee saboteur.

°           Call law enforcement where appropriate. Law enforcement authorities can retrieve stolen property from employees, such as computers, discs and information stored on personal lap-tops. While the property will remain in police custody, it will not be in the hands of the saboteur.

°           Obtain and maintain evidence in accordance with the Rules of Evidence (use chain of custody forms, authenticate senders and recipients). 

°           Use computer forensic specialists to obtain evidence.     

Employers also can pursue the following causes of action.

The Computer Fraud and Abuse Act makes it criminal to access a computer without authorization and provides civil and equitable remedies to employers. Liability can be imposed for unauthorized access where the access results in obtaining something of value; causing damage; or, obtaining information. Employers can recoup losses suffered by the misappropriation of trade secrets and other proprietary information if their losses exceed more than $5,000.00 within a year. “Loss” is defined as “any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.” 

The Economic Espionage Act makes it a crime to steal or receive (including uploading or downloading) trade secrets. However, proof of this offense may require the employer to disclose the trade secret at issue.

Employers also may have claims under state computer laws.

Employers also can and should seek injunctive relief to prohibit the release of confidential information. Employers can enforce confidentiality agreements and other applicable restrictive covenants. Even in the absence of an employee agreement, employers can pursue claims for the breach of the duty of loyalty.


Employers must protect access to their assets as vigilantly as the assets themselves. Disgruntled or discharged employees pose a significant risk not only to co-employees, at times, but also to the entity itself. While legal remedies are available, they will not fix damage that is done.

This article was previously published in the Labor & Employment Law Quarterly, a publication of the New Jersey State Bar Association.

Frantic Fridays

TGIF? Not anymore.  For many employers, the end of the week means another round of frantic employee terminations.  Even in the face of sudden economic downturn, reductions should not be rushed.  Employers need a game plan for the implementation of a reduction of force.

  • How will the employer notify employees?  Individually? In a group? For one multi-state RIF, a major employer communicated the lay-offs via email, followed by in-person meetings.
  • The employer needs to be prepared with Separation Agreements and General Releases if applicable.
  • Employees need to be provided with information regarding benefit continuation.
  • In some states (such as California) employees must receive their final pay and accrued vacation pay at the time of termination.  In other states, such payments can be made in the next pay period.
  • Employees should return company property (keys, badges, cell phones, blackberrys, laptops) before leaving.
  • Arrangements should be made for personal property (provide the employee with a means of carrying personal items or make arrangements for pick up or delivery).
  • The employer must make sure that its Interactive Systems are secure.  The employer should cut off an employee's access to its computer systems before communicating a termination.  Savvy employees can cause significant and wide-reaching damage in a matter of minutes.
  • Likewise, the company should make sure its physical premises are secure.  Employers should advise receptionists or security of any entry or visitation restrictions on existing employees.
  • Employers should be prepared for media inquiries.  Public relations are key to a survival of a RIF in the public eye.