The Germs that Kill Your Business

February 15, 2018

By Jim Malcolm, Enviro-Master Services of Denver  | Vendor Bylines —

This headline regarding the flu is alarming:

The Flu is Killing up to 4,000 Americans a Week (Bloomberg, 2/10/18)

Additionally, hepatitis A outbreaks in Colorado are also on the rise. This begs the question: is your restaurant protected from diseases that drive away customers and reduce productivity of your workforce?

Public restrooms harbor contaminants such as e-coli, salmonella, streptococcus, influenza, and staphylococcus, and these same restrooms are the distribution centers for the flu, norovirus, and hepatitis A, if not properly sanitized. The toilet plume, which sprays from a toilet when flushed, launches airborne bacteria across the restroom up to 20 feet. Obviously, the restroom requires attention to keep businesses out of the negative headlines.

Prevent the Spread of Disease

  1. Wash hands frequently – a must for employees!
  2. Add additional hand sanitizers to your restaurant
  3. Keep surfaces and door handles disinfected – applying a germicidal sealant is best practice!
  4. Schedule seasonal deep cleanings – especially during and after flu season
  5. Spray all restroom surfaces with a hospital-grade germicide. Remember the toilet plume? Bacteria and viruses are covering every surface.
  6. Be proactive and have a plan. Don’t hesitate to enlist outside help!

Stay out of the headlines by preventing the spread of disease at your restaurant!

Enviro-Master is the #1 trusted partner for restroom health and safety, as they provide comprehensive solutions to prevent the spread of disease and control odors. (303) 895-6422

E-submissions of injury data to OSHA — Who needs to do it, how and by when in 2018 (Hint: Caterers do but Restaurants do not)

January 24, 2018

Many employers are required to use OSHA’s Injury Tracking Application (ITA), which debuted in August last year, to submit their annual summary injury data. New Year’s Eve marked the revised deadline to submit 2016 injury data, and we want to remind you of 2018 deadlines to submit 2017 data.

By July 1 this year, employers with at least 250 employees must submit information to the ITA website from 2017 Forms 300, 300A and 301. By July 1, establishments with 20 to 249 workers in specified industries  (including Caterers) — ones with historically high rates of occupational injuries and illnesses — must enter data from form 300A. In 2019 and beyond, OSHA’s deadline for electronic submissions moves up to March 2.

How to submit data electronically
Electronic data submissions involve a five-step process:
1.  Launch the ITA application from the OSHA webpage.
2.  Create an establishment.
3.  Add 300A summary data.
4.  Submit data to OSHA.
5.  Review OSHA’s confirmation email.

The ITA website will offer three options for submitting data securely: enter data manually, upload a CSV file to submit single or multiple establishments at the same time or use an application programming interface to submit data from the employer’s automated recordkeeping system. The ITA website also will include reporting requirements, an FAQ section and a link for assistance.

Pinnacol resources
Pinnacol’s here to help. As a Pinnacol customer, you can use our OSHA Report Manager. This online tool helps your organization comply with OSHA’s electronic submission requirements and save time in the process. Use the OSHA Report Manager to generate your business’s OSHA 300, 300A and 301 logs. And now, to make submissions even easier, the OSHA Report Manager generates data in the OSHA-approved CSV file format. You can access this tool through Pinnacol’s policyholder portal or by visiting our OSHA recordkeeping webpage. There you’ll find a toolkit to aid compliance, OSHA 300 and 300A logs, and more. We invite you to contact your Pinnacol safety consultant or contact us on our Safety On Call line at 303.361.4700 or 888.501.4752. Pinnacol stands ready to assist your organization in meeting OSHA’s electronic submission requirements.

Here’s further information about the new federal rule from OSHA, as well as the federal register entry.

Trump administration may rescind rule
The Trump administration has taken steps to amend or even rescind OSHA’s electronic recordkeeping rule. And on Oct. 10, 2017, OSHA filed an update that it “continues to develop a Notice of Proposed Rulemaking to ‘reconsider, revise or remove provisions of the [rule],’” as announced in Pres. Trump’s First Regulatory (and Deregulatory) Agenda issued last July. Pinnacol will monitor these developments and apprise you of any changes. Currently, though, all elements of OSHA’s recordkeeping rule remain in effect, and employers should submit injury and illness recordkeeping data to OSHA as required.

Mistakes Restaurant Owners Make Related to Cyber Liability

October 25, 2017

By Jason VanGotten, Colorado Restaurant Insurance

Even with all the recent news headlines related to data breaches and cyber attacks, the likes of which have never been seen before, cyber liability is a relatively new area of risk that restaurant owners now face. As customer data continues to be obtained and stored by restaurants, the risk of a data breach inside or outside the restaurant continues to increase year over year. Malicious hackers typically steal credit card data from restaurants that accept cards by hacking into point-of-sale systems remotely and seeding those systems with malicious software that can copy account data stored on a card’s magnetic strip. Thieves then use that data to clone the cards and use the counterfeits to purchase high-priced merchandise, or put them up for sale in a so-called theft bazaar such as Joker’s Stash prior to the card-issuing banks cancelling them.


In the midst of this are some very dangerous misconceptions held by restaurant owners. These misconceptions keep them from taking necessary steps to better understand their cyber risk and coverage related to such vulnerabilities.


Consider these 4 Common Mistakes a Restaurant Owner Can Make in this area of risk management.


My general liability insurance protects me in the event of a data breach or cyberattack. Most restaurant owners purchase a general liability or businessowners policy believing their insurance agent has placed this as an optional coverage on the policy. But for now that is very rare. Even if it that were the case, the policy will only provide defense coverage for the insured, typically up to $25,000 to $50,000. Your general liability coverage lacks the breadth needed to properly protect the restaurant owner from the cyber liability losses. A stand-alone cyber policy provides the broadest coverage a restaurant owner needs for third party costs, data breach response, PCI fines levied from card services, notification resources, legal fee’s and forensic costs. Not investigating this closely is akin to leaving your restaurant door open when you leave at night, not a great strategy for ensuring the safety of your restaurant.


A stand-alone cyber policy will be unaffordable. Depending on your restaurant size and gross revenues, a typical restaurant owner can expect to pay between $900 to $3,000 annually for a stand-alone cyber policy. However, the risks of loss may be too great to ignore this protection, in particular your brand image after a data breach or cyberattack.


My IT company and firewalls installed will protect me. These entities have a service level agreement (SLA) with your restaurant. When was the last time you reveiwed your SLA? Many times these agreements do not protect you, the restaurant owner, instead it protects them from any involvment related to a data breach or cyberattack. Make sure you check your SLA and have a conversation with your IT company to see what they will do for you in the event of a data breach or cyberattack. Many times your employees pose huge risks to the safety of your cyber data, from opening suspicous emails, downloading malware or even losing smartphones with connections or memorized passwords. Remember that a data breach can also occur with employee records that are not well protected or disposed of properly.


My merchant services are protection enough. Again, there is a service level agreement between you and your merchant servicing company. While this may give a restaurant owner hope, chances are that you will ultimately be responsible for protecting your customer’s data as it passes through your IT systems. Therefore, you should consider the costs to your restaurant if your merchant services vendor does not agree, or points the finger in your direction for who is responsible.


A cyber criminal can strike with little to no warning, leaving the restaurant owner with tremendous clean up cost; from data recovery to rebuilding your restaurant’s brand reputation. An owner or manager can only do so much. The people that deal in the day-to-day operations of the restaurant also need to be aware of what to do and why to do it. As a restaurant owner you owe it to yourself and your employees to investigate this protection and risk before you decide not to worry about it. A restaurant owner must be deliberate and careful in purchasing cyber coverage. Specific risks must be understood and the appropriate coverage identified.

For more information pertaining to cyber liability coverage, please contact Jason VanGotten at

BREAKING NEWS!! New Ruling on Tips in Colorado!!

July 7, 2017

BREAKING NEWS!! New Ruling on Tips in Colorado!!

We recently became aware of a Court case decision that directly impacts the restaurant industry. It changes the rules on tips depending on if you take the tip-credit or not. Due to the complexity of this issue, it is important for you to read the ENTIRE story before acting. You may or may not wish to make any changes based on the information provided. However, if you do choose to make any changes, we recommend that you seek council prior to doing so.

On June 30, the Tenth Circuit Court of Appeals decided a case concerning tipped employees that sets a new legal precedent for employers in the State of Colorado. In Marlow v. The New Food Guy, Inc, the Court decided in favor of the employer, closing the door on claims that tipped employees have a “property right” to tips paid as a result of customer service, as long as the employer pays the employees FULL minimum wage or more. This decision rejects the Federal Department of Labor rule stating tips are the property of the employee and outside of a legal tip pool, the employer can’t direct where that money goes.

The CRA recently told me I couldn’t share tips with the back of house, why has this changed?

Last year, the Ninth Circuit Court of Appeals ruled in a very similar case (Oregon Restaurant & Lodging Association v. Perez) that tips were the property of the employee and outside of a legal tip pool, the employer couldn’t direct where those tips went. Additionally, the Court determined that tips could only be shared with regularly tipped positions and not the back-of-the-house staff, regardless of the hourly rate paid to tipped employees. Because this was the most recent ruling on tips and tip pools, the CRA and labor attorneys suggested following the Ninth Circuit’s decision.

What has changed is the fact that restaurants in Colorado (and several other states) are subject to the Tenth Circuit Court of Appeals and that Court has just handed down a new ruling disagreeing with the ORLA case. This new ruling changes how restaurants in Colorado may want to handle tips and tip pools.

What does this mean for restaurants in Colorado?

As long as tipped employees are paid full minimum wage (not tipped minimum wage) or more by the employer, the employer can decide how tips are distributed. This means that in Colorado tipped employees currently must make $9.30 an hour and $13.95 for overtime, or more (note- this rate will increase every January 1). If your tipped employees are paid at least this much, then you as the employer can decide how tips will be distributed and can share them with the back of house or managers, and the business can even keep some or all of the tips. Keep in mind, however, that we still have the requirement in Colorado statute, C.R.S. § 8-4-103 (6), allowing an employer to assert claim to, right of ownership in, or control over tips only if the employer posts a printed card at least 12 inches by 15 inches in size with letters one-half inch high in a conspicuous location at the place of business. The card must contain a notice to the general public that all tips or gratuities given by the patron are not the property of the employee, but instead belong to the employer. If the employer does not post a printed card detailing tip ownership as described above, the employer may not exert any control over tips designated for an employee under Colorado law. For those of you who do business over the phone or email, such as the catering business in the Marlow case, you may want to include this same notice in your catering agreements as well.

Is this permanent?

We don’t know. A group of restaurants and trade associations (including the NRA) have petitioned the Supreme Court to take up the ORLA case. This case now directly contradicts it. If the Supreme Court decides to take up this issue and rules in a certain way, restaurants will have to go back to only sharing tips with regularly tipped employees. Currently, it is not clear if the Supreme Court is even going to take up the case and if they do, it could be years before there is a ruling.

What do I need to do now?

For all of these reasons, you may want to take a more conservative, wait-and-see approach and keep your business model as is. However, some employers may want to adopt the above-outlined steps. This is the time for you to reach out to your business advisers to determine the best solution for you and your employees.

If you have any questions about tip pools, wage and hour issues, or questions about this new precedent, please contact Nick Hoover by email or call 303-830-2972.