| || |
What Is Cyber Insurance and Why Is It the New “Must Have” for Businesses?
If you’re like millions of business people, your usual Monday morning probably consists of starting up your computer, checking email, catching up on news and trends related to your industry, logging into systems, and getting a general lay of the land to plan out your week. If your typical routine doesn’t involve technology in some way, you are definitely in the minority. Technology is now a given for most businesses—we use systems and data without even thinking about it—which is why cyber insurance is a must to protect your operation from cyber incidents.
Imagine instead of settling into your Monday morning routine, your business encounters one of these scenarios:
- Everything has grinded to a halt because key systems you use to run your business have been compromised and locked by a cybercriminal demanding a ransom before they can be unencrypted.
- Your email account has been hacked and last week it was used to send phishing emails to internal employees and external contacts.
- An employee was tricked into sending all of your employees’ W2 information out to a cybercriminal.
- One of your vendors that has access to sensitive data of your clients has experienced a breach that appears to have included your data.
- Malware was discovered on your point of sale system and it appears credit card information may have been exposed.
- Several employees have had a type of malware on their systems for weeks that has been logging all keystrokes, including usernames and passwords.
These are just few of the most common scenarios, and chances are good that your operation could face some variation of these sooner or later. How can a cyber insurance policy protect you?
I’m not a big fan of using fear to motivate people into an action, but sometimes we need a little nudge. Cyber risk is abstract, and most of us haven’t experienced an incident. Every scenario is different, and it’s hard to predict what will happen when you experience a breach or attack. Because of this, even if you were able to predict the type of incident you are going to experience, it’s hard to know exactly how to respond.
This is where cyber insurance comes in. Most policies today are broad enough to apply to many of the most common incidents. Similar to your traditional business insurance, Cyber insurance pays claims. But even more than that, it is an essential element of your cyber risk management strategy. With the right cyber policy, you’ll have resources, experts, and guidance you can access right away if you find yourself in the middle of a cyber incident.
What does a good cyber policy include? There are four essential coverage sections, though not every cyber insurance policy will be organized exactly in this order.
Section 1. Direct Cyber Incident & Breach Response Expenses
If you experience a cyber incident, it will cost you money to respond. An essential part of any cyber insurance policy includes reimbursement for the following:
- Data breach coach expenses (a.k.a. data privacy/cybersecurity attorney)
- Cyber incident handling expenses
- Cyber forensics investigation expenses
- Public relations and crisis communication expenses
- Victim notification, credit monitoring, and other remediation expenses
Section 2. Indirect Cyber Incident and Breach Response Expenses
A cyber incident can impact a business in many different ways beyond your initial incident response costs. Reimbursement for the following indirect costs of a cyber event are typically covered:
- Lost income due to system disruption
- Lost income due to system disruption of a 3rd party cloud service provider
- Lost income due to reputation damage suffered after a cyber event
- Extra expenses to get back up and running
- Costs to restore data, systems, and technology
Section 3. Your liability to others for allowing a breach or incident to occur
If you fail to protect data entrusted to you by others; fail to stop the spread of a cyber-attack, post offensive/misleading or other defamatory content online; or don’t comply with a law, regulation, or contractual requirement; you could face legal costs and damages.
A good cyber insurance policy should cover all defense expenses, damages, fines, and penalties resulting from the violations, failures, and non-compliance mentioned above.
Section 4. Cybercrime
Cybercrime is on the rise, and criminals are consistently thinking of new strategies and exploiting new vulnerabilities to make stealing from businesses and individuals easier. Cybercrime coverage options typically include the following but coverage may be spread across a few different policies:
- Electronic Cybercrime—someone gains unauthorized access to a system through hacking and monetary theft
- Social Engineering Cybercrime—an employee is tricked into making fraudulent wire funds transfer, paying fake invoices, divulging back account and payment information, etc.
- Computing Resources Cybercrime—someone gains unauthorized access into a phone system or cloud account and fraudulently uses your resources resulting in costs.
When it comes down to it, cyber coverage is peace of mind in our turbulent, digital world. It won’t solve all of your cybersecurity problems, but when all else fails, or if you failed to prepare, it gives you a paddle as you are heading up the creek. If you have questions about how to protect your organization from a cyber incident, or would like to get a cyber insurance quote, contact me at email@example.com.
The post What Is Cyber Insurance and Why Is It the New “Must Have” for Businesses? appeared first on PSA Insurance and Financial Services.
Get Your Head in the Game: Six “How-Tos” to Create a Super Bowl-Winning Workplace Safety Culture
All around the country, cleats are hitting the turf as NFL players throw everything they have into drills and scrimmages at training camp. While you’re enjoying a baseball game, grabbing an ice cream cone, or relaxing at the beach, NFL players are training hard—why? Because you can’t stumble into winning the Super Bowl. The same goes for creating a best-in-class workplace safety culture.
When a Super Bowl-winning team is interviewed, are they ever completely shocked at what they accomplished? No! You never hear them say, “We don’t know how this happened. We practiced a few times, flew to the Super Bowl, got off the plane, played ok, and just won.”
Super Bowl teams win because they have a goal—win the Super Bowl—and they aggressively work towards that goal. Similarly, with workplace safety, we want you to have a goal of preventing serious and fatal exposures and work aggressively towards that goal.
But having a goal alone is not enough. You need to execute a winning game plan. Follow these six best practices to help you create a Super Bowl-worthy workplace safety culture for your organization.
Super Bowl winners make winning a value, not a priority.
Priorities change—values don’t! They practice relentlessly, even when they don’t feel like it or they are busy with competing priorities. Their core value is being the best at what they do every day.In the same way, make workplace safety a value not a priority. Don’t skip the practices. Yes, I know the bid must get out today, or the production line needs to be repaired, but canceling safety training, safety committee meetings, safety assessments, etc., when things get busy sends the message that safety is just a priority that can change, not a value that you live by. During my 30-year career I have never seen a company go out of business for being too safe. However, I have seen many go out of business for being unsafe because the importance of safety at their business wasn’t a value.
Super Bowl winners have coaches that constantly assess them.
Good coaches identify improvement areas and leverage each team member’s strengths.Use your safety coach to help you. This could be an internal subject matter expert or an outside safety consultant. Don’t forget that most major insurance carriers and leading brokers, like PSA, have professional safety people on staff to assist you. These services are usually included in your insurance policy, so use them.
Super Bowl winners are open to feedback.
Effective coaches tell players what they need to hear, not what they want to hear.Listen to the feedback from your workplace safety coaches. Combine your industry expertise with their safety management experience. Then, implement a team approach. Whether you have a safety director or an HR person with collateral duties as the quarterback of your safety team, they need everyone internally and externally working towards the same goal, workplace safety, to succeed.
Super Bowl winners work together as team on both offense and defense.
Nobody says “it’s not my job if someone else is making a mistake.” No one individual is perfect, but as team they execute perfectly.Develop both your offense and defense. Occupational safety and health offense includes performing assessments, listening to employees concerns, and implementing pro-active improvement efforts. Finally, form your defense. Are you prepared in case of a serious injury? Do you and your management team know what to do if OSHA shows up? Do you have a lawyer that specializes in workplace safety laws and OSHA matters ready to protect you if needed? Do you know how to manage the cost of claims by using early reporting and having strong return-to-work polices?
Super Bowl winners practice the basics over-and-over again.
If the play goes wrong, they have a back-up plan and know how to scramble out of a dilemma.Practice the basics of safety. Implement a workplace safety training process¾teach an employee how to safely perform a task, reinforce it, and teach them again. Coach them until they can complete a work task flawlessly and safely every time. Also, train them how to scramble if things go wrong! Providing constant training, feedback, coaching, and skills reinforcement will make your employees champions in workplace safety.
Super Bowl winners avoid injuries.
Star players are useless sitting on the bench.Finally, practice the steps above to avoid injuries to your key players. Injuries rob your company of profits, brand reputation, production, and morale. A healthy team is a winning team. You can’t win the safety game with a bunch of injured key players.
I know what you’re thinking right now, “Put me in coach—I’m ready!” Let’s work together to develop a playbook that leads to victory. If you’re ready to get into the Super Bowl-level safety game, give me a call at 443-798-7329 or email me at firstname.lastname@example.org.
The post Get Your Head in the Game: Six “How-Tos” to Create a Super Bowl-Winning Workplace Safety Culture appeared first on PSA Insurance and Financial Services.
Are Volunteers Covered Under Workers Compensation or Liability Policy?
Volunteers are an incredible asset to countless organizations and businesses, from schools and non-profits to eldercare centers and hospitals. According to the latest study by the Corporation for National and Community Service, about 77.34 million people volunteered through an organization last year. The cost-savings of using volunteers are substantial, adding up to an estimated value of $24.20 per volunteer hour, a recent study by Independent Sector found.
Did you know, though, that many businesses overlook an important question about working with volunteers?
Who pays the medical bills if a volunteer gets hurt?
Injuries to volunteers might not happen every day, but they do happen, especially in higher-risk workplaces like nursing homes, eldercare centers, and healthcare centers or in areas that involve activities like disaster relief, dining services, or running errands. Many business owners assume volunteers are covered under workers’ compensation or general liability insurance. Yet for the majority, that’s not the case.
How can you figure out if your volunteers are, in fact, protected? What steps can you take to protect them in the event of an accident or injury?
Don’t assume you have coverage under your workers compensation for volunteers.
When volunteers get hurt, owners and operators tend to think workers’ compensation insurance will pay for the medical expenses. The reality, however, is that since volunteers are not paid employees, they’re typically not covered under workers’ comp in most states or by most insurers.
Some companies add a voluntary compensation endorsement to their policies, without realizing that this only covers employees who are not covered by the workers compensation law, such as employees traveling overseas, domestic or farm workers, or sole proprietors or partners. Despite the misleading title, voluntary compensation endorsements do not cover volunteers.
Unfortunately, many companies don’t realize their volunteers aren’t covered until an injury occurs. And at that point, it’s too late. Don’t let that happen to you – be proactive and ask your insurance broker these workers’ comp. related questions:
- Do I have coverage under my workers compensation for volunteers?
- If they are covered, then to what extent? Where in the policy is coverage identified?
- If not, what are my options for adding coverage?
Know how your state’s workers’ comp regulations apply to volunteers.
States treat volunteers and paid employees differently, and for that reason, the workers’ compensation law for a given state and insurer policies must be reviewed carefully to determine whether a volunteer qualifies.
If a volunteer gets hurt while performing assigned tasks at your facility and needs medical attention, who will pay for the medical bills? The volunteer is not an employee, and the medical payments coverage under the general liability policy is likely not to pay.
Claims Out of Control?
Investigation to management and settlement,
we are here when clients need us most.
Understand what’s covered under general liability insurance.
Standard wording in general liability policies includes volunteers under the definition of an insured. What this means, though, is often misunderstood. If the volunteer causes an injury or property damage to a resident, patient, or visitor, the general liability policy would treat the volunteer as an insured and provide protection for claims made against them by those third parties. However, as an insured, the volunteer cannot make a negligence claim against another insured (i.e., the company). The volunteer also cannot typically collect benefits under the medical payments coverage available to third parties.
Again, if you work with volunteers, ask these general liability insurance related questions from your broker to get clarity:
- If a negligence claim is brought against them by a third party, are my volunteers protected under my general liability policy?
- How will my volunteers’ medical expenses be paid if they are injured while volunteering?
- What are my options for covering my volunteers’ medical expenses?
Find out if your volunteers have coverage elsewhere.
Many businesses work with unpaid student interns participating in a school approved internship, but who may or may not be covered by the school. Before you bring student interns on board, ask the educational institution whether coverage is provided if the intern gets hurt while volunteering — or causes someone else to get hurt. If the school is providing coverage, ask for evidence in the form of a certificate of insurance. Also make sure you understand the legalities of hiring unpaid interns. They’ve changed over the years, and new rules apply.
In many cases, the only coverage available to volunteer workers for accidents or injuries is the coverage their own insurance policies provide. These could be a personal auto policy or health insurance plans. Talk to them about the situation and encourage them to look into what’s covered on their own plans in the event of an injury. This will go a long way in building trust and demonstrating your concern for their well-being.
Explore your company’s coverage options.
If you work with volunteers on a regular basis, you likely value their contributions and want to protect them. But what are your options?
If your state or insurer covers volunteers under workers’ comp, then it’s a matter of determining whether the coverage has been endorsed to your policy.
If your state does not permit workers comp insurance to cover volunteer workers, then talk to your insurance broker about adding a volunteer-accident medical insurance policy designed specifically to pay the medical bills (or deductibles and co-pays if otherwise covered under another plan) if injured in their capacity as volunteers.
Another option to consider is having volunteers sign waivers and hold-harmless agreements so that they realize up front that you are not providing coverage, and agree to assume the risks themselves by obtaining their own or utilizing existing coverage. While this isn’t the approach most charitable organizations want to take, it may be the most prudent and cost effective.
Volunteers commit endless amounts of time, talent, efforts, and connections to a broad range of businesses and organizations. As such, they’re an important, special resource worth taking care of and protecting.
Weighing the options and determining the best fit for you isn’t easy. If you have questions or would like to learn more, my team of workers’ comp and liability insurance experts is here to help. Reach out to me at FGiachini@psafinancial.com.
The post Are Volunteers Covered Under Workers Compensation or Liability Policy? appeared first on PSA Insurance and Financial Services.
Employee Benefits Compliance Updates (Benefit Minute)
This issue of the Benefit Minute provides a recap of some recent regulatory activity affecting employee benefits compliance.
HSA Limits for 2020
The limits for qualified high deductible health plans (QHDHPs) and health savings accounts (HSAs) for plan years beginning in 2020 are set forth below.
For health plans that are not QHDHPs, the out-of-pocket maximums for plan years beginning in 2020 are $8,150 (individual) and $16,300 (family – must include an embedded individual out-of-pocket maximum not to exceed $8,150).
IRS Expands QHDHP Preventive Care List to Include Care for Chronic Conditions
Effective July 17, 2019, the IRS has expanded the list of preventive care benefits that may be paid by a qualified high deductible health plan before the minimum deductible has been met. These services/items relate to care for certain chronic conditions. The objective of this expanded preventive care list for chronic conditions is to eliminate financial barriers and allow individuals to actively manage their chronic conditions, thereby reducing the higher cost related to emergency room visits and other medical treatment that may result when they are not managed. The IRS used the following criteria to develop the list:
- The service/item is low cost;
- Medical evidence supports high cost efficiency of preventing exacerbation of the chronic condition or developing a secondary condition; and
- Strong likelihood, documented by clinical evidence, that for individuals prescribed the specific service/item, the service/item will prevent exacerbation of the chronic condition or the development of secondary conditions which would require significantly higher cost treatments.
The IRS has provided a list of the specific preventive care service/item and the required underlying diagnosis, which is set out below. This guidance only expands the preventive care definition for individuals diagnosed with the condition specified in the list below. It does not expand the preventive care definition to other services/items that may meet the IRS stated criteria of preventive care for a chronic condition. The IRS expects to revisit the list every five to ten years to determine if any changes are necessary.
This guidance does not impact the ACA definition of preventive care services that must be provided without cost sharing; therefore, participants can be charged a copay or coinsurance for the chronic condition preventive services/items. In addition, this expanded preventive care list is optional, not required. A QHDHP may choose whether or not to cover these items before the deductible has been met.
Update on Association Health Plan Regulation
In June 2018, the Department of Labor (DOL) issued a final regulation intended to make it easier for sole proprietors and small employers to join together via Association Health Plans (AHPs) and obtain health insurance coverage in the large group market, which generally imposes fewer coverage requirements and offers more economies of scale. The final regulation expanded the availability of AHPs by broadening the definition of employer under ERISA, thereby allowing more employers to participate in these arrangements. Almost immediately, 11 states and DC filed a lawsuit to invalidate the final regulation, arguing that it was detrimental to the small group and individual insurance markets. In March, a district court judge agreed, ruling that the new AHP regulation unlawfully expanded the scope of ERISA and was an “end run around the ACA.”
The DOL has appealed this ruling and has announced that it will not pursue enforcement action against existing AHPs that relied on the new rules as long as health claims are paid by the AHPs as promised. As of now, a date for the appeal hearing has not been scheduled.
Prescription Drug Rebate Proposal Withdrawn
The Trump administration has announced that it intends to withdraw the prescription drug rebate proposal that was announced on January 31, 2019. The intent of the proposal was to reduce incentives for drug manufacturers to continuously increase list prices, with the expected result of lowering out-of-pocket costs to Medicare Part D and Medicaid MCO consumers. The regulation was also intended to curtail the current practice of using rebates to negotiate favorable formulary placement. However, there was growing concern that the proposal would actually benefit drug companies, and the Congressional Budget Office projected that the proposal would increase federal spending by $177 billion from 2020 to 2029. It appears the administration will focus more attention on legislative action to control drug prices.
ACA Affordability Threshold for 2020
For plan years beginning in 2020, the required contribution percentage used to determine whether the cost of employee-only coverage is affordable has decreased to 9.78% of household income (certain wage-based safe harbors apply for employer-sponsored coverage). The affordability percentage for 2019 is 9.86%. If an Applicable Large Employer fails to offer affordable minimum value coverage to full time employees, the employer may be subject to an ACA employer shared responsibility penalty if one or more employees obtain subsidized Marketplace coverage.
The post Employee Benefits Compliance Updates (Benefit Minute) appeared first on PSA Insurance and Financial Services.