Safety Focused Newsletter: September 2018

Staying Safe When Traveling for Work

Many jobs require employees to travel for work, sometimes even abroad. While this can be a fun experience, staying safe can be much more difficult if you are in an unfamiliar area. To keep yourself safe when traveling for work, remember the following tips:

  • Familiarize yourself with local customs and laws, as you are subject to them while traveling.
  • Avoid hailing taxis on the street when possible. Instead, have your hotel’s concierge service book a reliable driver or car service for you.

Research is essential when it comes to ensuring a successful business trip and maintaining your safety.

  • Keep hotel doors and windows locked at all times. When you arrive, and any time you leave and return to the room, make sure the locks are working.
  • Ensure that your room has a working peephole and use it to verify the identity of anyone visiting your room. If an unexpected visitor claims to be a hotel employee, call the front desk to confirm.
  • Take photos of important documents and information, like your passport and driver’s license, and leave copies at home.

Research is essential when it comes to ensuring a successful business trip. Planning ahead and remaining vigilant can make all the difference.

Ways to Communicate with Peers You Disagree With

In your professional career, you’re bound to have to work alongside people you don’t agree with. For some, this can be a source of stress, particularly if you have to go out of your way to keep the workplace relationship civil.

In these situations, it’s important to know how to interact professionally. Not only will this display a high level of maturity to your co-workers and managers, but it can also help you avoid making a bad situation worse.

To work with peers you disagree with, do the following:

  • Listen more than you speak. Diversity of opinions is important, and allowing yourself the time to process what another person wants can help you understand where they’re coming from.
  • Think before you respond. Choose your words carefully when responding to something you disagree with. Doing so ensures that you can justify your arguments in a sincere, respectful tone.
  • Try to find common ground and avoid dragging others into an argument.
  • Avoid personal insults. Discussions should be civil and focus on workplace issues.
  • Ask questions. Sometimes disagreements come from a lack of understanding. Asking questions in a friendly tone can be a good way to steer a conversation into a more positive direction.

Working with people you disagree with can be difficult, but it’s an important part of most jobs. If you are concerned that you and a peer will never get along, consider speaking to a supervisor.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter


Identity theft protection benefits and the business case for employers

According to SANS Institute, it can take up to 200 hours of personal time to resolve issues related to identity theft. With the rise of identity theft in the news, many employees are looking to their employers to provide identity protection benefits. Read on to learn more.


With identity theft in the news constantly, many employees are turning to their employers to ask for an identity protection benefit.

Let us focus on productivity and wellness. Identity theft can wreak havoc on an employee’s personal and work life. According to SANS Institute, it takes an average of six months and up to 200 hours of personal time to resolve issues related to the theft. This includes hours calling banks, credit card companies, filing police reports, notifying the Social Security Administration, and alerting credit bureaus. Most of these calls and follow up activity must be made during business hours. According to ITRC’s latest study, 22% of respondents took time off of work when dealing with issues of identity theft.

Identity theft also impacts wellness and mental health. According to the ITRC study, 75% of respondents reported that they were severely distressed by the misuse of their information, and many sought professional help to manage their identity theft experience — either by going to a doctor for their physical symptoms or seeking mental health counseling.

These findings make it clear that identity theft directly impacts productivity and wellness. That is why comprehensive and compassionate restoration services should be a key element of any ID Protection plan offered by the employer.

Restoration services are the fixers in a comprehensive identity protection plan. For victims of identity theft, the restoration specialist will do the required work to restore the victim’s identity. Specialists make the calls during business hours, complete the necessary paperwork, and manage the process. They free up the employee to focus on their job, and alleviate the stress of dealing with the challenges of identity restoration.

There are a range of features to look for when evaluating restoration services across plans. Some plans only offer advice and information kits to guide members on what steps they need to take. Those services typically do not do the work for the member.

For plans that provide a full restoration process, consider if the plan provides victims with a dedicated restoration specialist as a single point of contact. Since the restoration process can take months or years, it’s best if a victim has a consistent person to speak with who knows the case and can provide periodic updates. Restoration services should be available 24/7 so victims can initiate the process immediately to lessen the damage. Plans should also provide multilingual specialists to best serve all members and handle all types of identity theft.

Although monitoring may alert individuals that are a victim of identity theft, the even greater value is in fixing the situation. Be sure to fully evaluate the restoration features of an identity protection plan as part of the selection process.

SOURCE: Hazan, J (31 August 2018) "Identity theft protection benefits and the business case for employers" (Web Blog Post). Retrieved from https://www.benefitnews.com/opinion/identity-theft-protection-benefits-and-the-business-case-for-employers


Construction Risk Advisor - August 2018

SUCCESSFULLY DEPLOYING NEW TECHNOLOGY

Choosing new technology can be difficult for construction companies. It is easy to get caught up in the wow factor of technology and lose sight of what you’re hoping it will improve. Without a plan in place for deployment, you may be wasting your investment.

Before seeking out new technology, consider ways you can improve your processes. After improving your processes, you can identify gaps that new technology can address. No amount of technology will help if your processes are what need to be fixed.

There’s strength in numbers, so involve key employees early in the process. This is also a good time to identify potential leaders within your organization.

In fact, a recent McKinsey & Company study found that companies that invest in developing leaders during an organizational transformation are about two-and-a-half times more likely to be successful with their changes than firms that did not make the investment.

Those leaders can become champions for the technology who, in turn, empower the end user and help the technology do what it was intended to do.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download full newsletter

HOW TO ATTRACT MORE WOMEN TO CONSTRUCTION

Women only make up 9 percent of the construction workforce, according to the National Association of Women in Construction. That statistic highlights the fact that both parties are missing out on opportunities for a lucrative partnership within the industry.

Despite the lack of gender diversity, women have the potential to earn about 95.7 percent of what men make. Although it isn’t ideal, it beats the nationwide average of 81.1 percent across all industries.

Construction companies also benefit from hiring a gender-diverse workforce, as they’re 46 percent more likely to outperform the industry average, according to the Peterson Institute. But getting women interested in the industry can be a challenge. Here are steps you can take to attract and retain more women:

  • Create an inclusive work culture that values men and women equally.
  • Remove gender-biased words from job descriptions and involve female employees in the recruitment process.
  • Adopt benefits and work policies that promote a work-life balance and are family-friendly.
  • Create a diversity council with representatives from a mix of genders, positions and backgrounds.

Addressing the gender gap is an important step toward encouraging diverse talent to enter the construction industry. For more information on attracting and retaining a diverse workforce, contact Hierl Insurance Inc..


Safety Focused Newsletter - August 2018

Lower back injuries caused by improper lifting are some of the most common work-related injuries.

Safety Tips for Proper Lifting

Lifting is a common activity in the workplace—an activity that can be potentially dangerous if the proper techniques are not used. In fact, lower back injuries caused by improper lifting are some of the most common work-related injuries.

In order to protect yourself when lifting heavy items in the workplace, do the following:

  • Look over the load. Decide if you can handle it alone or if you need assistance. When in doubt, ask for help. Moving an object that is too heavy or bulky can cause severe injury.
  • Clear away any potential obstacles before carrying an object.
  • Use good foot positioning. Your feet should be shoulder-width apart.
  • Bend your knees. Bending over at the waist to reach for an object you want to lift puts strain on your back, shoulder and neck muscles.
  • Keep your arms and elbows as close to your body as you can while lifting.
  • Use your feet to change direction. Don’t twist your body.

Responding to a Workplace Accident

Accidents in the workplace can occur without warning, and it’s important to respond quickly to help those in need. In some cases, supervisors may not be around to provide the proper response guidance, and it’s up to employees to take action.

The following are some general tips to keep in mind if a co-worker is involved in a workplace accident:

  • Take control of the scene and try to restore order.
  • Call for emergency services if needed. Provide any immediate first aid, if you are qualified to do so.
  • Protect co-workers from potential secondary accidents. You can accomplish this by dismissing unnecessary personnel and denying access to the area.
  • Identify people at the scene. If they witnessed the incident, be sure to make a note of their names, as they can provide a report on what happened at a later date.
  • Notify upper management of the issue.
  • Do not put yourself in harm’s way.

Following an accident, follow up with your supervisor to ensure the appropriate paperwork is completed. Supervisors may require you to file an accident report or further detail what happened.

If you have any ideas of how the accident could have been avoided, share them with your supervisor or at a safety meeting. If your workplace does not have a first responder program in place, it may a good idea to suggest it to your employer.

Trained first-aid responders can provide immediate care to workers who become ill or injured on the job. The quick response and training of these individuals can make all the difference following an accident.

Common First-Aid Kit Supplies

  • Sterile Saline Solution
  • Antibiotic Ointment
  • Gauze and Wraps
  • Scissors
  • Tweezers
  • Disposable gloves
  • Asprin

Newsletter Provided by: Hierl's Property & Casualty Experts

Download full newsletter


Meeting cybersecurity risks head-on: A guide to breach preparedness

How would you manage a data breach? No company is immune to cyberattacks and data breaches. Read on to learn how you can prepare your business.


Gauging a company’s true data breach risk from the outside is a difficult endeavor for insurers, with challenges both technical and informational. But even less attention has been paid to how companies would manage a breach if it happened, which has an enormous impact on the toll of the final damage.

See also: Analyze Your Risks with Hierl's Cyber Security Advisors

No organization is immune to breach. If the National Security Agency can lose data, anyone can lose data, yet the scope of the current issue is still astounding.

According to another insurance company's 2017 cyber readiness report, 72% of large U.S. businesses — nearly three out of four — and 68% of small- and mid-sized businesses — about seven in ten — reported cyber incidents in the previous year. Among these, close to half (47%) experienced two or more cyber incidents during that same time.

The largest breaches, affecting big-name companies like Equifax, Target, Home Depot and many others, drew substantial headlines because of the huge number of identities involved. But almost every business holds some sensitive information, either regarding its customers or its own intellectual property, finances or employees. In fact, smaller organizations often lack the internal resources to dedicate towards preparedness, making them very attractive targets for hackers.

Assessing the threats to your business

The first challenge with measuring a company’s risk exposure relates to the industrywide problem of tying compliance and policy to actual security. A company may have checked all the right boxes on paper, but doing so guarantees little about their actual cyber risk position.

The second issue is that people often matter much more than technology.

The public conversation focuses on high-profile hacking events, but data breaches are even more likely to be the result of internal issues, including breakdowns in training, procedure or plain old mistakes.

The overwhelming majority of all cyber attacks are successfully executed with information stolen from employees who unwittingly give away their system ID and access credentials to hackers or provide a gateway via a malware link embedded in some form of communication.

One of the most important components of an effective data breach readiness program is mandatory and frequent training to remind employees about the importance of security awareness.

See also: Your Cyber Liability Policy & Handling Data Breaches Like A Pro

Education information security best practices can help arm a team against threats such as phishing, man-in-the-middle attacks, malware, and ransomware, substantially lowering the long-term risk.

An accurate understanding of a company’s sector-specific risks is another important point of departure in corporate cybersecurity. Healthcare employees, for instance, need to be especially on guard for EHR-related attacks and RDP server breaches, like the ones instigated by the SamSam virus (which took down Allscripts last month).

Other industries are more vulnerable to loopholes in common business apps; still, others are more frequently victims of point-of-sale malware or e-mail phishing scams. Once businesses understand where and how they are most likely to be targeted, they can begin providing training that takes into account the need for added vigilance in these specific areas.

The final challenge in correctly identifying breach risk involves understanding the extent to which recovery costs can vary. Discrepancies in cost depend not only on the severity of the breach, but also on how well the organization responds. Globally, the average cost to recover from a security breach is $158 per impacted individual, but that varies from of $60 to $400 per person.

While more companies than ever before are now either considering or have taken out some form of cyber insurance, this should not be considered an unloadable risk. Smart organizations are increasingly focusing on proactively identifying data breaches and preparing to efficiently react to them in advance of a data breach crisis.

Proper preparation means more education

The most devastating impacts of a data breach can only be avoided by coupling breach awareness and prevention efforts with readiness and response planning ahead of a cybersecurity incident.

Comprehensive breach readiness plans break down both pre-emptive and retrospective action steps by department: it’s sensible, for example, to task IT personnel with monitoring cloud connectivity and identifying network loopholes while entrusting financial staff with detecting suspicious activity along company bank and credit accounts.

Customer relations experts and account managers, on the other hand, are likely the best resources for overseeing client communications during and after a data breach, helping to re-establish trust and informing their consumer-facing workforce.

Here, inter-departmental communication is paramount: all workers should understand how and to whom they are to report possible breaches or scams, and when such breaches occur, the entire company should know what to expect employees in every department to do next.

Even for the most cyber-savvy corporations, however, internal resources alone are not enough these days. Outside resources are often critical to mitigating the threat of cyber attacks; Stop them once they start and restore company functions in a breach’s aftermath.

Establishing relationships and negotiating agreements with external subject matter experts is better done far in advance of an actual data breach. Contractual terms can be negotiated without the chaos and urgency of a crisis situation. The same is true for interfacing with law enforcement and regulatory agencies.

Knowing whom to contact and having an established communication chain can pay off when trying to execute an urgent data breach response.

See also: 5 Ways to Spot a Phishing Email

Both internally and externally, the human element of cybersecurity remains a business’s best defense across an ever-widening threat landscape. With the right planning and a rapid response team, companies should be able to withstand a breach with the least damage possible, limiting losses – and claims.

SOURCE: Thompson, J. (2 March 2018) "Meeting cybersecurity risks head-on: A guide to breach preparedness" (Web Blog Post). Retrieved from https://www.propertycasualty360.com/2018/03/02/meeting-cybersecurity-risks-head-on-a-guide-to-bre/


6 ways HR can help prevent a data breach

Employees are often an organization's first line of defense against cyberattacks. Continue reading to learn the 6 ways HR can play a critical role in preventing data breaches.


Employees are an organization's first line of defense against and response to cyberattacks—which have become widespread in recent years. HR, in particular, can play a critical role in protecting sensitive information and minimizing employer liability.

Data breaches can lead to enormous liability, said Danielle Vanderzanden, an attorney with Ogletree Deakins in Boston. Some losses are easy to calculate, such as time spent on help desk activities, investigations and legal defense. Other losses are harder to quantify, such as reputational damage to the business. But it's clear that the costs can be staggering: The average total organizational cost of a data breach in the United States is $7.35 million, according to a 2017 study.

See also: Analyze Your Risks with Hierl's Cyber Security Advisors

Whether a worker intentionally sold customer data, unintentionally left a laptop on a train or carelessly left boxes of medical records unattended in a high-traffic area of a hospital, employers can wind up paying millions of dollars in damages.

So what can HR do to mitigate these costs? In large part, data security is an issue for the technology department, but HR professionals can help ensure that effective programs are in place, Vanderzanden said at the 2018 Society for Human Resource Management Employment Law & Legislative Conference. Specifically, HR can lead the way by:

  1. Knowing who is hired. Protecting personally identifiable information (PII) starts with properly vetting job candidates who will have access to sensitive information: those being considered for HR, payroll and finance positions, to name a few.
  2. Accounting for equipment. During the onboarding process, employers should complete a checklist so that they have a record of all the equipment each employee receives. Then, at the time of separation, the checklist should be consulted to ensure that all equipment is returned and workers don't walk out of the building with sensitive information.
  3. Training employees to spot issues. Workers may not always know how to identify an issue—such as a phishing scam through which a cybercriminal sends an e-mail that looks like it came from someone in the company. An employee may quickly respond to the message and divulge personal information that can be used to access payroll and other information. Employees should be trained on how to identify scams and also should know what to look for in a legitimate company e-mail, such as a standard signature line, a photo of the sender and a company e-mail address.
  4. Encouraging workers to speak up. When a breach or attempted breach occurs, employees who handle PII must feel comfortable stepping up and notifying the appropriate staff. This is essential for resolving the situation, but also because employers must provide certain notices when information is compromised.
  5. Carefully crafting BYOD policies. Bring-your-own-device (BYOD) policies may turn into bring-your-own-breach policies in practice, Vanderzanden said. The more mobile the device, the easier it is for an unauthorized person to walk away with the device and any sensitive information that is stored on it. If employers are going to have a BYOD policy, they should have written policies about what will happen if the device is lost or stolen and what will happen upon termination of employment. Among other things, they should also have a procedure for remotely wiping data from the device.
  6. Building a culture of compliance. Representatives from different business functions—such as IT, HR, security and finance—should work together to ensure that data security measures are ingrained in the organization's practices. Moreover, compliance and cooperation must start in the C-suite. HR can play a role in influencing senior management about the importance of having everyone in the organization follow security procedures.

Check State Laws

HR professionals should note that state laws are the primary source of potential identity-theft liability for employers. "State laws in this area are a patchwork collection and are neither uniform nor completely consistent," said Patrick Fowler, an attorney with Snell & Wilmer in Phoenix, in an interview with SHRM Online. California and Massachusetts have been more active than other states in passing data privacy legislation, but virtually all of the states have data breach notification laws at this point, he noted. Employers should make sure they know what is required under relevant state laws.

See also: Your Cyber Liability Policy & Handling Data Breaches Like A Pro

SOURCE: Nagele-Piazza, L. (14 March 2018) "6 ways HR can help prevent a data breach" (Web Blog Post). Retrieved from https://www.shrm.org/resourcesandtools/legal-and-compliance/employment-law/pages/6-ways-hr-can-help-prevent-a-data-breach.aspx


Cryptocurrencies and what they mean for businesses

Technology has added efficiency and modern conveniences to daily life. Among these conveniences, computer experts have managed to apply digital traits to new, online currencies that are commonly called cryptocurrencies.

Simply put, cryptocurrency is digital money that operates independently of a bank and can be used similarly to cash around the world. However, the digital nature of these new currencies add some benefits that appeal to consumers and have led to their increasing popularity. Bitcoin—the most popular cryptocurrency—was declared legal tender in Japan in 2017, and online services like Microsoft, Overstock and PayPal also accept the currency.

While it can be easy to get caught up in the excitement and potentially lucrative nature of cryptocurrencies, it’s important to understand how they work as well as their positives, negatives and risks.

How Do Cryptocurrencies Work?

While it may seem confusing on the surface, the way cryptocurrencies function is actually quite simple. Like most currencies used around the world, cryptocurrencies store value, have specific exchange rates and are limited in supply. However, most cryptocurrencies are decentralized and work without administrators, and instead rely on encryption technology and verification to make transfers. This means that there is no central authority that manages the creation and use of cryptocurrency.

In the place of a central authority, most cryptocurrencies implement a network that allows users to make transactions directly between each other. These networks use a shared system of private keys and public ledgers to authenticate new transactions and create an encrypted log of past transactions. Bitcoin, the first cryptocurrency to implement this form of authentication, encourages users to participate in the system by rewarding them with additional bitcoins. In fact, this is the only way that new bitcoins circulate.

Despite concerns over cryptocurrencies like bitcoin, they aren’t going anywhere soon as an alternative method of payment, investment or means of raising capital.

To use cryptocurrencies, consumers and businesses must first acquire a cryptocurrency wallet account. These accounts work like a bank, but are designed specifically for individuals who want to purchase or accept cryptocurrency. Most cryptocurrency coins have an official wallet or recommended third-party wallets, and it’s important to conduct thorough research before choosing a service.

After you have acquired a wallet, you can purchase cryptocurrencies on open exchanges and use them for a variety of transactions. You can even convert cryptocurrencies to cash at a later date if you so choose.

The Positives and Negatives of Cryptocurrencies

Before adopting cryptocurrency at your business, you must consider how this new technology’s benefits and drawbacks may impact your operations.

The Benefits of Cryptocurrencies

  • Little or no processing fees—Unlike credit cards and other traditional forms of payment, cryptocurrencies often have no processing fees. This is because transactions are facilitated through the cryptocurrency’s public network on what’s known as a blockchain. Transactions are recorded on the blockchain chronologically, and users can create, verify and enforce transactions without an intermediary or central authority.
  • High transaction speed—Credit and debit card payments often take two to three days to process and clear. With cryptocurrencies, transactions happen in real time and take about 10 minutes or less. As an added bonus, cryptocurrency transactions are final, which means consumers can’t dispute a charge and negate a sale.
  • Increased payment options—The more payment options you can provide as a business, the better. As such, cryptocurrency has the potential to attract a wider customer base.

The Drawbacks of Cryptocurrencies

  • Price volatility—The value of bitcoins and other cryptocurrencies can change drastically over a small period of time. Bitcoin reached a value of $17,000 in January 2018 before falling to $7,000 less than a month later.
  • Anonymity—While the details of cryptocurrency users and transactions are often held in a public ledger, names and locations are encrypted. This can be an issue when complying with regulations on customer identification or fraud protection.
  • Cyber security—Cryptocurrencies exist digitally, and the proof of ownership is often limited to the private keys used to authenticate transactions. This makes cryptocurrencies a prime target for hackers, especially because many businesses aren’t aware of how to protect this new form of currency.

Should You Accept Cryptocurrency?

While global companies like Amazon and Microsoft accept cryptocurrency, that doesn’t necessarily mean it’s right for your organization, especially if you’re a small business. Before using cryptocurrency, it’s important to conduct adequate research and understand how it may impact your company. In addition, you should speak to a qualified insurance broker to determine how using cryptocurrency opens you up to new risks.

To learn more, contact Hierl Insurance Inc. today.

Download the PDF here.


Self-driving tech could put motor carriers back in the driver’s seat

Self-driving vehicles may feel like something that will only be available in the distant future, but autonomous technology is already having an impact on the transportation industry. Many motor carriers are promoting new equipment to attract tech-savvy drivers, and advanced safety sensors are helping decrease accidents on the road.

Over 30 automakers and technology companies are working to make trucks fully autonomous, and many states have already passed self-driving legislation that allows for testing on public roads. But, even though this technology offers motor carriers a way to increase efficiency and improve safety, there are a number of topics your business needs to consider before adopting self-driving trucks.

The Different Levels of Automation

Most of the technology used in autonomous vehicles is an evolution of common safety features that use vehicle-mounted cameras and sensors, such as automatic brakes, lane departure systems and blind spot alerts. However, self-driving technology takes this concept a step further by having these systems work together to perform some or all driving functions.

Because there are multiple self-driving systems in development that offer different levels of autonomy, most companies use a system developed by SAE International to classify levels of autonomous vehicles. Levels 0-2 mainly define limited control systems that are commonly available in consumer and commercial vehicles:

  • Level 0: No automation—The driver performs all driving tasks, but automated system issue warnings may be present.
  • Level 1: Driver assistance—The vehicle and driver may share control in limited circumstances, such as adaptive cruise control and parking assistance. However, the driver must be ready to retake control at all times.
  • Level 2: Partial automation—The vehicle has combined automatic functions (such as controlling acceleration and steering simultaneously), but the driver must be constantly engaged and aware of the surrounding environment.

Self-driving trucks can offer motor carriers a way to increase efficiency and improve safety, but there are a number of topics to consider before these vehicles are adopted widely.

Levels 3-5 define vehicles that are commonly referred to as autonomous or self-driving:

  • Level 3: Conditional automation—A driver must still be present, but doesn’t have to monitor the environment. However, they must be ready to take control at all times and with no notice.
  • Level 4: High automation—The vehicle can perform all driving functions under certain conditions, and switching control back to the driver may be optional.
  • Level 5: Full automation—The vehicle can perform all driving functions at all times.

How Can Self-driving Trucks Help Carriers?

Self-driving trucks could help motor carriers address a number of common issues:

  • Safety—Properly functioning self-driving systems operate without the chance of human error and can react to changing traffic patterns faster than a regular driver.
  • Driver shortage—Regulations likely won’t allow vehicles to operate without a driver in the near future. However, the technology will attract applicants who don’t want to spend long stretches of time in full control of a commercial truck.
  • Increased efficiency—Autonomous technology can give carriers real-time information on location, maintenance status and traffic patterns in order to increase efficiency and better manage fleets.
  • Cost reductions—Motor carriers can reduce costs by sending autonomous trucks on more fuel-efficient routes or by platooning the vehicles together to reduce air drag.

What Risks Does This Technology Present?

Although autonomous technology is advancing rapidly, there are still a number of risks and obstacles to overcome before the vehicles can be widely adopted:

  • Public perception—Advanced sensors generally make self-driving trucks safe, but recent high-profile collisions and fatalities during tests have lowered the public’s opinion of the technology.
  • Long-term employment—Autonomous technology will help to attract new drivers in the near future, but some experts believe that fully independent vehicles may someday eliminate millions of jobs.
  • Liability—The liability of an accident involving human-driven vehicles is fairly easy to judge. However, self-driving trucks bring a nonhuman factor into the equation that makes it difficult to determine if an operator, technology developer, manufacturer or other party is at fault for an accident.
  • Compliance—Individual states, cities and jurisdictions currently manage laws regarding the testing and use of self-driving trucks, making interstate commerce more complicated. However, the FMCSA recently requested feedback on the regulations that would have to be updated, modified or eliminated to safely allow for the use of autonomous vehicles. Key questions discussed by the agency include the following:
    • How will motor carriers ensure automatic systems are functioning properly?
    • What changes, if any, should be made to distracted driving regulations?
    • How will enforcement officials determine a vehicle’s SAE classification level, and would easily identifiable classification signage negatively affect other drivers?
    • How should a driver’s hours of service be recorded when using an automated driving system?

Considering Your Options

As self-driving vehicles continue to develop, your business should carefully consider how both the advantages and risks of this new technology will impact its operations. Contact us at 920-921-5921 today for help analyzing your unique risk exposures.

Download the PDF here.


Construction Risk Advisor - July 2018 Edition

DATA SCIENCE TO BOOST EFFICIENCY AND SAFETY


In order to improve worker safety and boost efficiency, about 20 construction companies have launched data science initiatives over the past few years.

One of those pioneers is a Boston-based company whose data scientists have developed an algorithm that analyzes photos from its job sites and then scans them for safety hazards. The algorithm then correlates those images with its accident records.

Although the technology still needs some fine-tuning, the company hopes to use the algorithm to rate project risks. As a result, the technology could prove extremely helpful in detecting elevated threats and then intervening with safety briefings.

Combining the data collected from these efforts could also be used to forecast project delays. Although data science is somewhat new to construction, a recent McKinsey report said that firms could boost productivity by as much as 50 percent through real- time analysis of data.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download Full Newsletter

AVOIDABLE ESTIMATION MISTAKES IN CONSTRUCTION


In the past three years, only 31 percent of construction projects came within 10 percent of their budgets, according to RSMeans, a provider of construction cost information. Completing projects within budget is a constant challenge for many contractors. Here are five estimating mistakes to be aware of, along with best practices to combat them.

1. Unrealistic expectations—Don’t rely on ideal orworst-case scenarios, which can lead to impractical estimates. Find the middle ground to avoid setting expectations too high and blowing timelines.

2. Flying solo—Don’t be afraid to use outside data sources from a credible third party. Create a realistic estimate by including a combination of your own historical data and their custom data.

3. Lack of or wrong permits—If you lack permits or have the wrong type, work can come to a standstill. Factor proper permits into your estimate, as well as their corresponding costs.

4. Unclear parameters—Parameters must be established clearly at the onset of each project.Make sure you clearly understand your clients’limitations and restrictions before creating an estimate to avoid unnecessary change orders.

5. Missing details—A lack of knowledge, missing items or generalized task descriptions can lead to estimates that are too low. Take the time to account for all necessary materials, labor and equipment by referencing similar work done in the past or detailed cost data from a third party.


Cyber Risks and Liabilities July/August 2018

Training Staff to Guard Against Cyber Attacks


Using mobile devices to work remotely is becoming the new norm. But when your employees use phones, tablets and laptops to access your networkand do their jobs, they’re essentially providinghackers with more entry points, leaving your organization highly vulnerable to attacks.

No matter how many security measures you take,they’re useless if you don’t supplement them withemployee training. Here are five ways to help employees protect your company from cyber attacks:

  1. Offer training on phishing and spam. Show your employees what to look for so they can alert IT if they receive a suspicious email. You can also use phishing simulator training tools, which attempt to trick your employees into opening the wrong types of email. The employees who click on those emails can then be flagged for additional training.
  2. Provide strong password training. Passwords should be changed on a regular basis and contain more than seven characters, an uppercase letter, a number and a symbol.
  3. Teach employees to report problems. Even if your employees clicked on something they shouldn’t have, it’s important that they feel comfortable reporting their infractions so any potential threat can be addressed immediately.
  4. Insist that your employees update all software when new updates become available.Vulnerabilities spread like wildfire among hackers. If employees fail to perform updates,they’re allowing hackers access to the device and possibly your entire network.
  5. Give remote access and Wi-Fi training and set up a virtual private network (VPN). Any employee that works remotely should use that VPN at all times for all activities.

Businesses Need Both Cyber Threat Intelligence and Business Risk Intelligence


Devising an all-encompassing strategy that protects your organization from cyber criminals, data breaches and other cyber security threats is no easy task. You need to ensure protection from not only hackers, but also the actions of your own staff.

Your employees may not intentionally threaten your organization, but without proper training and policies on using, storing and transferring data, there will always be a chance of them inadvertently putting your business at risk. In order to protect against such threats and react accordingly, businesses need to two types of intelligence: cyber threat intelligence and business risk intelligence.

Cyber Threat Intelligence

Cyber threat intelligence is information that has been collected, evaluated and analyzed. It involves looking outward, always being on the defense for potential cyber threats and turning unknown threats into well-known, mitigated threats. Cyber threat intelligence helps organizations understand the threat landscape they face and improve the effectiveness of their defense.

Cyber security analysts can use the data from their own internal security systems and outside vendors to build an understanding of the threats they face. They may also enlist the help of outside providers who understand the behavior of cyber criminals, as well as the long-term trends and short-term risks that might affect a particular sector.

Business Risk Intelligence

Business risk intelligence addresses the broader risks facing a business, including the digital risks. Due to the connected nature of the “internet of things,” business risk intelligence can also include cyber threat intelligence. But unlike cyber threat intelligence—which primarily affects the day-to-day operations of a company’s chief information security officer—the impact of business risk intelligence is likely to be felt across the entire executive suite.

A company with business risk intelligence is aware of the broad risks it faces. That may include insider threats to the physical security of staff or the risk of engaging with third-party vendors in the supply chain. Any type of activity that can alter business operations can be combatted with business risk intelligence.

Save Your Website from ADA Lawsuits


The Americans with Disabilities Act (ADA) of 1990 prohibits discrimination based on disability, which involves ensuring that everyone has reasonable access to all areas of public life. Although the ADA doesn’t explicitly mention the internet, the federalgovernment has taken the position that Title III of the ADA covers access to websites of public accommodations, including service and rental establishments, retail stores, educational institutions and recreational facilities.

Currently, ADA website compliance is only mandatory for government-managed websites. However, the absence of laws enforcing ADA compliance for websites ofpublic accommodations hasn’t prevented people from filing lawsuits againstcompanies that don’t meet the suggested guidelines.

Businesses in health care, government and education have been the most common targets of these lawsuits. Attorneys looking for easy money typically target small businesses’ websites by offering a low settlement fee. If your business is targeted by an ADA website compliance grievance, consider taking the following steps in response:

  1. Review the grievance for credibility. A lawsuit may likely begin by citing“violations of the Americans with Disabilities Act, Title 42 U.S.C. 12101 and12181.” It may also include an inexpensive settlement option—a prime indicator that the lawsuit has no legs to stand on and is likely a scam.
  2. Consult a lawyer. Doing so will help determine the credibility of the threat and stop future threats to your business.
  3. Respond to the plaintiff. Ask your attorney to draft something explaining thatyou’ve reviewed their grievance and consulted a lawyer. Realizing that you’vesought legal help may scare away anyone trying to file a lawsuit.
  4. Update your website. Do this regardless of whether there is a legal need. If your site is easily accessible by people with disabilities, you may see beneficial returns from those users.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download Full Newsletter