Beware of Tech Overload

Technology has certainly made the workplace faster, smarter and more productive. New apps and systems continuously offer new ways to create, manage and collaborate. However, just as with many good things, workers can get too much of office tech. With each digitization of traditional job and team functions comes a cost in diminishing associated skills. Many forward-thinking companies are taking heed of the potential pitfalls of tech overload. Check out some particular hazards culled from across the Web.

Loss of Interpersonal Skills — Video chats, group chats, IMs, DMs, texts, pings, not to mention old-fashioned email certainly afford a multitude of ways to communicate, even collaborate. However, there’s no replacement for face-to-face interaction. Over-reliance on digital channels can diminish the opportunities and ability to collaborate in the most free-form manner, that being when folks share the same room.

Inhibits Big Thinking — Unlimited information flow can sometimes turn into overflow. Continuous text alerts, IMs and other pings can inhibit completion of the task at hand. They can also cause mistakes due to lack of concentration. While pressing issues can be quickly resolved, continual interruptions leave little or no time for working through larger projects and long-term planning.

Impaired Security — It’s an unfortunate fact of business life that the more freely information flows, even behind firewalls, the more susceptible it is to hacking, corruption and theft. As well-publicized incidents have shown, corporate information is not the only data at risk, but also financial and personal data of employees and customers. It’s vital that when companies upgrade their business tech, their security tech and protocols keep pace.

Time and Maintenance Costs — The only sure bet with a new application or system is that it will require updates. Also, while out-of-pocket expenses can be quantified, less-obvious costs of downtime devoted to system maintenance and training can pose significant drag on productivity, and in some cases job satisfaction. More companies are discovering that not every tech wave is worth catching, especially if it crashes against strained budgets.

Encroachment on Personal Time — Certainly boundaries of normal working hours have been significantly extended. While tech has indeed freed workers from cubicle and office tethers, it can also tempt managers and team members to infringe, often unknowingly, on the personal lives of their reports. Yes, emergencies may arise. But workers repeatedly besieged with after-hour queries may seek other places to use their devices.

It May Be Unhealthy — Work is stressful enough. While technology has certainly speeded operations, it’s concurrently raised everyone’s expectations. Some research indicates that over-reliance on devices may increase stress levels with potentially adverse health consequences. For better health, occasionally put down the phone!

Source:
Olson B. (17 April 2018). "Beware of Tech Overload" [blog post]. Retrieved from address http://bit.ly/2HGQLTX


Are Virtual Doctor Visits Really Cost-Effective? Not So Much, Study Says

As the virtual world expands, it raises a question: at what point does it take away from the user experience? In this article from Kaiser Health News, we take a look at a study presenting facts on how virtual healthcare may be an issue rather than a convenience. Read further for more information.


Consultations with doctors by phone or video conference appear to be catching on, with well over a million virtual visits reported in 2015. The convenience of “telehealth” appeals to patients, and the notion that it costs less than an in-office visit would make it attractive to employers and health plans. But a new study suggests that while telehealth services may boost access to a physician, they don’t necessarily reduce health care spending, contrary to assertions by telehealth companies. The study, published Monday in the journal Health Affairs, shows that telehealth prompts patients to seek care for minor illnesses that otherwise would not have induced them to visit a doctor’s office. Telehealth has been around for more than a decade, but its growth has been fueled more recently by the ubiquity of smartphones and laptops, said Lori Uscher-Pines, one of the study’s authors who is a policy researcher at the Rand Corp., a nonprofit think tank based in Santa Monica, Calif.

These virtual consultations are designed to replace more expensive visits to a doctor’s office or emergency room. On average, a telehealth visit costs about $79, compared with about $146 for an office visit, according to the study. But it found that virtual visits generate additional medical use. “What we found is contrary to what [telehealth] companies often say,” Uscher-Pines told California Healthline. “We found an increase in spending for the payer.” The researchers found that only 12 percent of telemedicine visits replaced an in-person provider visit, while 88 percent represented new demand. The researchers examined 2011-13 utilization data of 300,000 people enrolled in the Blue Shield of California Health Maintenance Organization plan offered by the California Public Employees Retirement System, which covers current and former state employees and their families. CalPERS’ Blue Shield HMO started offering telehealth services, available 24/7 to its beneficiaries, in April 2012.

The researchers focused on virtual visits for respiratory illnesses, which include sinusitis, bronchitis, pneumonia and tonsillitis, among others. While a single telehealth visit for a respiratory illness costs less than an in-person visit, it often results in more follow-up appointments, lab tests and prescriptions, which increases spending in the long run. Liability concerns may prompt telehealth physicians to recommend that a patient go in for a face-to-face appointment with a doctor, the study notes. Researchers estimated that annual spending for respiratory illnesses increased about $45 per telehealth user, compared with patients who did not take advantage of such virtual consultations. Jason Gorevic, the CEO at Teladoc, the operator that provides telehealth services for CalPERS Blue Shield members, said the new study doesn’t square with Teladoc data showing the cost savings of telemedicine.

According to 2016 data, Gorevic said, only 13 percent of Teladoc visits represent new medical use. He noted that the Rand study uses older data, and that many things have changed since then — including the technology, the rate at which these services are being adopted and patient engagement. “In fact, other more comprehensive studies — using six times the amount of claims data including the same population as the [Rand] study — have found tremendous value of telehealth, with consistently repeatable results,” Gorevic said. These other studies have shown that telehealth decreases overall health care spending, he said. But Uscher-Pines said the Rand findings were not surprising.

When Rand researchers studied retail clinics last year, they found that making access to health care more convenient triggers new use and additional costs. That study found 58 percent of visits to in-store clinics represented new use of medical services rather than a substitute for doctor office visits. Yet the fact that telehealth services are more affordable per visit than a trip to a physician’s office shows that there is still a pathway to cost savings, Uscher-Pines said. To achieve cost savings, telehealth services would have to replace costlier visits, the researcher said. Insurers could increase telehealth visit costs for patients to deter unnecessary use.

Another way to increase the health system value of virtual doctor visits is to target specific groups of patients — such as those who often use emergency rooms for less severe illnesses. An emergency room visit costs an estimated $1,734. “You could take these people in the emergency department and offer them this cheaper option. That would be a direct replacement,” Uscher-Pines said. Gorevic said that a challenge for telehealth is engaging consumers, so the comparatively low fees provide a financial incentive. “Because a telehealth visit is much cheaper than an in-person visit, the cost sharing should be reflective of that,” he said.

Marcus Thygeson, senior vice president and chief health officer at Blue Shield, which also provides virtual doctor visits through Teladoc, in a statement said that “increased convenience can increase utilization, so overall healthcare costs may increase or stay the same. Blue Shield supports the use of telemedicine to improve access for both primary and specialty healthcare, especially in rural communities.” The researchers noted several limitations to the Rand study.

For example, researchers examined only one telehealth company and studied only visits for respiratory illnesses. In addition, the patients whose data were scrutinized had commercial insurance, and it is possible the use of telehealth would differ among people with government insurance, high-deductible plans or no insurance at all, the study said.

This story was produced by Kaiser Health News, which publishes California Healthline, an editorially independent service of the California Health Care Foundation. Written by: Ana B. Ibarra


April 2018 Safety Matters: Elevator Best Practices

Elevator Best Practices

Millions of employees use elevators each day at work. While elevators are considered one of the safest forms of transportation, it is important to follow best practices and safety precautions when using an elevator.

Boarding the Elevator

Take note of the following procedures for entering an elevator:

  • Make sure you are aware of the risks associated with riding the elevator prior to boarding, such as falls and accidents.
  • Allow all passengers to fully exit the elevator before you begin boarding.
  • Watch your step when entering the elevator, as it may not be exactly level to the floor.
  • Steer clear of the doors once you enter the elevator. Keep all clothes, carry-ons and body parts within the car. Never attempt to stop a closing door.
  • Pay attention to the elevator’s capacity limit. Do not attempt to board an elevator that has reached capacity.

Riding the Elevator

Keep in mind the following procedures for riding an elevator:

  • Stand as close to the elevator wall as possible. Be sure to leave as much room as possible for others.
  • Pay close attention to floor indications and transitions to ensure you are able to exit at the right time.
  • Press the “door open” button in the event of the elevator stopping on a floor without opening its doors.
  • Be courteous of other passengers on the elevator. Do not push other riders in front of you when exiting and be sure to move out of the way of passengers when they exit the elevator.

Watch your step as you exit to avoid tripping on uneven ground.

In Case of Emergency

Although rare, elevator accidents and malfunctions do happen. Keep in mind the following procedures in the event of an elevator emergency:

  • Never use an elevator in the event of a fire. Always take the stairs.
  • Remain calm at all times. If you are in a stalled elevator, utilize the alarm button or phone button to contact emergency services.
  • Reassure those who are panicked in the situation. Remind everyone that they are safe inside the elevator.
  • Do not engage in horseplay.
  • Do not try to exit the elevator or pry open the doors. Always wait for trained professionals to arrive.

While elevators are considered one of the safest forms of transportation, it is important to encourage best practices and safety precautions to all employees or building occupants that frequent the elevator.

Download Full Newsletter

Brought to you by


Employers using fast-feedback apps to measure worker satisfaction, engagement

In this article from Employee Benefit Advisors, we take a look at measuring worker satisfaction and engagement through the use of feedback applications. Let us know what your verdict is!


The days of employers conducting employee engagement surveys once every year might be coming to an end.

Thanks to “fast feedback” applications, employers can conduct quick online surveys of their employees to measure how engaged they are at their jobs. The data from these polls is then collated and presented, often in real time on dashboards, to employers to show their workforce’s level of engagement and satisfaction. Some of these web-based programs also can present CEOs with steps they can take to improve their environment and culture.

These tools are available from Culture Amp, Glint, TINYpulse, PeakOn and others.

One of the main benefits of fast feedback, according to Glint CEO Jim Barnett, is that it cuts down on “regrettable attrition,” which occurs when talented employees leave for better jobs.

Glint customers include eBay, Glassdoor, Intuit, LinkedIn and Sky Broadcasting. These clients send out e-mail invitations to workers and ask them to take a voluntary survey, which can feature either stock employee engagement questions or queries that can be fine-tuned for a specific workplace.

Glint recommends 10 to 20 questions per Pulse — what it calls employee engagement survey sessions — and results are sent back to the employer’s HR directors and senior executives. According to Barnett, the Pulses are confidential but not anonymous. Barnett explains that while anonymous surveys do not record the respondent’s name and job title, a confidential survey means that only Glint knows who took the Pulse. The employer is only presented data from specific job groups or job descriptors within an enterprise, such as a production team or IT support.

This month, Glint announced two new capabilities to its real-time employee feedback program, called Always-On and On-Demand Surveys. Always-On allows workers to express their concerns at any time and On-Demand Surveys gives managers and executives the opportunity to perform quick, ad hoc surveys of staffers.

“Some of our companies use the Always-On Survey if they want people on their team to give feedback at any time on a particular topic,” he says.

Firms also use fast feedback for onboarding new hires, Barnett says. Companies have set up Glint’s program to gauge new workers at their 30 and 60 day-mark of their employment to “see how that onboarding experience impacted their engagement,” he says.

Culture Amp also provides fast feedback tools via a library of survey templates that cover a range of employee feedback topics including diversity and inclusion, manager effectiveness, wellness and exit interviews. Culture Amp’s clients include Aligned Leisure, Box, Etsy, McDonalds, Adobe and Yelp.

“We encourage customers to customize surveys to make the language more relevant, and to ensure every question reflects something the company is willing to act on,” says Culture Amp CEO Didier Elzinga.

Culture Amp presents its survey results to employers via a dashboard that displays the top drivers of employee engagement in real time. “Users can then drill down to understand more about each question, including how participants responded across a range of different demographic factors,” Elzinga says.

Sometimes CEOs are presented with news they were not prepared to hear, according to Elzinga. Some customers take to the employee survey process with the mindset of ‘myth busting,’ he says. “They want to know if some truth they hold dear is actually just a story they’ve been telling themselves. Every now and then, an employee survey will provide surprising results to an HR or executive team,” he says. “Whether people go into a survey looking to bust myths or gather baseline data, the important part is being open to accepting the results.”

Glassdoor takes the pulse of its workforce

Glint customer Glassdoor, the online job recruitment site that also allows visitors to anonymously rate their current employer’s work environment, compensation and culture, not only urges its employees to rate the firm using its own tools, the company also uses Glint’s software to view employee engagement at a more granular level.

Glassdoor conducted its first Glint Pulse in October 2016 and has rolled out three since then. The next is scheduled for January 2018, according to Marca Clarke, director of learning and organizational development at Glassdoor.

“We looked at employee engagement and the things that drive discretionary effort [among employees who work harder],” Clarke says. “This is strongly correlated with retention as well.”

Clarke said that one Glint Pulse found that the employees’ view of Glassdoor culture varied from location to location. Of its 700-person workforce, people working in the newer satellite offices were happier than the employees in its Mill Valley, Calif., headquarters. She speculates that this response could be due to newer, more eager employees hired in brand new, recently opened offices.

“People think culture is monolithic that should be felt across the company but we could see that there was some variation from office to office. With Glint, we were able to slice the data not just by region and job function but [we could] go to the manager level to look at how people with different performance ratings think about the culture,” she says.

Recent research from Aon Hewitt found that a 5% increase in employee engagement is linked to a 3% lift in revenue a year later. According to Barnett, Glint clients that regularly conduct surveys and take steps to engage their employees often see a boost in the price of their company shares.

“Companies in the top quartile of Glint scores last year [saw] their stock outperform the other companies by 40%,” he says. “They now have the data and can see that employee engagement and the overall employee experience really do you have a dramatic impact on the result of their company.”

 

Read the original article.

Source:
Albinus P. (5 December 2017). "Employers using fast-feedback apps to measure worker satisfaction, engagement" [Web blog post]. Retrieved from address https://www.employeebenefitadviser.com/news/employers-using-fast-feedback-apps-to-measure-worker-satisfaction-engagement?brief=00000152-1443-d1cc-a5fa-7cfba3c60000


Cyber Risks & Liabilities - January/February 2018

Troubling Lack of Cyber Concern by CFOs

Gone are the days when chief financial officers (CFOs) solely had to focus on managing their organization’s financial risks. These days, CFOs need to think about the costs of cyber security as well as the costs associated with not having enough of it. When their security tools are inadequate or threats go unnoticed, there is an increased risk of incidents that can costs thousands or millions of dollars in repairs, lost business and reputation. CFOs need to apply new strategies when it comes to tackling cyber risks.

Work With the Chief Information Security Officer

According to recent data, 39 percent of IT workers don’t believe their senior management understands the impact that a security breach could have on their company’s reputation. CFOs should become active members of their security teams, instead of passive observers, in an effort to protect their revenue with a more focused and effective cyber security plan. The most effective partnerships involve weekly cyber exposure reviews with management and IT.

Invest in IT

A recent report found that firms that invest more in IT security experience an average of 6.8 fewer breaches and save more than $5 million. With the growing number of available devices that employees can use to stay connected and do their jobs, new approaches are needed to deal with increased cyber exposure that may have been more easily contained in the past.

Be Accountable

CFOs need to realize how cyber risk affects financial risk. According to a recent study by Ponemon Institute, data breaches result in an average stock price decline of 5 percent and an average revenue decline of $3.4 million. CFOs cannot manage risks of that magnitude by themselves. It is in the best interest of the entire company if its CFO partners with others in the organization who have a vested interest in managing cyber risk.

The Biggest Cyber Security Disasters of 2017

Like 2016 before it, 2017 was not without its share of cyber security incidents—incidents that impacted companies of all sizes and affected multiple industries. The following are some of the biggest cyber security disasters of 2017:

  • WannaCry—Using a tool that was allegedly stolen from the U.S. National Security Agency, cyber criminals exploited a flaw in Microsoft’s Windows system in order to spread malware dubbed WannaCry. The attack, which took place May 12, 2017, has impacted over 200,000 users in at least 150 countries.
  • Equifax—In September of 2017, Equifax, one of the largest credit reporting agencies in the United States, was the victim of a massive cyber attack. This attack compromised the personal information of over 143 million people.
  • Yahoo—In late 2016, Yahoo reported more than 1 billion user accounts were impacted by a 2013 breach. Later in 2017, it was revealed that over 3 billion Yahoo accounts were compromised.
  • Verizon—In July of 2017, it was reported that 14 million Verizon subscribers may have been affected by a data breach. The majority of those impacted by the breach were individuals who had previously contacted Verizon customer service.
  • Gmail—In May of 2017, it was revealed that Gmail users were targeted in a sophisticated phishing scam. The scam sought to gain access to accounts through a third-party app. Over 1 million users have been impacted.

Trump Administration Releases Rules on Disclosing Cyber Flaws

The Trump administration publicly released its rules on whitehouse.gov for deciding whether to disclose cyber security flaws or keep them secret. In doing so, the administration hopes to bring more transparency to its cyber processes.

The U.S. government initially created the Vulnerabilities Equities Process (VEP) under former President Barack Obama, to determine what to do with discovered flaws. The process was designed to balance law enforcement’s and U.S. intelligence officers’ desires to hack into devices with the intention to warn manufacturers of the need to patch holes in their security. However, the government has attracted criticism for jeopardizing internet security by stockpiling detected cyber vulnerabilities in order to preserve its ability to launch its own attacks on computer systems.

The new Trump administration charter explains how the VEP functions and names the agencies involved in the vulnerability reviews, including intelligence agencies as well as several civilian departments that include the Departments of Commerce, Treasury, Energy and State.

The National Security Agency is the executive secretariat of the interagency group. Its job is to coordinate debates over flaws that the various agencies submit in case there is a disagreement about whether to disclose them. If the disagreements cannot be reconciled, the group will vote on whether to disclose or retain the flaws.

The new rules also require the creation of an annual report to provide metrics on the amount of flaws discovered, retained and disclosed. Portions of the report are to be made public. Decisions to retain vulnerabilities are to be reconsidered every year.

According to White House security coordinator Rob Joyce, the revised rules are intended to shed light on the process for how various federal agencies weigh the costs of keeping a flaw secret. Joyce said the rules are the most sophisticated in the world and that they set the United States apart from most other nations.

More than 90 percent of flaws are ultimately disclosed, according to Joyce, although critics argue that they’re not shared quickly enough.

 


5 ways digital tools can help build a better benefits package

"...digital tools can be excellent motivators and are a popular option for keeping employees to their wellness objectives..." In this article from Employee Benefit Advisor, we get a fantastic look at some statistics and digital tools to create better employee engagement.


The American workforce has an employee engagement problem: Half of U.S. workers are disengaged, according to a recent Gallup poll. That not only has a detrimental effect on individual wellness, but on company culture and the bottom line. According to The Engagement Institute, disengaged employees cost organizations between $450 and $550 billion every year. In addition to being less productive, they’re also more likely to quit.

One of the most effective ways to improve employee engagement is to offer better benefits. In fact, research conducted by Willis Towers Watson found 75% of employees said they were more likely to stay with their employer because of their benefit program. This demonstrates the value of designing an employee benefits package that really works for your staff. And to even better engage workers with benefits, employers should utilize HR apps and employee wellness software.

They vary in functionality, device compatibility, and of course price, but they all share five considerable advantages:

They’re highly adaptable. Unlike programs that rely on in-person use or resources that are primarily stored in binders, digital content can be updated on the fly. This flexibility makes it very easy to keep the information current and relevant, and it even opens the door to personalized benefits. For instance, if each employee has their own login, they can bookmark the resources they find most useful and receive suggestions based on those picks. Seventy-two percent of employees in a MetLife survey say being able to customize their benefits would increase their loyalty to their current employer, which makes this perk doubly advantageous.

They’re fully integrative. One major complaint employees have is that their health information is so disjointed. Dental, physical, psychological and nutritional data is siloed, creating a cumbersome situation for employees when it comes to accessing and updating their records. Digital tools neatly solve this problem by collecting all these resources in one place. All employees have to do is sign into one account to view all their health-related resources, benefits, emergency phone numbers, enrolment information, health savings account balance and so on.

They’re constantly accessible. Have you noticed your staff using fewer and fewer benefits over time? It’s easy to assume they’ve lost interest, but chances are they’ve simply forgotten what’s available to them. Digital tools are a fantastic way of combating that attrition for a couple of reasons. First, they’re super easy to access because they can be used essentially anytime, anywhere. The second reason your staff is more likely to continue using their benefits with a digital platform is because it can serve them with notifications and reminders. They no longer have the excuse of being unaware when fresh content is added, or missing medical appointments.

They encourage employee goals. To add to the previous point, digital tools can be excellent motivators and are a popular option for keeping employees to their wellness objectives. Two of the most common goals are weight loss and smoking cessation, but your employees can use calendar, reminders, notes, fitness trackers and other features to push them toward any goal they like.

They’re easily scalable. Finally, digital tools are the most efficient way of reaching a large employee base, especially if they’re spread over a large geographical distance. It’s impossible to expect a thousand employees located in different states to attend a stress management seminar, for example, but it’s not unreasonable to ask them to watch a five minute video or listen to a podcast. Digital resources are changing the game when it comes to reaching all employees equally so that no one gets left behind.

Some things to keep in mind

Now that you’ve been convinced to digitize your employee wellness program, there are a couple of assurances you should make. The first is confidentiality. Your employees need to feel safe accessing your health resources, so guaranteeing the security and privacy of their information is a must. You should also make accommodations for various accessibility concerns. In other words, having all your resources in video format isn’t helpful for employees who are visually impaired. Also be aware of the different situations in which your staff might need access (at home, on the go, with or without an internet connection, etc) to ensure maximum ease of use.

Why is this all so important? As cool and cutting-edge as many of these digital tools are, at the end of the day your goal is to promote employee well-being and engagement. Anything that encourages your staff to come into work with a smile on their faces is worthwhile. Gallup studies have shown highly engaged organizations are 21% more profitable, 17% more productive, and achieve a 41% reduction in absenteeism. No matter how effective your current benefits package is, you can — and should — take it to the next level with a digital program.

 

Read the original article.

Source:
Mittag A. (17 November 2017). "5 ways digital tools can help build a better benefits package" [Web blog post]. Retrieved from address https://www.employeebenefitadviser.com/opinion/5-ways-digital-tools-can-help-build-a-better-benefits-package?feed=00000152-1387-d1cc-a5fa-7fffaf8f0000

SaveSave

SaveSave

SaveSaveSaveSave


Health Care Property & Casualty Profile - November / December 2017

In this November / December Health Care Profile, we will dive into digital innovation within hospitals, the financial benefit of easing doctor burnout, and how the federal government threaten three Massachusetts psychiatric hospitals. Read more below.


HOSPITALS WANT DIGITAL INNOVATION

A survey conducted by the American Hospital Association (AHA) and health innovation company AVIA found that 85 percent of health care leaders realize that digital innovation is a key factor in the long-term success of their health care organizations.

Survey respondents included executives and innovation officers from 317 health systems in 48 states. When asked to define innovation, almost 75 percent of survey respondents said that it involves collaborating with innovative organizations, and 42 percent said that they believe innovation includes testing and scaling externally developed digital solutions.

Christina Jack, the AHA’s senior director of entrepreneur strategy and innovation, stated that digital innovation could be hampered by the fact that it is dependent upon the competencies of a chief information officer. And, as a result, it isn’t woven into an organization’s operations.

Nonetheless, the health care leaders who participated in the survey were hopeful about the future and stated that, if done correctly, digital innovations could improve the patient and workplace experience for both physicians and staff, as well as improve safety and decrease costs.

According to the survey, areas where hospitals have already invested in digital innovation include operational efficiencies, primary care delivery and utilization, patient access and care transitions.

FEDS THREATEN 3 PSYCHIATRIC HOSPITALS

The federal government threatened ceasing Medicare payments to three Massachusetts psychiatric hospitals after safety lapses caused two mentally ill patients to forgo critical medication. One patient had a seizure and suffered a traumatic head injury as a result.

 

According to a letter dated Sept. 8 from the Centers for Medicare and Medicaid Services to the CEO of all three hospitals, conditions discovered on Aug. 28, 29 and 30 posed an immediate jeopardy to the health and safety of patients, limiting the hospitals’ capacity to render adequate care.

FINANCIAL BENEFIT OF EASING DOCTOR BURNOUT

According to a recent study published in JAMA’s Internal Medicine, addressing doctor burnout could save hospitals over $1 million per year.

The study looked at the cost of physician turnover as a whole and then used evidence to determine how many physicians leave their jobs because of burnout. It found that for an organization that employs 450 doctors, doctors who leave due to burnout cost the organization $2.5 million per year. If the same organization spent $1 million per year to lower the risk of burnout by 20 percent, it could save about $1.25 million each year.

Researchers said that the ways to decrease burnout involve understanding what causes it, such as a lack of work-life balance, heavy workloads, and a lack of flexibility and control.


Cyber Risks & Liabilities - November 2017

We live in a world centralized around cyber activity – so shouldn’t employers protect themselves from cyber risks? The answer: yes. This article will help employers be aware of the damage a breach in cyber security can cause and help them seek the best cyber insurance.


5 Cyber Risk Questions Every Board Should Ask

When a data breach or other cyber event occurs, the damages can be significant, often resulting in lawsuits, fines and serious financial losses. In order for organizations to truly protect themselves from cyber risks, corporate boards must play an active role. Not only does involvement from leadership improve cyber security, it can also reduce liability for board members.

To help oversee their organization’s cyber risk management, boards should ask the following questions:

  1. Does the organization utilize technology to prevent data breaches? Boards should ensure that the management team reviews company technology at least annually, ensuring that cyber security tools are current and effective.
  2. Does the organization have a comprehensive cyber security program that includes specific policies and procedures? Boards should ensure that cyber security programs align with industry standards and are audited on a regular basis to ensure effectiveness and internal compliance.
  3. Has the management team provided adequate employee training to ensure sensitive data is handled correctly? Boards can help oversee the process of making training programs that foster cyber awareness.
  4. Has management taken appropriate steps to reduce cyber risks when working with third parties? Boards should work with the company’s management team to create a third-party agreement that identifies how the vendor will protect sensitive data, whether the vendor will subcontract services and how it will inform the organization of compromised data.
  5. Has the organization conducted a thorough risk assessment and considered purchasing cyber liability insurance? Boards, alongside the company’s management team, should conduct a cyber risk assessment and identify potential gaps. From there, organizations can work with their insurance broker to customize a policy that meets their specific needs.

Key Considerations When Buying Cyber Insurance

Buying cyber insurance is not a one-size-fits-all process. To ensure your business has sufficient cyber coverage, it is critical to assess your needs and consider your specific risks. The following are some common elements of cyber insurance policies to consider when building optimal coverage for your business:

  • Limits and sublimits—Hierl Insurance Inc. can assist you in determining appropriate limits by utilizing industry benchmarking data and projected breach costs. From there, we can examine your sublimits, which don’t provide extra coverage, but set a maximum to cover a specific loss.
  • Retroactive coverage—Breaches can go undiscovered for years. For protection from unidentified cyber incidents, ask for a retroactive date that is earlier than the policy’s inception date.
  • Exclusions—Common cyber policy exclusions, such as outdated software, unencrypted mobile devices and penalties from credit issuers, can adversely impact coverage. Understand your policy exclusions before committing.
  • Panel provisions—Many insurance companies require policyholders to use preapproved investigators, consultants and legal professionals in the event of a cyber breach. If you have a preferred team of experts, make sure your preferred policy allows you to work with them before signing.
  • Consent provisions—Some cyber policies contain consent provisions that require obtaining the insurer’s consent before incurring certain expenses related to cyber claims. If prior consent provisions are included in the policy and cannot be removed, policyholders can change them to ensure that the carrier’s consent cannot be unreasonably withheld.
  • Vendor acts and omissions—Most organizations use third-party vendors to process or store a portion of their data. While they make it easier to do business, they also represent a potential exposure. It is critical that your business’s cyber liability policy covers claims that result from breaches caused by your vendors.

Cyber insurance is continually evolving alongside emerging cyber threats. Contact Hierl Insurance Inc. to help proactively assess your risks and ensure that your insurance coverage is in line with your specific business practices and exposures.

 

 

 

 

Yahoo Says All Accounts Were Hacked in 2013

Yahoo recently announced that, in contrast to an earlier estimate, all 3 billion of its accounts were hacked in 2013. The news could not only increase the legal exposure for Yahoo’s new owner Verizon Wireless, but also increase the number of class-action lawsuits expected in U.S. federal and state courts.

Recently obtained information shows that the stolen information did not include passwords in clear text, bank account information or card data. However, this information was protected with outdated encryption that experts said is easy to crack. It also included backup email addresses and security questions that could make it easier to break into other user accounts.

In late 2016, Yahoo made users change their passwords if they hadn’t since the hack, and invalidated old security questions and answers.

Equifax Cyber Security Incident

Equifax Inc. announced in September that about 143 million U.S. consumers may have been affected by one of the largest breaches in history.

Names, Social Security numbers, birthdates, addresses and driver’s license numbers were accessed by the intruders, according to a statement from Equifax. Credit card numbers for about 209,000 consumers were also accessed.

GDPR Compliance Deadline Approaching

The General Data Protection Regulation (GDPR) requires businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. Noncompliance could be costly for businesses—amounting to up to €20 million or 4 percent of global annual turnover, whichever is higher.

Companies that do business with customers in the EU must be able to show compliance by May 25, 2018. For more information on whether the GDPR affects your business, and how to comply, visit the website of the European Commission here.