Helping Your Employees Protect Against Identity Theft

Are you doing enough to help your employees protect themselves from identity theft? Make sure to take a look at this article by Irene Saccoccio from SHRM on what employers can do to protect their employees from identity theft.

Social Security is committed to securing today and tomorrow for you and your employees. Protecting your identity and information is important to us. Security is part of our name and we take that seriously.

Identity theft is when someone steals your personally identifiable information (PII) and pretends to be you. It happens to millions of Americans every year. Once identity thieves have your personal information they can open bank or credit card accounts, file taxes, or make new purchases in your name. You can help prevent identity theft by:

  • Securing your Social Security card and not carrying it in your wallet;
  • Not responding to unsolicited requests for personal information (your name, birthdate, social security number, or bank account number) by phone, mail, or online;
  • Shredding mail containing PII instead of throwing it in the trash; and
  • Reviewing your receipts. Promptly compare receipts with account statements. Watch for unauthorized transactions.

It is important that your employees take the necessary steps to protect their Social Security number. Usually, just knowing the number is enough, so it is important not to carry your Social Security card or other documents unless they are needed for a specific purpose. If someone asks for your employees’ number, they should ask why, how it will be used, and what will happen if they refuse. When hired, your employees should provide you with the correct Social Security number to ensure their records and tax information are accurate.

If your employees suspect someone else is using their Social Security number, they should visit IdentityTheft.gov to report identity theft and get a recovery plan. IdentityTheft.gov guides them through every step of the recovery process. It’s a one-stop resource managed by the Federal Trade Commission, the nation’s consumer protection agency. You can also call 1-877-IDTHEFT (1-877-438-4338); TTY 1-866-653-4261.

Your employee should also contact the Internal Revenue Service (IRS), and file an online complaint with the Internet Crime Complaint Center at www.ic3.gov.

Don’t let your employees fall victim to identity theft. Advise them to read our publication Identity Theft and Your Social Security Number or read our Frequently Asked Questions for more information. If you or an employee suspects that they’re a victim of identity theft, don’t wait, report it right away!

See the original article Here.

Source:

Saccoccio I. (2017 May ). Helping your employees protect against identity theft [Web blog post]. Retrieved from address https://blog.shrm.org/blog/helping-your-employees-protect-against-identity-theft


Advisers Seek a Tech Solution to Financial Wellness

Have you been looking for a new solution to increase your client's investment into their financial well-being? Check out this great article by Cort Olsen from Employee Benefits Advisors on how advisers are using technology to help their clients invest in their financial wellness.

With many employers taking advantage of wearable wellness devices such as Fitbits and Apple Watches, advisers and consultants say they would like to see a similar platform that will efficiently monitor a person’s financial wellbeing.

“For physical wellness there are health assessments like biometric screenings to gather information and then there is the wearable data that tells people where they need to be to stay on track with their health goals,” says Craig Schmidt, senior wellness consultant for EPIC Insurance Brokers & Consultants. “The difference with the financial piece is that there isn’t a way to track users’ spending habits or monitoring their retirement funding to make their financial status more budget friendly.”

While Schmidt says he has not been able to find a platform that monitors financial status at such a personal level, John Tabb, chief product officer of Questis, has put together a platform that manages to gather data and make suggestions on what employees should be focusing their investments on such as paying off student loan debt or investing in their Roth IRA.

Tabb estimates that there are roughly 30 companies that call themselves financial wellness firms but adds that none of them are “holisitic.” “Not to say that they are not good, but there are only a handful of companies that can allow advisers at financial institutions to utilize their platform as a tool,” he says.

Saving for retirement vs. paying off student debt
Shane Bartling, retirement consultant for Willis Towers Watson, says they have developed a program with their clients that addresses gaps in the market and increases the value of the overall lineup of financial well-being services offered by employers generally around retirement readiness.

“As a result of requests from clients and the needs we have identified with our consulting work, we have built out a technology solution to compliment the line-up of other resources that clients have available,” Bartling says. “We wanted to find the indicators of poor financial wellbeing in the workforce, how to measure it and then how do we engage the parts of our workforce that are going to see the highest value from the resources we are providing.”

The WTW program offers clients an initial assessment from an adviser to determine where employees are struggling the most with their finances. “There is a way to look at behaviors employees are signaling when they are in a poor financial situation,” Bartling says. “They begin to do things like using loans, taking hardship withdrawals and then ultimately you see issues like wage garnishment tend to pop up on the radar and are opting out of the 401(k).”

SoFi has expanded its business focus from student loan refinancing firms into the workspace by helping employers offer a student loan repayment benefit.

“Looking at the employee benefits space today, student loans are generally a pretty big hole in most employers benefit offerings,” says Catesby Perrin, vice president of business development at SoFi. “The main stays of employee benefit offerings are healthcare and 401(k), which we all know are essential, but in many respects don’t address the most pressing financial concerns of the largest demographic in the workforce, which are millennials.”

Perrin adds that 401(k) and other forms retirement saving is imperative for everyone in the workforce, however retirement is not a top priority for millennials due to other financial stressors that are taking place in their day-to-day lives.

“As great as a 401(k) is and how important it is intrinsically, if you have $500 or $800 a month due in student loan payments, which is totally plausible for somebody coming out of undergrad today, the 401(k) is a total luxury,” Perrin says. “Most employers are not doing much about student loan problem, so we are offering two primary benefits today for employers… a student loan refinancing benefit and a benefit set for employers to help pay down the principle balance of their employee’s loan.”

Alternative tech gaining traction
One option is the increasing popularity of mobile push notifications. Ayana Collins, wellness consultant out of EPIC’s Atlanta office, says she is seeing a greater response from users who utilize these alerts on their smartphones to view wellness tips and strategies that they may not read if they are delivered in the form of an e-mail.

“Employees receive thousands upon thousands of e-mails and one more e-mail coming from HR or from a wellness company may not be opened,” Collins says. “If they receive a push notification from their mobile phone they are more likely to check out what financial wellness tips we are sending to them.”

Privacy invasion?
Meanwhile, new legislation determining how wellness plans are regulated has sparked a renewed interest in finding a streamlined financial wellbeing platform.

Shan Fowler, senior director of employer portfolio and product strategy at Benefitfocus, says legislation such as the Employer Participation in Repayment Act and the Preserving Employee Wellness Programs Act, will help fuel the creation of a financial wellbeing platform.

“Financial regulation is very similar to healthcare regulation,” Fowler says, “due to so many branches that are contingent with legislative support. Seeing bipartisan support for this national epidemic [has me feeling] very optimistic.”

However, employees may not be as enthusiastic. Many workers are concerned about the level of data employers could have access to, seeing it as an invasion of privacy, Fowler adds.

“I think you need to put yourself into the shoes of the employee and ask if I want my company to have access to my personal information,” he says. “That speaks to that very fine line employers have to walk of having their employees’ best interests in mind, but not going too far into a ‘big brother’ mentality.”

Tabb says that while the Questis platform does offer individual advice on financial direction based off an initial assessment, the data collected is stored in an aggregate form that protects employees’ personal information from being viewed by their superiors or colleagues.

“If the employer wants some data, they are going to pay for it to help them make decisions, but it is all on an aggregate level,” Tabb says. “There is certainly a perception that needs to be addressed to ensure employees that their data is safe and that nothing is being shared with their employer that does not need to be shared.”

Both Bartling and Perrin also say their platforms offer data to employers only in an aggregate form to give them an idea of how many employees are utilizing the benefit and also the projected success rates, but when it comes to the personal finances of each individual employee, security is in place to ensure private financial information is protected.

EPIC’s Collins says no matter what branch of wellness an employer invests in, whether it be financial, physical or mental, there needs to be a reason behind the technology that they are using. If there is no payout for the employee, there will be no demand to carry the program.

“There has to be a ‘so what’ behind it,” Collins says. “If the employer is just doing a simple challenge with nothing behind it, people are not going to gravitate toward it, because it doesn’t create a moment where the users discover an improvement to themselves. That is the whole point behind wellness.”

See the original article Here.

Source:

Olsen C. (2017 May 11). Advisers seek a tech solution to financial wellness [Web blog post]. Retrieved from address https://www.employeebenefitadviser.com/news/advisers-seek-a-tech-solution-to-financial-wellness


The Pitfalls of Online Enrollment Systems

Are you using an online system to enroll your clients into their employee benefits? Check out this great article from our partner, United Benefit Advisors (UBA) about the risk associated with online enrollment by Elizabeth Kay.

Online enrollment platforms are great, but communication and understanding are terribly important for the end-user.

I always say, "technology is great, when it works." Online enrollment platforms have been around for years, and the technology that powers them has grown and advanced at an exponential rate. Who would have guessed that we would be enrolling in our employee benefits directly from our own phones and tablets, without being given the huge enrollment packets from HR?

In this virtual communication age, you can't take the “human” out of Human Resources, and you can't take the confusion out of insurance benefits just because you wrap it in a nice, pretty website with fancy graphics and videos.

An employee's health concerns and needs are as diverse and different as hair colors are at Comic Con, so while a brief overview of plan details is fine for one person, someone else wants to know how many physical therapy visits they can have in a year, or if their child's insulin pump will be covered on their plan.

A simple online enrollment platform does not always meet the needs of all employees, and not all platforms will offer the level of detail some will require. Aside from posting the evidence of coverage, or insurance contract, at a place that is easily found on the portal, there may not be a way to achieve that level of detail. However, even for those that don't need that level of detail, critical information must be communicated easily and effectively.

Costly mistakes can be made when benefits are not communicated effectively, or when important information is simply omitted. For example, since the Patient Protection and Affordable Care Act (ACA) was implemented, some employers have opted to offer minimum value plans (MVPs), or plans that cover very few procedures such as office visits, preventive care, and hospital room and board, but they do not cover a wide range of other services such as ambulance, surgery, medical devices, physical or occupational therapy, etc.

When an employee sees a number of choices or plans from which to choose, they will likely compare the various plan options by looking at the carrier, if the plans are HMOs or PPOs, and the cost. From there, an employee may look at the office copays, deductibles, prescription drug costs, and coinsurance.

If the comparison shows MVP plans as well as traditional health plans, but does not call out in big, bold letters, all of the items the MVP plan does not cover, one could come away with the understanding that if they choose the MVP plan, they are selecting a plan that is a comprehensive insurance plan just like the other plans shown, or like they have had in the past.

Most of us don't read our car insurance policy in detail until we get in an accident and the insurance adjustor says, "sorry, your policy does not cover that." The same is usually true for our health insurance plans.

You could argue that it is the responsibility of the employee to verify that the plan they are choosing meets all of their needs, certainly. But if that information is not easy to locate, you could find fault with the employer, or insurance carrier, if there were to be a problem. Furthermore, an employer would want to show their employees that they want to take care of them, and not set them up for failure in the event of a crisis.

Let's walk through a scenario. An employee named "Joe" is 28, and is enrolling in his company's health plans during open enrollment. His company recently merged with another larger company, and so the benefits being offered are slightly different, but look pretty close to what they had been last year. There are four plans offered, two that are HMO plans with Kaiser and two that are PPO plans, one is labeled Silver, the other Gold.

Joe is young and single, and when he was living at home with his parents, he had never had Kaiser and always traditionally had PPO coverage. Last year, Joe enrolled in the Silver PPO plan so he could continue to see the doctors that had been managing his care for all of his adult life, so he elects the same plan this year. The online system shows a $250 deductible, $40 office visit copay, and 30% coinsurance. In addition, the Kaiser premiums have gone up considerably from what he remembered them to be last year, and are higher than the PPO plan options, so he feels comfortable that he has made the choice that is best for him.

Later in the year, he comes down with a bad cold. The pressure in his head that is caused by the cold is so severe that when he sneezed, he blew out his right ear drum. He goes to the doctor, and his doctor orders a CT scan of his ear. The CT scan shows he has perforated his ear drum and will need surgery to repair it. The surgery is scheduled for two weeks after that. He contacts the hospital and surgeon to confirm they are contracted, in-network providers under his health plan, and asks them to do a pre-determination of benefits so he will know up front how much he should expect to pay as his 30% of the cost of the procedure.

While waiting for the surgeon and hospital to get back to him regarding the out-of-pocket costs, he receives the bill for the CT scan and explanation of benefits from his doctor for the office visit and CT scan. They show his office copayment that he paid at the time of service, and his $250 deductible, plus 30% of the remaining cost of the CT scan, which came out to a total of $500. He pays the bills and continues to work even though he is in extreme discomfort from his right ear.

The surgeon and hospital both get back to him and let him know the surgery itself will cost approximately $20,000 because his plan does not cover surgery, period. Joe is not an executive in a large company; he does not have the money to pay for a $20,000 surgery and also afford to take three weeks off of work in order for him to recover. So, what is he to do?

He can't enroll in another plan offered by his employer for another nine months when they go through open enrollment again. It is March, so he has missed the state Exchange open enrollment window, and he has not experienced an involuntary loss of coverage that would enable him to enroll in a state Exchange plan. If he were to purchase a short-term, comprehensive medical plan it won't cover any pre-existing conditions, which his perforated ear drum would certainly be considered. So, unless he gets married and enrolls on his new spouse's plan if they were offered one by their employer, he is out of options. He will simply have to wait until open enrollment next year.

How do you think Joe is feeling about his employer right now? Do you think he is counting his blessings that he only ruptured his ear drum and was not diagnosed with cancer that needed to be removed before it spread any further? Or is he going to be using a few choice words to describe an employer that offers a medical plan to its employees that has a longer list of services not covered than are covered? I can't say that I know for sure, but I can guess.

Now, the question becomes how does an employer prevent their employees from running into these kinds of pitfalls? It comes down to clear communication—multiple forms of communication that are easily accessible to employees and their family members that may also play a role in making plan decisions. Having someone to partner with your company, such as a UBA Partner Firm that will not only help you develop long-term plan strategies for your employee benefits package, but can be an integral part of developing and implementing online systems, hard copy communications, and give you access to tools such as smartphone applications that not only give employees access to essential information, but also push out important communications that contain relevant information at the appropriate times like open enrollment. Making plan details easily accessible in the online platform, with clear and bold statements if there are essential benefits that are not covered on the plan such as a warning, should be clearly stated so that employees are well informed.

An ounce of prevention is worth a pound of cure. Insurance is a complicated business and you, as an employer, would not want to make decisions about the health care you offer your employees without someone to guide you through the various options and possibilities. As responsible employers, our employees should not have to either.

See the original article Here.

Source:

Kay E. (2017 May 2). The pitfalls of online enrollment systems [Web blog post]. Retrieved from address http://blog.ubabenefits.com/the-pitfalls-of-online-enrollment-systems


Is Social Media Putting Employees’ Health, Safety at Risk?

Do your employees know about all of the risks that can come from their social media? Find out how social media can affect your employee's safety and health in this article from Employee Benefit News by Jill Hazan.

The issue of personal online safety has finally crossed over into the healthcare arena — and employers need to step up and learn to best educate employees about keeping them safe.

A recent article in the Journal of the American Medical Association Pediatrics, “Parental Sharing on the Internet: Child Privacy in the Age of Social Media and the Pediatrician’s Role,” highlights how parents who post information about their children on social media put them at greater risk for identity theft. In addition, this trend toward oversharing compromises a child’s protected health information. What might happen when that child applies for a job in the future and a simple internet search reveals health information she would not want an employer to know?

While HIPAA protects the confidentiality of an individual’s medical records, it doesn’t provide comprehensive protections outside the healthcare environment. The laws around the privacy rights of children relative to their parents’ online disclosures are still evolving. The article recommends that pediatricians ask parents about their social media habits to help keep children safe and their data private. It is a natural extension that all primary care providers should be asking patients about social media behaviors, as the issues of identity theft and data privacy are relevant to children and adults alike.
This recommendation is increasingly significant from an employee benefit perspective.

So what should employers do?

Employers routinely provide healthcare benefits to employees. If health plans and physicians are acknowledging and addressing the risks of social media from a privacy and security perspective, shouldn’t employers extend that focus into the workplace? With the continued employer emphasis on wellness, it is incumbent on health plans and employers alike to educate employees on online security and the risks of identity theft.

 

There are a variety of resources and benefits that employers can access to assist employees in navigating the online world safely. A series of well-structured, engaging seminars on identity theft and online security that combine real-life stories with actionable advice are effective in educating employees and changing behaviors. Online tutorials, like those provided by the Center for Identity at the University of Texas, Austin, can guide employees on setting proper privacy settings on social media sites, such as Facebook, Twitter, LinkedIn and Pinterest.

Identity theft protection plans provide monitoring and restoration services, as well as education to help keep employees and their families secure. EAPs may provide guidance on identity theft and counseling for victims. Comprehensive legal benefit plans provide legal advice and representation for victims of identity theft. Employers may also provide employees access to online data protection tools for use at work and home with features that encrypt communication and block malware and phishing attempts.

Employees need to understand how to navigate the social media and online environment to keep their families safe. Identity theft of a family member affects more than just one person. It can register an emotional, physical and financial toll on the entire family. Employers need to structure a comprehensive approach to managing the health and wellness of employees as it relates to their online behaviors. A program with a combination of employee benefits, from healthcare to identity theft protection benefits, supplemented by onsite employee education, will support the goals of the health plan and, ultimately, the organization’s overall business objectives.

See the original article Here.

Source:

Hazan J. (2017 May 1). Is social media putting employees' health, safety at risk? [Web blog post]. Retrieved from address https://www.benefitnews.com/opinion/is-social-media-putting-employees-health-safety-at-risk?feed=00000152-18a4-d58e-ad5a-99fc032b0000


7 Questions to Ensure Successful Benefit Technology Purchases

Do you need help figuring out your technology needs for an employee benefits program? Check out this interesting article from Employee Benefit Adviser about which technology you will need for your employee benefits program by Veer Gidwaney.

From quality to data integration, there are many factors to consider when purchasing benefit administration technology. With employers increasing turning to their adviser for guidance, here are some key questions advisers should make sure their client’s tech acquisition teams can answer:

1) How will you ensure data quality is maintained during the migration to the new system? Be it a mistyped entry, or incomplete form, errors are bound to happen in open enrollment, and if they’re not caught during implementation process, errors can go unnoticed for months or longer. This means inaccuracies in carrier files, delays in enrollment processing, and additional back-and-forth between you and your client or the carrier.

Don’t rely on human eyes to scan spreadsheets for potential errors, it’s 2017. Before you take the plunge with a technology partner, understand their data validation and backup data quality check processes to catch and correct errors before they’re entered into your system of record.

2) Will this technology require a printer or a fax machine for my team or my clients?

No benefits or HR platform should require any manual paperwork. It’s time-consuming, and more prone to human error, yet many benefits systems still rely on paper-based processes to run an enrollment or onboard an employee. Take a stand, for your team, your clients, and their employees.

Make sure you see a demo of the onboarding and enrollment process from start to finish before partnering with a technology platform, and expect employees and HR to demand the same expectations based on interacting with any other technology experience in their lives, at home or work. Does it look and feel like a modern experience? Is buying insurance as intuitive as any e-commerce experience an employee would be used to? If not, keep looking.

3) Is EDI with insurance carriers “full-service” or “self-service”?

Managing electronic data integrations (EDI) with carriers is complex and time-consuming, but something that many employers expect to have up and running smoothly to manage eligibility and enrollment ongoing. Any benefits administration technology that requires your team to set up their own EDI files, or interface directly with the carrier is sucking up unnecessary time and resources, and you must factor that time into the cost of partnership.

4) How does the platform partner with insurance carriers and other third-party vendors to make offering and managing benefits easier?

Insurance carriers aren’t going anywhere, so choosing a system that has advantageous relationships and deep integrations with your favorite carriers will save time and money in the long run, for both you and your clients.

Depending on the type of relationship a technology vendor has with the carriers you work with, that could mean internal efficiencies and cost savings like free EDI, automated eligibility management, and low minimum participation requirements on voluntary benefit products. Montoya & Associates has actually been able to streamline standard benefit offerings based on the Maxwell Health Marketplace, which makes implementations faster and easier for their team. Don’t take my word for it: check out a case study, in their own words.

5) How does the platform make it more efficient to manage ongoing employee changes throughout the year?

Routine qualifying life events such as marriage or birth of a child shouldn’t require hours of administrative work for you or your clients. While it’s tempting to ‘check the box’ with low-cost point solutions that handle only eligibility, or quoting, or enrollment, it’s important to consider the cost of wasted hours and the impact that disjointed processes will have on your clients’ experience.

Solving interconnected problems with disparate point solutions will result in disjointed processes, multiple data entry points, and client frustration. Look for solutions that manage all of that data in one place, both during enrollment and year-round.

6) How many team members are typically dedicated full-time to making the platform work at scale? If you have to hire additional full-time team members to complete tasks that could (and should) be automated or streamlined with technology (like EDI, enrollment paperwork, etc.), you should factor that into your decision from a financial perspective.

Implementing technology should streamline processes for your team in addition to your clients. Ask for references on how current clients have made the tool successful, and dig into the processes that any potential technology partner might help you solve to uncover the manual work that might hide below the surface.

7) What sort of technical and implementation support is available? Training on any new process is a time-consuming process that may require some hand-holding. Your technology partner is an extension of your brand and your company, so you need to make sure that they set up both you and your clients for success, initially and throughout the year. Ask about their support structure, and what resources are available to both you and your clients.

Both HR teams and employees should have tools to solve problems on their own, with the ability to get in touch with a live person for technical questions if needed. Certain technology platforms prioritize broker support at the expense of support for HR and employees, or might provide support during initial setup, and charge for support throughout the year. This often results in more time-consuming implementations than necessary and frustration at being unsure of what to do next or how to resolve any issues.

See the original article Here.

Source:

Gidwaney V. (Date). 7 questions to ensure successful benefit technology purchases [Web blog post]. Retrieved from address https://www.employeebenefitadviser.com/opinion/6-questions-to-ask-to-avoid-hidden-benefit-technology-costs


The Killjoy of Office Culture

One of the latest things trending right now in business is the importance of office culture. When everyone in the office is working well together, productivity rises and efficiency increases. Naturally, the opposite is true when employees do not work well together and the corporate culture suffers. So, what are these barriers and what can you do to avoid them?

According to an article titled, “8 ways to ruin an office culture,” in Employee Benefit News, the ways to kill corporate culture may seem intuitive, but that doesn’t mean they still don’t happen. Here’s what organizations SHOULD do to improve their corporate culture.

Provide positive employee feedback. While it’s easy to criticize, and pointing out employees’ mistakes can often help them learn to not repeat them, it’s just as important to recognize success and praise an employee for a job well done. An “attaboy/attagirl” can really boost someone’s spirits and let them know their work is appreciated.

Give credit where credit is due. If an assistant had the bright idea, if a subordinate did all the work, or if a consultant discovered the solution to a problem, then he or she should be publicly acknowledged for it. It doesn’t matter who supervised these people, to the victor go the spoils. If someone had the guts to speak up, then he or she should get the glory. Theft is wrong, and it’s just as wrong when you take someone’s idea, or hard work, and claim it as your own.

Similarly, listen to all ideas from all levels within the company. Every employee, regardless of their position on the corporate ladder, likes to feel that their contributions matter. From the C-suite, all the way down to the interns, a genuinely good idea is always worth investigating regardless of whether the person who submitted the idea has an Ivy League degree or not. Furthermore, sometimes it takes a different perspective – like one from an employee on a different management/subordinate level – to see the best way to resolve an issue.

Foster teamwork because many hands make light work. Or, as I like to say, competition breeds contempt. You compete to get your job, you compete externally against other companies, and you may even compete against your peers for an award. You shouldn’t have to compete with your own co-workers. The winner of that competition may not necessarily be the best person and it will often have negative consequences in terms of trust.

Get rid of unproductive employees. One way to stifle innovation and hurt morale is by having an employee who doesn’t do any work while everyone else is either picking up the slack, or covering for that person’s duties. Sometimes it’s necessary to prune the branches.

Let employees have their privacy – especially on social media. As long as an employee isn’t conducting personal business on company time, there shouldn’t be anything wrong with an employee updating their social media accounts when they’re “off the clock.” In addition, as long as employees aren’t divulging company secrets, or providing other corporate commentary that runs afoul of local, state, or federal laws, then there’s no reason to monitor what they post.

Promote a healthy work-life balance. Yes, employees have families, they get sick, or they just need time away from the workplace to de-stress. And while there will always be times when extra hours are needed to finish a project, it shouldn’t be standard operating procedure at a company to insist that employees sacrifice their time.

 

 


U.S Aftermath of WannaCry Ransomware Yet to be Seen

The WannaCry ransomware that has spread across 150 countries since Friday has appeared to slow down, but employees starting the workweek should be careful, as the effects in the United States are yet to be determined.

WannaCry locks users out of their computers by exploiting a vulnerability in outdated versions of Mircosoft Windows. It then demands money from users who want to regain control of their data. The ransomware initially requests around $300, and if no payment is made, threatens to double the amount after three days and delete files within seven days. Once it infects one computer, it can spread to every computer in that network within seconds.

According to Elliptic- a London startup that helps law enforcement agencies track criminals-around $50,000 worth of bitcoin payments have been made to the hackers as of Monday morning.

Countries Affected in First Few Hours of Cyber Attack

  • United States- Fedex
  • United Kingdom- The National Health Service
  • Russia- The Ministry of Internal Affairs
  • France- Renault
  • Spain- Telefonica
  • China- Universities and gas stations
  • Japan- Hitachi

Nobody knows who is behind the attack, but Europol is working on a decrypting tool. Many firms hired experts over the weekend to prevent new infections, which seems to have worked in Europe, so far.

After the initial discovery of the WannaCry ransomware, Mircosoft issued a warning to the U.S. government concerning its data-storing practices. Mircosoft claimed that the tool used in the WannaCry cyber attack was developed by the U.S. National Security Agency and was stolen by hackers. Microsoft released a Windows security update in March to tackle the problem exposed by the latest attack, but many users haven't run the update yet.

Precautions

Some experts recommend that you should not pay the ransomware if you've been hacked. Even if there is a way to determine if you've paid the ransom, there is no guarantee that the hackers will return the files to you unharmed, if returned at all. Experts also recommend you take the following precautions:

  • Update your network if you haven't yet.
  • Turn on auto-updaters, if available.
  • Don't click on links that you do not recognize.
  • Don't download files from people you don't know.
  • Back up your documents regularly.

Hierl Insurance Inc. will continue to monitor the situation. Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.


Yes, Boss/HR/Your Honor, That's My Email

Ever hear of the acronym “CLEM”? That stands for career-limiting email and is a reminder to reconsider sending anything out in writing when a phone call may be the better option. If you have to think twice about hitting that send button, then you shouldn’t hit it.

In an article titled, “For God's Sake, Think Before You Email” on the website of Workforce, it says that unlike diamonds, email messages aren't forever, but they are pretty darn close. Remember that whatever you say in an email – and I mean anything in electronic text – could come back to haunt you because there’s always a trail. By electronic text, I mean email, mobile text, social media post, etc.

Everything from tasteless humor, opinions about a boss, employee, or the company, and definitely an angry reply or threat of violence should be an instant no-no. You can’t put the genie back in the bottle once it’s out and don’t assume that an email to a close friend or confidant is private because even if that person doesn’t forward it, there’s always a record somewhere of that email. Furthermore, you can’t always recall, or “unsend” an email.

You’d hate to have to explain to your boss, HR representative, or even a judge and jury why you sent that email or posted that message. You don’t just run the risk of losing your reputation, but also your job, and potentially being sued, or even going to jail. These are not pleasant prospects over a seemingly innocent email. Which is why you must review your electronic messages with a discerning eye.

Emails and social media posts have become commonplace and the norm for communications. Yet, despite the ease in which you can send them, you must be aware that the freedom of speech doesn’t mean freedom from consequences.


Automatic for the People

Great article from our partner, United Benefit Advisors (UBA) by Bill Olson

With apologies to the band R.E.M., this article is not about their music, nor their album, but about how automatic enrollment has significantly helped people. Think of all the payments you currently have automated. You probably have automatic deposit of your paycheck, automatic bill pay for your utilities and other monthly bills, and maybe even a recurring automatic payment and delivery of pet food from Amazon. Now, think of something that’s important that you wish you could automate. This is not the time to mention your daily fix of Starbucks, but about saving enough money for retirement.

There are families that have a similar system where they placed a large jar in the kitchen. Everyone, kids included, would put their spare change in the jar every day. At the end of the month, the family would use that accumulated money in a fun way. An article titled, “Automation Making Huge Retirement Plan Impact,” in Employee Benefit News references how a defined contribution plan provides an excellent way for employees to seamlessly save money for retirement. As employees started joining the plan, with a typical contribution of 10 percent or higher, including employer matching, participation increased nearly 20 percent in the company’s retirement benefit according to the article. This was up more than seven percent from just five years ago. Looking at this by generation, millennials are used to automation and, consequently, are reaping huge rewards from this type of plan.

However, all age groups benefit and a company can modify the plan to increase participation. For example, if a company has a matching rate of 50 cents on the first three percent to 25 cents on the first six percent, it automatically gets employees saving an additional three percent they wouldn’t normally save. Another way is to have annual automatic increases in contributions. A bump of a percentage point every year up to a maximum rate will help employees the earlier they start.

Of course, there should always be an opt-out option for people who don’t want to have the contribution rate increased, have a separate retirement plan, or simply don’t want to save using the company plan.

See the original article Here.

Source:

Olson B. (2017 March 28). Automatic for the people [Web blog post]. Retrieved from address http://blog.ubabenefits.com/automatic-for-the-people


Protect Yourself From Cyber Attacks

“My advice is to do all you can from a risk management standpoint but you also need insurance because you never know what can happen.” - Cathleen Christensen, Vice President of Property and Casualty

VP, Property & Casualty

In today’s world, a day does not pass without a large company being featured on the news because they are suffering from a data breach or hacking incident that has threatened personal information.

Cyber security is a concept that has become a high priority in the past five years. Since this issue is fairly new, demand for cyber insurance is emerging, since most cyber related claims are currently not covered under a standard insurance program. The questions that arise the most regarding cyber security and liability are about understanding the level of exposure a company’s data faces and knowing what cyber coverage encompasses.

Large companies are not the only ones at risk, it is often small businesses that are most vulnerable simply because they are not prepared. Most small (under 250 employees) businesses do not have the IT staff necessary to help protect a business. Even manufacturing companies are at risk because while credit card information is a large component, it is not the only type of attack. Can you afford the risk of not protecting your employee, client and company data?

With 10+ years of experience addressing cyber risks, Hierl’s process of approaching cyber security begins with an assessment of a client’s risk and exposure. This involves knowing what data a client has, who has access to it, how it’s stored and how they are backing it up. Hierl can expertly evaluate the coverage that is necessary to keep an organization secure.

Because it is an emerging coverage, cyber insurance plans are not standard. Hierl advises a three-fold type of coverage including:

  1. Business coverage for customers and employees
  2. Protection for your company and the data it houses
  3. PR assistance if a security breach occurs

The best policies offer assistance to help you to work through things if something was to ever happen, as well as forensic and technical assistance to determine how the breach occurred.

“Many organizations that have suffered cyber-crime are sophisticated, big businesses. If they can’t stop these attacks from happening, most other businesses can’t either.”

If it is determined quickly that a breach has happened and a good backup exists a company can recover quickly and the attack is much less damaging. However, when a company’s data gets out in the wild is when attacks become most expensive.

The 2016 Ponemon Institute Cost of Data Breach study reported that the average cost of a lost record rose from $154 in 2015 to $158 in 2016. Even if, you only have 20 employees now and that doesn’t seem all that bad...you need to think about how many employee records do you have from the past 10 years? Cyber-attacks don’t just affect current records nor do they only target employee data but client and company data too. This type of insurance is becoming a must have coverage for businesses because of how sophisticated these attacks have become

Three reasons to explore cyber coverage for your business:

  1. There is a higher incidence of cyber crime
  2. The longer it takes to detect and contain a data breach, the costlier it becomes
  3. Effects of a cyber-attack extend beyond monetary and data losses to losing business and customers

To download the full article click Here.