U.S Aftermath of WannaCry Ransomware Yet to be Seen

The WannaCry ransomware that has spread across 150 countries since Friday has appeared to slow down, but employees starting the workweek should be careful, as the effects in the United States are yet to be determined.

WannaCry locks users out of their computers by exploiting a vulnerability in outdated versions of Mircosoft Windows. It then demands money from users who want to regain control of their data. The ransomware initially requests around $300, and if no payment is made, threatens to double the amount after three days and delete files within seven days. Once it infects one computer, it can spread to every computer in that network within seconds.

According to Elliptic- a London startup that helps law enforcement agencies track criminals-around $50,000 worth of bitcoin payments have been made to the hackers as of Monday morning.

Countries Affected in First Few Hours of Cyber Attack

  • United States- Fedex
  • United Kingdom- The National Health Service
  • Russia- The Ministry of Internal Affairs
  • France- Renault
  • Spain- Telefonica
  • China- Universities and gas stations
  • Japan- Hitachi

Nobody knows who is behind the attack, but Europol is working on a decrypting tool. Many firms hired experts over the weekend to prevent new infections, which seems to have worked in Europe, so far.

After the initial discovery of the WannaCry ransomware, Mircosoft issued a warning to the U.S. government concerning its data-storing practices. Mircosoft claimed that the tool used in the WannaCry cyber attack was developed by the U.S. National Security Agency and was stolen by hackers. Microsoft released a Windows security update in March to tackle the problem exposed by the latest attack, but many users haven't run the update yet.

Precautions

Some experts recommend that you should not pay the ransomware if you've been hacked. Even if there is a way to determine if you've paid the ransom, there is no guarantee that the hackers will return the files to you unharmed, if returned at all. Experts also recommend you take the following precautions:

  • Update your network if you haven't yet.
  • Turn on auto-updaters, if available.
  • Don't click on links that you do not recognize.
  • Don't download files from people you don't know.
  • Back up your documents regularly.

Hierl Insurance Inc. will continue to monitor the situation. Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.


Yes, Boss/HR/Your Honor, That's My Email

Ever hear of the acronym “CLEM”? That stands for career-limiting email and is a reminder to reconsider sending anything out in writing when a phone call may be the better option. If you have to think twice about hitting that send button, then you shouldn’t hit it.

In an article titled, “For God's Sake, Think Before You Email” on the website of Workforce, it says that unlike diamonds, email messages aren't forever, but they are pretty darn close. Remember that whatever you say in an email – and I mean anything in electronic text – could come back to haunt you because there’s always a trail. By electronic text, I mean email, mobile text, social media post, etc.

Everything from tasteless humor, opinions about a boss, employee, or the company, and definitely an angry reply or threat of violence should be an instant no-no. You can’t put the genie back in the bottle once it’s out and don’t assume that an email to a close friend or confidant is private because even if that person doesn’t forward it, there’s always a record somewhere of that email. Furthermore, you can’t always recall, or “unsend” an email.

You’d hate to have to explain to your boss, HR representative, or even a judge and jury why you sent that email or posted that message. You don’t just run the risk of losing your reputation, but also your job, and potentially being sued, or even going to jail. These are not pleasant prospects over a seemingly innocent email. Which is why you must review your electronic messages with a discerning eye.

Emails and social media posts have become commonplace and the norm for communications. Yet, despite the ease in which you can send them, you must be aware that the freedom of speech doesn’t mean freedom from consequences.


Don't Put Up with the Bull of Bullying

There’s no place for bullying and that’s especially true in the workplace, yet many employees bully their co-workers. So, how does this happen? It used to be that bullying was confined to the schoolyard, but now it’s spread to cyberbullying and workplace bullying. Now, if there’s a culture of bullying at an organization, often it’s repeated as people climb the corporate ladder even though they were bullied themselves when they held lower positions.

An article on the website Human Resource Executive Online titled, “How to Bully-proof the Workplace,” says that “80 percent of bullying is done by people who have a position of power over other people.” Let that number sink in. That means four out of five people in positions of power will bully their subordinates.

One possible reason for the high number is that bullying may be difficult to identify and the person doing the bullying may not even realize it. Either the bully, or the victim, could view the action as teasing, or workplace banter. However, when one person is continually picked on, then that person is being bullied. Likewise, if a manager picks on all of his or her subordinates, then that person is a bully.

It’s important for organizations to have policies in place to thwart bullying and not just for the toll it takes on employees. It also begins to affect productivity. Those being bullied often feel like their work doesn’t matter and their abilities are insufficient. Worse is that bullies tend to resent talented people as they’re perceived as a threat. So, bullies tend to manipulate opinions about that employee in order to keep them from being promoted.

Eventually, talented employees decide to work elsewhere, leaving the employer spending time and money to find a replacement. But the bully doesn’t care. It just means they get to apply their old tricks on someone who isn’t used to them.

At some point, someone will fight back. Not physically, of course, but through documentation. An employee who is being bullied should immediately document any and all occurrences of workplace bullying and then present those documents to someone in HR. Most likely, this will result in identification of the bullying, stoppage of it, counseling for both the bully and the victim, and, if not already enacted, policies to prevent it from happening again.


Are you ready for Pizza Night?

Our May Dish is brought to you by our very own Tonya Bahr

With her passion for educating employees and business owners on benefit options, Tonya is expertly suited as a Benefits Advisor here at Hierl.

Outside of work, Tonya is kept busy with her three children and their various extracurricular and athletic activities, including: basketball, soccer, football, track, dance and cheerleading. Like her children, Tonya leads an active lifestyle with activities such as: running, hiking, biking, working out and playing tennis. She also has a competitive streak! Challenge her to a round of bowling or even your favorite card game and have a good time!

When she isn't running all over the place,  Tonya favors two restaurants that feature dishes as appetizing as their dining atmospheres! Ruth's Chris Steak House and RED Sushi are places you HAVE to try at least once.

At home, Friday nights come with a family tradition: pizza night! Sausage pizza, to be exact.

"We put a blanket down on the living room floor and create a picnic while watching a movie. We're not picky about our pizza! Sometimes it's homemade, sometimes it's delivered, and sometimes it's frozen from the freezer.

Everyone takes turns picking the movie for the week. It's a great family tradition we've been doing for years and I hope my kids will continue it, or perhaps a healthier variation, with their families in the future."

Whether you decide to head to one of the local fine dining establishments or relax at home with a pizza and a movie, you're sure to have a great time! Thanks Tonya! Save us a slice of pizza!

 


HR Pros Were Relieved When Obamacare Replacement Bill Got Pulled

Find out how HR professionals really felt about the fall of the AHCA in this great article from HR Morning by Tim Gould.

Everybody knows that the GOP’s attempt to repeal and replace Obamacare came to a rather ignominious end. But how did the HR community feel about that outcome?  

HR powerhouse Mercer addressed that question in a recent webcast, and the results were eye-opening.

Here are some stats from the webcast, which asked a couple key questions of 509 benefits pros.

On how they felt about the American Health Care Act being pulled:

  • Very relieved it didn’t pass — 24%
  • Relieved it didn’t pass — 32%
  • Very disappointed it didn’t pass — 5%
  • Disappointed it didn’t pass — 16%, and
  • No opinion — 23%.

So (utilizing our super-sharp math skills here) considerably more than half of the participants were not in favor of the AHCA, while just slightly more than one in five were disappointed it was shot down. Looks like Obamacare isn’t as deeply disliked as we’ve been led to believe — at least with benefits pros.

Mercer also asked participants to rate priorities for improving current healthcare law — using 5 as the top rating and 1 as the lowest. Those results:

  • Reduce pharmacy costs — 4.4
  • Improve price transparency for medical services/devices — 4.1
  • Stabilize individual market — 4.0
  • Maintain Medicaid funding — 4.0, and
  • Invest more in population health and health education — 3.7.

Perspective? As Beth Umland wrote on the Mercer blog, “Policymakers should view this health reform ‘reboot’ as an opportunity to partner with American businesses to drive higher quality, lower costs, and better outcomes for all Americans.”

A glance back

In case you’ve been hiding in a cave somewhere for the past several months, here’s a quick recap of the fate of the American Health Care Act.

Why did the AHCA fail, despite Republicans controlling the House, Senate and White House?

The answer starts with the fact that the GOP didn’t have the 60 seats in the Senate to avoid a filibuster by the Democrats. In other words, despite being the majority party, it didn’t have enough votes to pass a broad ACA repeal bill outright.

As a result, Senate Republicans had to use a process known as reconciliation to attempt to reshape the ACA. Reconciliation is a process that allows for the passage of budget bills with 51 votes instead of 60. So the GOP could vote on budgetary pieces of the health law, without giving the Democrats a chance to filibuster.

The problem for Republicans was reconciliation severely limited the extent to which they could reshape the law — and it’s a big reason the why American Health Care Act looked, at least to some, like “Obamacare Lite.”

Ultimately, what caused Trump and Ryan to decide to pull the bill before the House had a chance to vote on it was that so many House Republicans voiced displeasure with the bill and said they wouldn’t vote for it.

Specifically, here are some of what conservatives didn’t like about the American Health Care Act:

  • it largely left a lot of the ACA’s “entitlements” intact — like government aid for purchasing insurance
  • it didn’t do enough to curtail the ACA’s expansion of Medicaid
  • too many of the ACA’s insurance coverage mandates would remain in place
  • the Congressional Budget Office estimated that the bill would result in some 24 million Americans losing insurance within the next decade, and
  • it didn’t do enough to drive down the cost of insurance coverage in general.

See the original article Here.

Source:

Gould T. (2017 April 14). Hr pros were relieved when obamacare replacement bill got pulled Ob[Web blog post]. Retrieved from address http://www.hrmorning.com/hr-pros-were-relieved-when-obamacare-replacement-bill-got-pulled-off-the-table/


An Employer’s Guide to Navigating the ACA’s Strong Headwinds

Great article from our partner, United Benefit Advisors (UBA) by Michael Weiskirch.

One might describe the series of events leading to the death of the American Health Care Act (Congress’s bill to repeal and replace the Affordable Care Act) as something like a ballistic missile exploding at launch. The Patient Protection and Affordable Care Act (ACA) repeal debate began nearly a decade ago with former President Barack Obama’s first day in office and reemerged as a serious topic during the 2016 presidential election. Even following the retraction of the House bill, repeal of the ACA remains a possibility as the politicians consider alternatives to the recent bill. The possibility of pending legislation has caused some clients to question the need to complete their obligation for ACA reporting on a timely basis this year. The legislative process has produced a great deal of uncertainty which is one thing employers do not like, especially during the busy year end.

While the “repeal and replace” activity is continuing, it is imperative that employers and their brokers put their noses to the grindstone to fulfill all required reporting requirements. To accomplish this, employers will need brokers that can effectively guide them through this tumultuous season. We recommend that employers ask their brokers about their strategies for

  • Implementing the employer shared responsibility reporting
  • Sending all necessary forms to the employer’s employees
  • Submitting the employer’s reporting to the IRS
  • Closing out the employer’s 2016 filing season

Employers should also inquire about any additional support that the broker provides. They should provide many of the services that we at Health Cost Manager provide to our clients: They should apprise their clients of the latest legislative updates through regular email communication and informational webinars. Brokers should also bring in experts in the field that have interacted with key stakeholders in Washington. And most important, they should remain available during this uncertain period to answer any questions or concerns from clients.

We know employers would prefer not to have to comply with these reporting obligations – many have directly told us so. We understand this requires additional work on their part to gather information for the reporting and increased compliance responsibility. Knowing how stressful the reporting season can be for employers, brokers should go out of their way to help their clients feel confident that they can steer through the reporting process smoothly. The broker’s role should be to take as much of the burden off the employer’s shoulders as possible to enable them to reach compliance in the most expedient manner possible. Sometimes this involves stepping in to solve data or other technical issues, or answering a compliance-related question that helps the client make important decisions. It’s all part of helping employers navigate through the ACA’s strong headwinds during these uncertain times.

Audit-proof your company with UBA’s latest white paper: Don’t Roll the Dice on Department of Labor Audits. This free resource offers valuable information about how to prepare for an audit, the best way to acclimate staff to the audit process, and the most important elements of complying with requests.

See the original article Here.

Source:

Weiskirch M. (2017 April 13). An employer's guide to navigating the ACA's strong headwinds [Web blog post]. Retrieved from address http://blog.ubabenefits.com/an-employers-guide-to-navigating-the-acas-strong-headwinds


Tornado FAQ: Before, During and After the Storm

Are you prepared for a tornado? Check out these great tips from Society Insurnce about what to do to protect yourself and others from the tornado by Shelby Blundell.

“It sounded like a freight train.” This is a common description from those who have experienced one of nature’s most violent phenomena: a tornado. Advances in research and technology have improved identification and measurement of critical elements of super cell storm systems, which makes predicting and identifying the development of a tornado far more effective. However, once the prediction is made or an actual tornado is identified, the responsibility falls on every individual to be prepared to respond appropriately for his or her own safety and well-being.

So, where do you begin? In this blog, I will share frequently asked questions and the answers I have learned through years of education and personal experience. I hold a master’s degree in disaster preparedness and have trained with the National Weather Service Severe Storm Prediction Center, but most importantly, I spent 20 years living in the heart of tornado alley. Let’s get started…

BE AWARE

Does my community have tornado sirens?  What do they sound like?  Can I hear them from my home or business?
It is standard practice for communities to have set days and times for testing tornado warning systems. If you do not know when this is, contact your local police department, emergency management office, or fire department to find out the test schedule. Then, be prepared to participate when the test is scheduled to occur. Make sure you can hear the siren and commit the sound to memory so you know what it means if you hear it again. Help your staff or family to know what this particular siren sound means. Let city officials know if you cannot hear a siren when the test was scheduled to occur; they can identify equipment failures, consider the need for system enhancements, and make appropriate changes to ensure you are properly alerted. Knowing the system test schedule can help you differentiate between a test and a life threatening event.

What is the difference between a tornado watch and a tornado warning?
Tornado WATCH: Be prepared! A tornado watch is issued by NOAA Storm Prediction Center meteorologists who monitor the weather 24/7 across the entire United States for weather conditions that are favorable for tornadoes. A watch area is typically large and can cover parts of a state or several states. A tornado watch means that tornadoes are possible in the area. Keep watch and be prepared for severe weather – and stay tuned to NOAA Weather Radio to know when warnings are issued.

Tornado WARNING: Take action! A tornado warning is issued by your local NOAA National Weather Service Forecast Office meteorologists who monitor the weather 24/7 over a designated area to identify tornados. A warning area is much more targeted and can cover parts of counties or several counties in the path of danger. A tornado warning means that a tornado has been reported by spotters or indicated by radar and there is a serious threat to life and property. Take action and find safe shelter!

Watch this video to learn more about tornado watches and tornado warnings!

HAVE A PLAN

Where do I go? What do I do?
The time to answer these questions is NOT when the storm siren sounds. Have a plan in advance. While tornadoes can happen anytime, according to the National Oceanic and Atmospheric Administration, tornado season runs between May and June in the southern Plains, June and July in the central United States, and earlier in the spring on the Gulf Coast. Even with amazing advances in technology, there may only be minutes – or even seconds – to respond when a tornado begins to develop and warnings are launched.

Am I prepared?
Use this checklist BEFORE you, your staff or your family are in the path of a storm:

  • Equip your business or home with a weather radio so you know when warnings are issued.
  • Identify the safest place to go in your business or home. A professionally-designed and installed storm shelter or safe-room provides the very best protection. Otherwise, the lowest level of the home or business should be used for shelter. Below ground level is always safest during a tornado – go to the basement if you have one.
  • A small room or hallway in the centermost part of the structure provides more walls and protection around you. In a business, this may be the restrooms or storerooms. At home, look to the bathroom; bathtubs are rather strong and provide a good source of shelter.
  • Stay away from all windows if possible! Avoid rooms with windows. And do not open windows! The theory that this will help equalize pressure and reduce damage is a myth and can actually increase the danger.
  • At home, have a “go bag” already prepared with things you might need for this or other emergency situations. A “go bag” can have flashlights, batteries, NOAA weather radio, water, snack bars, and medications – anything you feel you might need when regular life is disrupted and you may be displaced.
  • When sheltering, consider using common items, such as bicycle or motorcycle helmets, ski goggles, heavy coats, blankets, and even bed mattresses to provide additional protection.
  • Conduct tornado drills! Every business should identify where employees and customers will take shelter. Then, once a year employees should walk-through where to go (a drill!). Have an at-home tornado drill, too. Make sure loved ones know where to take shelter at home or on the road!

AFTER THE STORM

Is it safe? What do I do now?
Stay sheltered until you feel certain that the threat has ended. Many times tornadoes dissipate and then suddenly reform, or they may be followed by additional storm threats. Listen to the radio, police or fire officials, or other information sources to make sure it is safe.

  • Check for injuries and apply first aid as needed.
  • Watch out for dangerous debris or downed power lines.
  • Evacuate if directed to do so.
  • Let family, friends, and the authorities know you are safe. Consider using the American Red Cross “Safe and Well” website to help make communication easier.
  • Take photos of damaged property.
  • Consider using tarps to cover damaged areas to prevent further damage from additional rain or wind.
  • Do not go into damaged structures as they may not be structurally safe.

Don’t become complacent!
Always pay attention to the weather forecasts and warning sirens. The media may play up severe weather to grab viewers and over time it may lead to desensitization – but we must pay attention to the dangers. Generally, no location is immune from the possibility of a tornado. Tornadoes can be destructive and deadly, but a little bit of preparedness and a proper response can help minimize your risk of injury.

For more information on tornadoes and severe storms check out the following websites:

https://www.dhs.wisconsin.gov/climate/weather/tornado.htm

http://www.ready.wi.gov/tornado/default.asp

See the original article Here.

Source:

Blundell S. (2017 April 26). Tornado faq: before, during and after the storm [Web blog post]. Retrieved from address http://blog.societyinsurance.com/tornado-faq-storm/


From Boomers to Millennials, Here are Workers’ Top 6 Benefit Needs

Do you know which benefits your employees crave the most? Take a look at this great article from HR Morning about the top employee benefits for each age group by Jared Bilski.

Depending on which demographic they fall into (Baby Boomer, Gen-X, Millennial, etc.), employees have vastly different benefit needs. So why do so many employers offer a one-sized-fits-all benefits package?  

At the 2017 Mid-Sized Retirement & Healthcare Plan Management Conference in Phoenix, AZ, President and CEO of Cowden Associates Inc., Elliot N Dinkin, used the flexibility of the benefits offered through a private exchange as a reason for employers to give the exchange option a serious look.

Private exchanges — like public exchanges — are online marketplaces employers can use to provide coverage to their employees on everything from traditional benefits, like health insurance, to increasingly popular voluntary plans, like life, disability or cancer insurance.

Dinkin also used some compelling research to show just how greatly employees’ benefits needs varied from generation to generation.

Citing stats from a recent LIMRA study, which asked employees to rank their benefit needs, Dinkin laid out the top six responses of workers from 34 and under to employees 65-plus.

It’s worth noting that base pay was the top “need” for each and every employee demographic. The rest of the responses, however, were all over the map.

34 and under

The youngest workers in the study ranked their benefits needs in the following order:

  1. base pay
  2. career opportunities
  3. retirement plan
  4. low healthcare costs
  5. bonus/incentive, and
  6. flexible schedule.

35-49

The mid-life workers prioritized their benefit needs like this:

  1. base pay
  2. retirement plan
  3. low healthcare costs
  4. bonus/incentive
  5. paid time off (PTO), and
  6. flexible schedule.

50-64

Workers entering the latter stage of their careers ranked their benefit needs like this:

  1. base pay
  2. retirement plan
  3. low healthcare costs
  4. bonus/incentive
  5. paid time off (PTO), and
  6. type of work.

65-plus

Older workers tend to place a premium on the type of work they’re doing and the reputation of their employers. Their priorities are as follows:

  • base pay
  • retirement plan
  • type of work
  • bonus/incentive
  • low healthcare costs
  • working for a respectable organization.

See the original article Here.

Source:

Jared Bilski (2017 March 31). From boomers to millennials, here are workers' top 6 benefits needs. [Web blog post]. Retrieved from address http://www.hrmorning.com/from-boomers-to-millennials-here-are-workers-top-6-benefit-needs/


Getting the Most Out of an Employee Assistance Program (EAP)

Make sure you are getting the most out of your company's employee assistance program. Take a look at this great article from our partner, United Benefit Advisors (UBA) to see how you can maximize the employee assistance program by Nancy Cannon.

Many employers understand the value of having an Employee Assistance Program (EAP) since the heart and soul of organizations are employees. Employees who are physically and mentally healthy, highly productive, engaged in their work, and loyal to their employer contribute positively to their employer’s bottom line. Fortunately, most employees are positive contributors, yet even the best of employees can occasionally have issues or circumstances arise that may inadvertently impact their jobs in a negative way. Having an EAP in place that can address these issues early may mitigate any negative impact to the workplace. This is a win-win for both employees and employers.

A key component of EAP services lies in “catching things early” by assisting employees and helping them address and resolve issues before they impact the workplace. Most employees will use EAP services on a voluntary, self-referred basis that is completely confidential. Some employers may wonder if services are even being used by employees because it won’t be all that apparent, but most EAPs provide a utilization or usage report that will show the number of people served, and possibly the types of reasons services were requested.

If employee issues do begin to appear in the workplace—related to performance, attendance, behavior, or safety—it is important for managers, supervisors, and human resources to also have access to EAP services. They may wish to consult with an employee assistance professional that can provide guidance and direction leading to problem identification and resolution. These issues have the potential to become very costly for the organization—and again, the earlier they can be addressed, the greater chance of success for both employee and employer, with minimal negative impact to the company’s bottom line.

The key to getting the most out of an EAP is to make it easily accessible to employees, safe to use, and visible enough they remember to use it. It is important that employees understand using the EAP is confidential and their identity will not be disclosed to anyone in their organization. Promoting the EAP services with materials such as flyers, posters, or website information with EAP contact information will also increase the likelihood of employees accessing services

See the original article Here.

Source:

Cannon N. (2017 April 6). Getting the most out of an employee assistance program (EAP) [Web blog post]. Retrieved from address http://blog.ubabenefits.com/getting-the-most-out-of-an-employee-assistance-program-eap


Protect Yourself From Cyber Attacks

“My advice is to do all you can from a risk management standpoint but you also need insurance because you never know what can happen.” - Cathleen Christensen, Vice President of Property and Casualty

VP, Property & Casualty

In today’s world, a day does not pass without a large company being featured on the news because they are suffering from a data breach or hacking incident that has threatened personal information.

Cyber security is a concept that has become a high priority in the past five years. Since this issue is fairly new, demand for cyber insurance is emerging, since most cyber related claims are currently not covered under a standard insurance program. The questions that arise the most regarding cyber security and liability are about understanding the level of exposure a company’s data faces and knowing what cyber coverage encompasses.

Large companies are not the only ones at risk, it is often small businesses that are most vulnerable simply because they are not prepared. Most small (under 250 employees) businesses do not have the IT staff necessary to help protect a business. Even manufacturing companies are at risk because while credit card information is a large component, it is not the only type of attack. Can you afford the risk of not protecting your employee, client and company data?

With 10+ years of experience addressing cyber risks, Hierl’s process of approaching cyber security begins with an assessment of a client’s risk and exposure. This involves knowing what data a client has, who has access to it, how it’s stored and how they are backing it up. Hierl can expertly evaluate the coverage that is necessary to keep an organization secure.

Because it is an emerging coverage, cyber insurance plans are not standard. Hierl advises a three-fold type of coverage including:

  1. Business coverage for customers and employees
  2. Protection for your company and the data it houses
  3. PR assistance if a security breach occurs

The best policies offer assistance to help you to work through things if something was to ever happen, as well as forensic and technical assistance to determine how the breach occurred.

“Many organizations that have suffered cyber-crime are sophisticated, big businesses. If they can’t stop these attacks from happening, most other businesses can’t either.”

If it is determined quickly that a breach has happened and a good backup exists a company can recover quickly and the attack is much less damaging. However, when a company’s data gets out in the wild is when attacks become most expensive.

The 2016 Ponemon Institute Cost of Data Breach study reported that the average cost of a lost record rose from $154 in 2015 to $158 in 2016. Even if, you only have 20 employees now and that doesn’t seem all that bad...you need to think about how many employee records do you have from the past 10 years? Cyber-attacks don’t just affect current records nor do they only target employee data but client and company data too. This type of insurance is becoming a must have coverage for businesses because of how sophisticated these attacks have become

Three reasons to explore cyber coverage for your business:

  1. There is a higher incidence of cyber crime
  2. The longer it takes to detect and contain a data breach, the costlier it becomes
  3. Effects of a cyber-attack extend beyond monetary and data losses to losing business and customers

To download the full article click Here.