Commercial Risk Advisor - October 2019

The Cost of Employee Turnover

High turnover rates can be incredibly costly to an organization, making employee retention vital to success. While established employees can offer valuable insights based on their experiences in the organization, when they leave the organization they take all of that experience with them, forcing resources to be used on finding and training a replacement.

The cost of turnover can be divided into two types: direct and indirect.

  • Direct costs include those tied to replacement costs such as advertising the open position, and interviewing and testing candidates; and the costs of training new hires.
  • Indirect costs include factors that cannot be measured directly but are costly nonetheless, such as lost productivity and knowledge, and lower morale as a result of turnovers.

While the exact cost of each turnover varies, estimates suggest that replacing an employee could cost as high as 200% of the annual salary of that departing employee.

Keeping Turnover Low

Employee turnover is often caused by insufficient employee engagement. While compensation is typically a factor in turnovers, the lack of opportunities to advance and a stressful or otherwise unsatisfactory work environment are also contributing factors. Focus on improving company culture, pay and benefits, and providing a clear path for career development. Offering the ability to submit suggestions and complaints anonymously can encourage otherwise intimidated employees to share their insights.

Additionally, conducting exit interviews with departing employees can offer valuable insight into the exact cause of turnovers and what can be improved to increase employee retention. Any recurring complaints indicate areas for close examination and improvement.

According to the U.S. Department of Labor - slips, trips and falls account for over 95 million lost work days every year.

10 Tips to Avoid Slips, Trips And Falls at Your Workplace

Slips, trips and falls account for a large percentage of workplace accidents. As an employer, it is your responsibility to make certain all of your employees are following proper safety procedures and guidelines set in place by your company to ensure their safety.

Thankfully, there are various actions you and your workers can take to help alleviate workplace injuries caused by slip, trip and fall hazards.

Tips to Avoid Slips, Trip and Fall Hazards

To make sure all of your employees are working in a safe environment—the following 10 tips can help you and your workers minimize slip, trip and fall hazards at your company:

1. Maintain good housekeeping practices. A clean facility is your first line of defense against slips, trips and falls.

2. Require employees to wear the appropriate footwear required for specific job duties (e.g. nonslip, closed toe or  water-resistant).

3. Encourage employees to stay alert while on the job by eliminating any distractions that could cause them to lose focus and overlook a potential hazard.

4.  Place wet floor signs by all spills or wet surfaces to alert workers of a slipping hazard.

5.  Ensure spills are cleaned up immediately after they occur—try instating a cleanup procedure that explains the proper protocol for quickly and effectively cleaning a spill.

6.  Verify that all areas being utilized by employees are well-lit and that lightbulbs are being replaced regularly.

7.  Keep all high-traffic areas free of any objects, spills or debris in order to provide a safe walkway for all employees.

8.  Perform regular maintenance on all flooring, safety rails and stairs to avoid any instability that may lead to an injury.

9.  Assign workers cleanup responsibilities to help minimize various hazards that can accumulate throughout the day.

10.  Conduct regular inspections of your workplace to identify and resolve any slip, trip and fall hazards.

Discuss these tips with your employees to help reduce injuries caused by slips, trips and falls.

A turnover could cost as much as 200% of the annual salary of the departing employee.

Download the Newsletter

A monthly safety newsletter from


Trucking Risk Advisor - October 2019

Proposed Delay to Drug & Alcohol Clearinghouse Won’t Affect Motor Carriers

The Federal Motor Carrier Safety Administration (FMCSA) is asking for input regarding a possible delay for state licensing agencies (SLAs) and the Commercial Driver’s License Drug and Alcohol Clearinghouse (Clearinghouse).

The proposed rule would delay when SLAs would be required to begin requesting information from the Clearinghouse by 3 years. The current start date, along with other parts of the 2016 Clearinghouse final rule, is Jan. 6, 2020. The proposal would affect only SLAs and would push that date back to Jan. 6, 2023.

Why the Wait?

The proposed delay is intended to address concerns regarding the 2016 Clearinghouse final rule, which did not include details about how SLAs should use information that they obtain from the Clearinghouse.

The FMCSA says that pushing the deadline back to 2023 would provide more time for figuring out SLAs’ access to, and use of, driver-specific information from the database.

If approved, states would not be required to perform checks on drivers who are licensed or seeking to be licensed until Jan. 6, 2023. However, beginning on the original Jan. 6, 2020 date, states would be free to request information from the Clearinghouse at their own discretion.

The FMCSA also has future plans for another notice of proposed rulemaking that would address concerns raised by the American Association of Motor Vehicle Administrators about possible operational issues related to states’ roles in the Clearinghouse.

Unchanged for Others

While the proposal would push requirements back for SLAs, the Jan.6, 2020 compliance deadline would remain in effect for CDL holders, motor carriers and employers.

The 2016 Clearinghouse final rule created a national clearinghouse for drug and alcohol testing. In addition, it sets requirements for license holders in regard to reporting violations of drug and alcohol testing regulations. Motor carriers and employers are also required to perform checks with the Clearinghouse during the hiring process of any prospective employees and must also check the database for existing employees’ statuses at least once per year.

The FMCSA says that the new Clearinghouse rule will help make roads safer, and the agency estimates that it will eliminate approximately 900 crashes per year.

Input and opinions on the proposed delay for SLAs will be considered by the FMCSA before the agency releases a final rule. Comments regarding the proposal must be turned in by Oct. 7, 2019, and can be submitted online.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter

Cyber Risks and Liabilities - Fourth Quarter 2019

3 Risks Associated With Removable Media Devices

Portable hard drives, USB flash drives, memory cards and other types of removable media are vital for the quick storage and transportation of data. For many businesses, removable media can be used as backup storage for critical digital files or even free up additional storage space for work computers.

While removable media is easy to use and has many business applications, it isn’t without its share of risks. The following are some considerations to keep in mind when using removable media at your organization:

  • Data security—Because removeable media devices are typically small and easy to transport, they can easily be lost or stolen. In fact, every time you allow an employee to use a USB flash drive or other small storage device, your organization’s critical or sensitive information could fall into the wrong hands. What’s more, even if you encrypt your removable storage devices, you will not be able to recover lost files once the USB flash drive or other device is lost.
  • Malware—Simply put, when employees use removable media devices, they can unknowingly spread malware between devices. This is because malicious software can easily be installed on USB flash drives and other storage devices. In addition, it just takes one infected device to infiltrate your company’s entire network.
  • Media failure—Despite its low cost and convenience, removable media is inherently risky. This is because many devices have short life spans and can fail without warning. As such, if a device fails and your organization doesn’t have the files backed up, you could lose key files and data.

Thankfully, there are ways to mitigate risks associated with removable media. To use these devices effectively while maintaining data security, consider doing the following:

  • Develop a policy for related to removable media use.
  • Install anti-virus software that scans removable media devices.
  • Ensure all removable media devices are encrypted. Passwords to these devices should never be shared.
  • Instruct employees to never use unapproved removable media in a computer.
  • Have employees keep personal and business data separate.
  • Establish a process for wiping all portable media devices when they are no longer needed.

Cloud Computing 101

There are many benefits to adopting cloud computing at your organization, such as reduced IT costs and increased scalability. However, it’s important to note that there are different cloud service and deployment models, each with their own benefits and risks. There is no single type of cloud computing that will work best for everyone, so it’s important to conduct research to determine the right fit for your organization.

Types of Cloud Computing Service Models

There are three distinct cloud computing service models: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS).

The SaaS distribution model provides you with an application that is managed by the service provider and accessible through the internet. As such, SaaS applications need not be installed or updated on individual computers.

The PaaS model allows organizations to safely develop, test and deploy applications without needing to manage the underlying infrastructure. This provides flexibility that allows deployments to scale quickly.

The IaaS model provides organizations with a specified amount of cloud storage space to do with whatever they want. This allows the greatest amount of flexibility, as the organization is responsible for accessing, monitoring and managing their data that is stored in the cloud. In this case, the service provider typically only manages hardware, storage and networking, though other services may be provided at additional costs.

Types of Cloud Deployment Models

Just like with service models, there are various different ways that a cloud can be deployed. This includes a public cloud, which is cost-effective and efficient but means that your data may be stored on the same server as others’. A private cloud, however, allows your organization greater control over infrastructure and computational resources by having them located on private networks.

Lastly, a hybrid cloud combines on-site infrastructure with a cloud environment. This allows organizations to utilize different types of service providers based on what is ideal for each business requirement.

Best Practices for Contracting With Managed Service Providers (MSPs)

While working with a managed service provider (MSP) can be efficient and cost-effective, it’s important to carefully consider the organization that you plan on working with and get a holistic view of its operations and security. Because an MSP has direct access to sensitive systems and information, working with one is not to be taken lightly. While doing so puts your IT infrastructure in the hands of experts, it also comes with its own risks. For example, MSPs may be a target for cyber criminals, as compromising one MSP potentially compromises every organization that it works with.

To help keep your organization’s digital information and resources secure, there are a number of best practices and security considerations to keep in mind when contracting with managed service providers:

  • Perform a detailed risk assessment and enforce associated mitigations before working with a managed service provider. Some considerations include:
    • How a cloud service (if used) is implemented and managed
    • Who has access to data and how it is secured
    • The intended purpose of engaging with the managed service provider
    • Potential challenges that may arise during incident detection and response, such as the managed service provider’s availability during off hours

  • Keep operating systems and software up to date.
  • Ensure that an MSP follows organizational security, privacy and legislative requirements.
  • Find out how closely the MSP adheres to an IT security management framework.
  • Use secure computers with multifactor authentication, strong passwords, few access privileges and encrypted network traffic to administer the cloud service.
  • Do not provide the MSP with account credentials or access to systems outside of their responsibility.
  • Use cryptographic controls to protect data in transit to and from the MSP.
  • Consider full data encryption for critical information while at rest and while maintaining control of encryption keys.
  • Employ full hard-drive encryption to ensure data at rest on storage media is not recoverable should the MSP replace or upgrade physical hard drives.

For more risk management strategies related to cyber exposures, contact Hierl Insurance Inc. today.

Portable hard drives, USB flash drives, memory cards and other types of removable media are vital for the quick storage and transportation of data.

Download the Newsletter

A monthly safety newsletter from