We once again find ourselves heading into a wonderful time of year. A time which brings about goldening leaves on trees, a discernible chill on the morning breeze, pumpkin spice everything, and new workers’ compensation loss cots and rate sets! So far 2022 is promising to bring about another wave of rate decreases.
New York is first out of the gate, approving an overall rate decrease of 6.4% effective 10/1/2021. The state advises that this loss cost revision reflects the experience of the two most recent policy years, as well as projected trends, benefit level changes, and changes in loss adjustment expenses.
According to the attached 2021 Loss Cost Filing the proposed loss cost change is based on the latest financial data reported by the Rating Board’s member carriers, which includes losses resulting from the COVID19 pandemic, and was derived by applying Rating Board’s standard ratemaking methodology. The terrorism and catastrophe loss cost provisions have also been updated with this revision. However, no explicit load for the risk of pandemics is included.
Florida followed suite announcing on Friday, 8/27/2021 a proposed overall rate decrease of 4.9%. If approved, these reduced rates will take effect on 1/1/2022. This continues the trend of continually dropping rates which Florida has been witnessing since 2016.
We will continue to monitor this activity and keep you informed as more states propose and approve the 2022 loss costs.
Did you know that in 2020, the average cost of a data breach was $3.86 million?! When it comes to a cyber breach, it’s not a matter of “if”, but “when”. But Libertate has your business covered.
We provide comprehensive Cyber Liability options that meet your unique organizational needs. Send us an email at sales@libertateins.com for more information!
Critical infrastructure cyberattacks are increasing in frequency according to Advisen’s loss database, and some experts are worried the worst is yet to come.
There are sixteen industry sectors in the United States that make up the country’s critical infrastructure. These sectors are considered so vital their incapacitation or destruction would have a debilitating effect on national security, economic security and/or national public health and safety, according to the United States’ Cybersecurity and Infrastructure Security Agency (CISA). Poisoned water supplies, opened dam floodgates and pipeline spills are a few of the many worst-case scenarios that could result from a cyberattack on critical infrastructure. The sectors that have been designated as critical infrastructure include the following:
Chemical
Commercial facilities
Communications
Critical manufacturing
Dams
Defense industrial base
Emergency services
Energy
Financial services
Food and agriculture
Government facilities
Health care and public health
Information technology
Nuclear reactors
Materials and waste
Transportation systems
Water and wastewater systems
Further, recent critical infrastructure attacks in Advisen’s loss database include:
A ransomware attack in June 2021 on JBS meatpacking temporarily shut down all operations. The meatpacking company—which processes roughly one-fifth of the nation’s meat supply—paid an $11 million ransom to become operational again.
A ransomware attack on the Colonial Pipeline, the nation’s largest fuel pipeline, occurred in May and temporarily shut down all operations, causing a temporary increase in gas prices in the United States. The Colonial Pipeline paid nearly $5 million in ransom to restore operations, although some of the ransom was later recovered, according to Advisen loss data.
Hackers briefly attempted to increase the levels of sodium hydroxide to a lethal amount as part of a February cyberattack on a water treatment plant in Florida. The plant operator quickly noticed the increase in sodium hydroxide levels and lowered it to the original amount, preventing anyone from being harmed, according to Advisen loss data
Frequency of Critical Infrastructure Cyberattacks
Unfortunately, cyberattacks on critical infrastructure are becoming increasingly common. Since 2008, the frequency of cyberattacks on critical infrastructure has been trending upwards, according to Advisen loss data. The drop-off in 2019 is likely due to a data lag and is not reflective of an actual decrease in frequency.Looking specifically at the sectors designated as critical infrastructure, the utilities sector was the most frequent target of cyberattacks – accounting for 26% of total losses, according to Advisen loss data. Manufacturing had the second-highest percentage at 23%, followed by government entities (shown AS PUBLIC ADMINISTRATION) at 17%The vast majority of critical infrastructure cyberattacks come from external sources. Unidentified external hackers account for the greatest percentage of these attacks at 39%, followed by nation-state attacks at 34%, according to Advisen data. These attacks typically involve malware.
*Advisen’s loss data is curated from a wide variety of public sources. Our collection efforts focus on larger and more significant cases. For this reason, the figures in this article may not be fully representative of all cases of this type.
OSHA recently determined it will not be making changes to the healthcare emergency temporary standard (ETS) after reviewing the latest guidance, science and data on COVID-19, and the recently updated CDC face mask guidance. However, OSHA will continue to monitor and assess the need for changes monthly.
OSHA determined that neither the CDC’s guidance on health care settings nor the underlying science and data on COVID-19 in health care settings has materially changed in a way to necessitate changes in the June 10, 2021 ETS.
Revised CDC Guidance
The CDC recently announced updates to its face mask guidelines, recommending that fully vaccinated individuals should wear a mask in public, indoor settings in areas where there is high or substantial COVID-19 transmission, including of the new coronavirus delta variant. Prior to this update, the CDC guidance allowed fully vaccinated individuals to stop wearing a mask in most settings.
OSHA’s Healthcare ETS
Since OSHA has not changed its requirements for the healthcare ETS, the face mask exceptions under the standard still apply. The healthcare ETS covers employers in various health care industries, such as hospitals, nursing homes, assisted living facilities, emergency responders, home health workers and employees in ambulatory care settings where suspected or confirmed COVID-19 patients are treated.
Next Steps
Health care employers should continue to monitor the OSHA website for updates on how changes in COVID-19 transmission affect agency policy and guidance. OSHA will continue to assess the need for changes monthly.
ETS Face Mask Exceptions:
Employees are not required under the healthcare ETS to wear face masks when:
They are alone in a room;
They are eating & drinking;
It is important to see a person’s mouth while communicating;
Employees are unable to wear face masks due to a medical necessity or condition; or
Use of a face mask presents a hazard to an employee of serious death or injury.
The Florida Association of Professional Employer Organizations is comprised of organizations which provide integrated, cost effective solutions for the management and administration of human resources for its clients by contractually assuming employer rights, responsibilities, and risk, and by establishing and maintaining an employer relationship with the workers assigned to client companies.
As mentioned in a post by Libertate Insurance’s Vice President, Sharlie Reynolds last Friday FAPEO will hold their Annual Business Meeting and Board of Directors Meeting on August 4th, 2021 at the Tampa Marriott Westshore. In addition to plenty of discussion surrounding the ongoing wave of ransomware attacks and coverage options to help client company’s offset potential losses from said attacks, there are currently a plethora of ongoing bills that could impact PEOs. FAPEO has shown their commitment to making sure that the professional employer organization industry has the appropriate representation and necessary spotlight in favor of or against the following list of bills in circulation – https://www.fapeo.org/legislation-impacting-peos/
A look at the history of the PEO Industry in Florida
FAPEO provides a colorful timeline as to how PEO’s came into existence in the state of Florida (click on https://wwww.fapeo.org/history/
Listening to early participants in the PEO industry describe how the industry came to be established in Florida, Margaret Mead’s inspirational quote comes to mind. Attorney Michael R. Miller, the general counsel of the Florida Association of Professional Employer Organizations (FAPEO) since its inception, says that the biggest surprise looking back at the history of the industry and the association is that “a ragtag band of novice employee leasing entrepreneurs” could get bills passed to establish and license PEOs in Florida.
Interviews with several of these “novice employee leasing entrepreneurs” form the basis of this history of the PEO industry in Florida, and their stories are compelling, inspiring, and yes, surprising.
Early History of the PEO Concept
Employee leasing in the United States began as early as the 1940s. In the early 1970s, the concept was popularized by a consultant named Marvin Selter, who leased the employees of a doctor’s office in Southern California. The Employee Retirement Income Security Act of 1974 (ERISA) contained an exemption for multiple employer welfare arrangements (MEWA), which provided a loophole for employers with leased employees to claim they were exempt from the ERISA requirements. Passage of the Tax Equity and Fiscal Responsibility Act of 1982 (TEFRA) further encouraged employee leasing by providing a tax shelter for employers who contributed a minimum amount to employee plans. More stringent guidelines in the Tax Reform Act of 1986 later eliminated most of the TEFRA incentive, however.1
To read the entire history of the PEO industry in Florida, as provided by and written by FAPEO (found on their website, click on https://www.fapeo.org/history/. Take the historical journey of what initially started as employee leasing in the 70’s and 80’s with business being done with a handshake on through to when H. Britt Landrum, Jr., started asking questions as the first CEO of LandrumHR in Pensacola, who founded AmStaff in 1970, an employee staffing company that later became the full-service PEO it is today. He remembers reading an article in Inc. magazine in 1981 about a company called Staff Leasing of America. The leadership of Staff Leasing had been successful in getting a bill passed in Congress that made it possible for highly compensated professionals such as doctors and lawyers to exclude their employees from their pension plans if they leased the employees from an employee leasing company. “When I saw that article, I picked up the phone and talked to the owner of Staff Leasing of America,” Landrum recalls. “By that time he wanted to sell franchises or license others to be involved with him so they could pay him a royalty.” also called a Staff Leasing client who had been mentioned in the Inc. article to find out why a business would want to use an employee leasing company. The answer was simple and direct: “It makes it much easier for me as an employer to handle some of those employer-employee administrative things.”
Libertate Insurance hopes to see everybody at FAPEO in Tampa for the Annual Business Meeting; August 4th’s agenda is as follows:
FAPEO’s annual business meeting is next Wednesday (8/4).
Click here to access the agenda. If you haven’t registered yet, you can email Suzanne Hurst at suzanne@helpmembers.org
In addition to the important legislative updates, we are certain that cyber security for PEOs will be a hot topic. Below is an overview of how we at Libertate look at cyber coverage. We will be available at FAPEO and would love to discuss further.
Kudos to our friends at W.R. Berkley for a stellar Q2! So happy they are a part of our PEO community.
W.R. Berkley Corp. reported net premium growth exceeding 27 percent and a combined ratio under 90 for the 2021 second quarter, positive results the commercial lines insurer and reinsurer attributed to rate adequacy and an improving economy.
Consolidated net premiums written during Q2 surpassed $2.2 billion, up from $1.7 billion in the 2020 second quarter.
The company booked net income of more than $237 million in Q2 versus $71.2 million a year ago.
Additionally, net investment income jumped nearly 97 percent to $169.2 million during the quarter.
The company said that its rate increases continue to outpace loss costs, with new products also helping to achieve or exceed its targeted rate levels. During the quarter, W.R. Berkley focused on exposure growth and business expansion, and it said the strategy should help lead to additional underwriting profits down the line.
W.R. Berkley’s consolidated combined ratio was 89.7 during the quarter, compared to 98.7 a year ago.
W.R. Berkley even produced gains for workers’ compensation, which had average rate increases of just under 10 percent.
Commercial auto and casualty reinsurance also saw large premium increases. Professional liability was among the largest gainers, jumping to $287 million in net premiums written during Q2, versus $174.2 million the year before.
Current accident year insurance losses from catastrophes, including COVID-related losses, landed at $36.8 billion during the quarter, improved from $114 million in the 2020 second quarter. Reinsurance and monoline excess losses were just under $7.2 million, compared to $31.8 million a year ago.
Whether a business is in healthcare, accounting, legal, real estate, manufacturing, etc., most of a business’ important assets are digital. (Government municipalities are included too.) To make matters complicated, it’s very common for these digital assets to be stored in various systems and locations, intertwined with a third party’s digital information. With so many opportunities for disaster, steps must be taken to insure this critical information.
Cyber insurance is a new frontier that is rapidly evolving as the industry gets its bearings. Many companies are finding that their current cyber policies have very minimal coverage in case of a cyber breach, and the majority of these policies will not come close to providing the necessary breach coverages to the business or municipality.
When looking at your existing or new cyber policy, it’s important to consider these types of coverages:
As we have come to realize, the idea that security starts and ends with the purchase of a pre-packed firewall is simply misguided
Art Wittman
1. Privacy Breach Notification
Some reports estimate the notification and credit monitoring costs alone are over $100 per record, so if you had 1,000 compromised records, this alone could cost $100,000 or more.
2.Data Loss Restoration
Believe it or not, many large insurance carriers have policy exclusions for the replacement and restoration of data, so be very careful in this area when reviewing your policy.
3. Privacy Liability
This covers for the theft or loss of private information related to customers and other third-party information that is in your care.
4. Regulatory and PCI Defense
Many industries are under strict regulatory control, and breaches may result in fines and other penalties from these regulatory agencies.
5. Public Relations
If an enterprise has a breach, the bad press they receive can do significant long term reputational damage and can also be used by competitors to their advantage. This coverage will help hire a public relations firm to mitigate the reputational damage your name brand might incur.
6. Cyber Crime
If your organization is threatened with various cyber threats such as malicious code that will result in financial loss or data loss, this coverage is needed for the reimbursement of the costs associated with these threats.
7. Defense and Settlement costs
A breach affecting a lot of customers may result in lawsuits and financial settlements, so insurance coverage is needed to offset these potentially enormous costs.
8. Consulting and Forensic Fees
If a breach does occur, the upfront investigative process will require a lot of professional expertise and a lot of money, and this specific coverage will offset these significant costs.
9. Business Continuity
If a hack causes your business to lose income, this coverage will reimburse you for these losses.
It takes 20 years to build a brand or company reputation and a few minutes within a cyber incident to ruin it
Stephane Nappo
For a free cyber insurance policy evaluation, contact Libertate Insurance today at 813-367-7574 or email me, James Buscarini at jbuscarini@libertateins.com.
Our professionals are happy to review and discuss your firm’s existing cyber liability insurance policy and the relation to your unique business requirements, needs and cyber coverage. Our goal is to help your PEO and client companies navigate the cyber liability insurance landscape and identify potential vulnerabilities that could be exposed based on your existing technology network and infrastructure. Finally, we want to make sure that in the event of a ransomware attack, business email compromise or phishing expedition your firm has adequate coverage in each of the areas that you might be vulnerable to be targeted in.
