Data Breach Response Plan

Our business associates at Regions Bank have put together a great article on creating a Data Breach Response Plan. Q1 2019 to Q1 2020 reported a 273% increase in data breach exposing 8.4 billion records, from insurance providers to credit bureaus, 2021 is expected to report higher threats. In the last couple of weeks there has been a lot of noise surrounding cyber security, which brings to light what the projections or expectations for this upcoming year are. IBM identified that it takes companies an average of 280 days to identify and contain a breach/cyber security occurrence.

So What is a Data Breach Response Plan? In short, it is a roadmap for your company to follow should a breach occur. Similar to an Emergency Response Plan but for your data and IT platform. Top points from Regions’ article:

  • Build a Response Team; from Executive level through HR down to customer support and external vendors
  • Include and detail specifics for the following in your plan:
    • Identify breach; triggering events
    • Contain the breach
    • Notify Data Breach Team and initiate plan
    • Investigate
    • Notify internal and external relations of breach; as required by law
    • Safeguard data
    • Conclusion and review meeting; team meets to analyze breach and make adjustments to the existing plan

My personal add on this is to research and obtain a cyber security insurance policy, mitigate your cyber risk. Cyber insurance protects against damages caused by electronic threats to your computer systems or data. Cyber threats can lead to the theft, damage or misuse of sensitive information or other vital technologies and can result in downtime and recovery costs that often include specialized repairs and legal fees

Forbes’ article “The Best Cybersecurity Predictions for 2021 Roundup” gives us some insight as to what we can expect. Here are some of the highlights, click on the article link above for the full article.

  • 2020 reported cyberattacks on healthcare facilities in the U.S. affecting 17.3 million people in 436 breaches tracked by the U.S. Department of Health and Human Services (HHS) Breach portal.
  • Amid an expectation of decline to revenues in 2021, 51% of executives plan to increase cybersecurity budgets

Govtech.com has also chimed in on where we need to protect ourselves for 2021 and what is expected to be at greatest risk; high points listed below, click link above for full article (interesting and informative read):

  • Increase attacks expected on home computers and networks; scary seeing as though many of us are still working remotely
  • Dark web expected to allow criminals access to purchase more sensitive corporate information
  • App stores through mobile devices and smartphones are expected to be attacked
  • Cloud base push for storage will likely create gaps in security
  • Application Programming Interfaces (API) threat models are high targets for enterprise breaches

Here at Libertate Insurance, data is a viable part of what allows us to do what we do for our clients. We hold data security at a high level of importance to our brand. We also know that the best reaction is a planned reaction. Putting a plan in place to protect your organization and your clients is important. We offer programs for cyber security that can further protect you, should you fall victim to the latest trends in the world of scams. Please contact us to review program details and understand the benefits of obtaining a cyber security policy.

Q4 2020 Cyber Risks & Liabilities Update

Some important trends that are threatening our businesses and ways to protect yourself.

How to Avoid Electronic Signing Service Scams

Although utilizing an electronic signing service can be a convenient way for your organization to digitally sign and exchange important documents (e.g., contracts, tax documents and legal materials) with stakeholders, doing so also carries significant cybersecurity risks.

Cybercriminals can utilize a variety of scamming techniques to trick electronic signing service users into sharing sensitive information, such as their signature, financial information and other personal data. From there, the criminals can use that information for a range of destructive purposes—including identity theft and other costly forms of fraud. These scams have become an increasingly prevalent threat in the midst of the ongoing COVID-19 pandemic, as many organizations have transitioned to fully remote operations.

In fact, DocuSign—a popular electronic signing service provider—recently released a statement regarding several new phishing scams that cybercriminals have implemented to fool victims into thinking they are using DocuSign’s services. These scams entail the victim receiving a fraudulent email that appears to be from DocuSign, urging them to either click on a malicious link (which then downloads malware on the individual’s device) or provide their personal information (which scammers then access to commit fraud).

Whether your organization uses DocuSign or a different electronic signing service, it’s important to educate yourself and your stakeholders—including employees, investors, customers and suppliers—on how to detect and avoid falling victim to these phishing scams. That being said, consider the following cybersecurity tips:

  • Be wary of responding to emails that claim to be an electronic signature request—especially if you weren’t expecting a request or don’t recognize the name of the individual or organization sending the request. Trusted senders would let you know they are sending a signature request before doing so.
  • Never click on links from electronic signature emails that appear suspicious—especially if the URLs for those links redirect to websites that aren’t secure or recognizable.
  • Review electronic signature emails for generic wording, grammatical errors and misspellings (both in the body of the email and within the sender’s email address). These mistakes are often key indicators of a phishing scam.

Cybersecurity Trends to Prepare for in 2021

This past year saw a wide range of changes and advancements in workplace technology utilization for organizations of varying sectors and sizes. But as digital offerings continue to evolve, so do cybersecurity threats. That’s why it’s crucial to remain up-to-date on the latest technology trends and adjust your cyber risk management strategies accordingly. As your organization starts to prepare for 2021, keep the following emerging cybersecurity concerns in mind:

  • Remote work issues—While remote working is a valuable method for protecting staff from the ongoing COVID-19 pandemic, this practice can also lead to increased cybersecurity vulnerabilities for your organization. After all, many employees may not have the same security capabilities in their work-from-home arrangements as they do in the workplace. As such, make sure your organization provides remote staff with appropriate cybersecurity training and resources, as well as implements effective workplace policies and procedures regarding cybersecurity.   
  • Cloud hijacking concerns—Especially with more employees working from home than ever before, maintaining cloud security is crucial. Cloud breaches have become more common in the past year, as cybercriminals have developed a method for hijacking cloud infrastructures via credential-stealing malware. To avoid this concern, utilize trusted anti-malware software and update this software regularly.   
  • Elevated ransomware threats—Cybercriminals continue to create new and improved ransomware attack methods each year. According to recent research from Cybersecurity Ventures, ransomware attacks are expected to cost organizations more than $20 billion in 2021, with an attack estimated to take place every 11 seconds. To help protect your organization from ransomware attacks, use a virtual private network, place security filters on your email server and educate staff on ransomware prevention.
  • Data privacy expectations—As more and more organizations start storing sensitive information on digital platforms, data privacy is a growing concern. If your organization stores sensitive information digitally, it’s vital to utilize proper security techniques to protect such data (e.g., encryption) and abide by all relevant data privacy regulations.
  • Skills shortages—Despite ongoing advancements in workplace technology, cybersecurity skills shortages have become a major issue for many organizations—with the demand for cybersecurity professionals exceeding the number of individuals that are qualified for such a role. This shortage emphasizes the importance of investing in effective cybersecurity tools across all workplace devices to help minimize your risks. 

With these trends in mind, it’s important now more than ever for your organization to secure adequate cyber insurance. Otherwise, you run the risk of your organization lacking the appropriate coverage and dealing with hefty out-of-pocket costs in the event of a cyber incident.

Smart Device Security Best Practices

As remote work continues to be a popular offering for many organizations, some employees have begun taking advantage of their own smart devices—such as smartphones or tablets—for work-related purposes.

While this practice can certainly help employees expand their remote work capabilities, utilizing smart devices within a work setting can lead to elevated cybersecurity risks. This is because your employees’ smart devices may not be initially equipped with the security measures necessary to defend against cybercriminals, thus increasing the likelihood of a cyberattack taking place.

Don’t let employees’ smart devices lead to a cybersecurity disaster within your organization. Utilize the following guidance to promote smart device security:

  • Establish a Bring Your Own Device (BYOD) policy that includes standards employees must uphold when using their smart devices for work-related purposes.
  • Have employees create complex passwords for their smart devices. Encourage staff to enable multifactor authentication on their devices, if possible.
  • Restrict employees from connecting to public Wi-Fi networks on their smart devices. Be sure to establish a virtual private network for staff to use to ensure a safe, secure connection.

Have employees conduct routine software updates on their smart devices to prevent potential security gaps.

For additional cybersecurity guidance and coverage, contact Libertate Insurance today, we are offering Cybersecurity Programs.

Friday Round-up

Happy Friday everyone, and Happy Hanukkah to those of you who celebrate the Festival of Lights!

Two of the MGU (Managing General Underwriter) partners we work with have announced new carrier partnerships for 2021. Be sure to check out our post on this news via the below link.

MGU Updates: New Carrier Partners for 2021

Also, as we head into the Open Enrollment season for most employer sponsored benefits programs, be sure to check out our post on 2021 Employee Benefit Trends.

Stay safe and healthy this weekend!

MGU Updates: New Carrier Partners for 2021

Two of the MGU (Managing General Underwriter) partners we work with have announced new carrier partnerships for 2021. Read the exciting news below.

Workers’ Compensation Insurance MGU Method Adds Falls Lake as New Carrier

Method, a Managing General Underwriter wholly focused on Workers’ Compensation Insurance, has announced the addition of the Falls Lake National Insurance Company to its roster of carrier options.

Falls Lake is rated A XI (Excellent) by AM Best and covers 23 states mostly concentrated in the eastern half of the United States.

“We’re excited to partner with the great team at Falls Lake to dramatically expand options for our customers east of the Mississippi.” said Greg Donsbach, President of Method.

Falls Lake shares a similar, broad risk appetite to Method’s existing carriers, Incline Casualty and Service American Indemnity Company.

“Falls Lake is pleased to partner with Method for this new product which combines Method’s industry-leading claims management protocols with Falls Lakes’ risk-driven underwriting philosophies.” said Paul Kearns, Senior Vice President of Underwriting at Falls Lake.

FUBA Adds Second A- Rated Carrier

FUBA Workers’ Comp now has underwriting authority with two insurance carriers that are rated A- (Excellent) by A.M. Best. Effective 1/1/21, Service Lloyds Insurance Company will become part of the FUBA family. Service Lloyds is a workers’ compensation specialist with almost four decades in the market. 

New business with effective dates through 12/31/20 will continue to be placed with Lancer Indemnity Company and will stay with Lancer for the first policy term. 

New business with effective dates of 1/1/21 and after will be placed with Service Lloyds. 

As your clients’ policies come up for renewal, we will transfer them from Lancer Indemnity Company to Service Lloyds. No action is needed on your part; the transfer will be automatic and seamless. The Service Lloyds policies will replace the policies from Lancer, and your clients will keep the same policy number.  

FUBA is pleased to be able to continue to offer stable and rated coverage to your small business clients.

2021 Employee Benefit Trends

Our friends at NAPEO released trends to watch out for as reported by Employee Benefit News; highlights from the full article below.

Increasing Health Insurance Premiums Employers will likely start shopping and looking for more cost manageable healthcare plans as health insurance premiums are trending 54% increases over the past 11 years as reported by the Society for Human Resource Management (SHRM). SHRM also reported, “Employers expect a moderate health plan cost increase next year of 4.4 percent, on average, compared to this year, according to early results…”. The concern here is that this trend of continued increase is outpacing the consumer price index and wage growth.

Telehealth We have seen a large uptick in the push and use of telehealth with the COVID-19 pandemic. 2021 will continue to grow this field of medical care. Telehealth benefits have been able to provide medical coverage for acute, chronic, primary and specialty care.

Personalized Benefits Packages Companies may start offering more non-medical offerings for a more customized employee benefit packages. Packages will start with the basic health insurance and paid time off benefits and expand to include optional add-ons like pet insurance, short-term disability, access to legal services, whole or term life, hospital stay, accident insurance to mention a few.

Mental Health Employers are waking up to the mental health wellness of their employees and how it can be a direct impact o their organizations. Employers are educating themselves on reducing workplace stress. Many benefits package now include behavioral health with both onsite and virtual medical plans.

Not partnered with a PEO? Connect with us and let us know how we can help! Find out more on our website here.

Friday the 13th! Weekly Round Up

Did you know that Friday the 13th occurs in any month that begins on a Sunday? Quite simple math but I never really thought about it! The fear of Friday the 13th affects an estimated 17 to 21 million people in the United States, according to the Stress Management Center and Phobia Institute. However, studies on accident trends show that fewer accidents are reported on this day, as people are likely more cautious and limit travel and activities. You can find more interesting tidbits on the history of Friday the 13th at Earthsky.org

Here are our highlights from the week

Veteran’s Day 2020

The United States just honored its Veterans with the observance of Veteran’s Day. The anniversary of Veteran’s Day marks the end of World War I back in 1918. Originally coined as Armistice Day, to reflect the signing of the armistice between the Allies of World War I and Germany, was renamed Veteran’s Day in 1954 to honor all those that have served in the U.S. Military. November 11th is also celebrated by other countries as Armistice Day and Remembrance Day. While times have certainly changed for our Country since the early 1900’s, I thought sharing the below quote from President Woodrow Wilson, on the first anniversary of such an important day, was fitting for the times.

“To us in America, the reflections of Armistice Day will be filled with solemn pride in the heroism of those who died in the country’s service, and with gratitude for the victory, both because of the thing from which it has freed us and because of the opportunity it has given America to show her sympathy with peace and justice in the councils of nations.” You can find more on the History of Veteran’s Day, here at U.S. Department of Veterans Affairs

The U.S. Department of Veterans Affairs is also always accepting donations and volunteers. Learn more on how you can show thanks and give back, year-round, to those whom have given us so much.

MilitaryBenefits.info has put together a listing of the 2020 Veteran’s Day Free Meals and Deals for those of our Veterans reading this post, many of them throughout the week and month of November.

To all Veterans, We thank you for your sacrifice, your bravery, and our freedom.

Hot for PEOs and Small Business

AllRisks is pushing their Self-Storage Facility Program in light of non-renewal trends related to program administrators losing their markets. AllRisks has been providing solutions for storage-related exposures including products for boat/RV storage operators, self-storage facilities and converted buildings. They have 2 exclusive Self-Storage Programs with National Capabilities. AllRisks offers over 30 National Specialty Insurance Programs ranging from Amusement Insurance to Tattoo Shops. Contact Libertate Insurance today for more information.

PIE Insurance released updates of important need to know facts about workers compensation claims fraud and how to protect your business. Types of workers’ comp insurance fraud fall into three categories:

1- Employees committing claim-related fraud by fabricating details surrounding an injury. Injury claim indicates injury happened at work in the warehouse, when it really happened on a ski trip over the weekend

2- Employers may engage in policy-related fraud by falsely reporting employees as contractors or by improper employee classification; i.e. admin desk position is reported when employee is actually a warehouse worker performing manual labor

3- Healthcare professionals can commit medical provider fraud by performing unnecessary services to collect insurance payments, fraudulent billing or partaking in kick-back programs

Workers’ comp fraud has historically cost between $6 and $7 billion dollars each year based on estimates from CAIF (Coalition Against Insurance Fraud) and the NICB (National Insurance Crime Bureau). Insurance fraud is a white-collar crime and can lead to fines and imprisonment, and increased premiums and penalties for small businesses. The Claims Journal issued an article in August of 2020, indicating that with COVID-19 the California Workers Compensation Insurance Rating Bureau is estimating annual losses in the state of $1.2 billion, extrapolated nationally approximating $5 billion. The plan to combat fraud? Data! Insurers are accessing cross-payer, multi-year claims data to identify repeat claimants, attorneys and medical providers.

How do we protect ourselves and our businesses? Educate and Document!

  • Be forthcoming about physical requirements and hazards of the job
  • Educate employees as to the proper way to lift, pull, and carry objects
  • Provide training on work-related hazards, exposure risks, and safety equipment
  • Inform employees and new hires about a zero-tolerance policy for false claims
  • Teach employees how workers’ comp works and how to correctly report injuries
  • Provide a safe way for employees to report suspicious workers’ comp activity
  • Maintain and report accurate records regarding employee roles and numbers

This is great HR information to help support businesses and mitigate risk. If you have questions or are limited in your HR resources contact Libertate Insurance today, we can help.

NAPEO released its November 2020 edition of PEO Insider, for members. Interesting Featured Articles in this month’s release include Q&A on State Legislative and Regulatory Trends, Non-COVID-19 Developments in the States, What PEOs Need to Know About the SECURE (Setting Every Community Up for Retirement Enhancement) Act, and so much more. Take a few minutes and dive into some of these interesting and useful articles. NAPEO is a great organization for all things PEO.

NAPEO also hosted an online webinar last night, for members, going over the 2020 Election and what’s next! Georgia and Washington are in recount and lawsuits have been filed in Arizona, Georgia, Michigan, Nevada as well as Pennsylvania.

Notable key dates in the upcoming months:

December 8th – states are required to settle all disputes

December 14th – Electoral College meets at state level and votes for President

January 6th – Joint Session of Congress counts electoral votes and declares a winner

January 21st – President is sworn in

If you are not currently a member of NAPEO, visit their site here and learn how to join.

Weekend in Sports

There are a ton of football events continuing this weekend with football seemingly back in full swing. South Alabama vs Louisiana, Notre Dame vs. Boston College, Miami vs. Virginia Tech, USC vs. Arizona, Florida State vs. NC State and the list continues, hope you have the opportunity to catch your favorite team. For our NFL roster Kansas City comes in the first ranking spot for week 10, they have a bye week so we won’t be able to watch them play this weekend. The next highest ranking teams are Pittsburgh and Baltimore. Pittsburgh squares off against Cincinnati 4:25pm ET catch them on FOX and Baltimore will battle New England at 8:20pm (ET) available on NBC. Find more on your favorites here at ESPN.com

Have a Great Weekend Everyone!

Where Does My PPP Funding Leave Me?

The U.S. Chamber of Commerce has useful guidance in regard to the Paycheck Protection Loans under the Paycheck Protection Program (PPP).  Weighing on most of us is how these loans are going to impact our businesses long term, as the guidance from the Small Business Administration (SBA) keeps changing.

The SBA was very quick in issuing the note agreements, payment terms and interest rates on the Economic Injury Disaster Loans (EIDL), also noting that if an advance was given under these loans the advance amount would be deducted from the potential forgiveness of the PPP loan. Yes, an advance under one loan would be an offset to the portion of allowable forgiveness under another!  The EIDLs are not forgivable but they have been set up on 30 year terms; seemingly manageable.

One important thing I’ve taken away from this experience is that the PPP loans were issued and managed through the SBA approved private lenders and then backed by the SBA. This meant, after digging around on the internet, calls to our lender and calls to the SBA that the forgiveness application would be handled by the lender.  Oddly enough, it didn’t seem like our lender knew that.  After much persistence, I found that forgiveness applications were being accepted and processed for those applicants that received funding in excess of $2M.  That meant the “small-business” funding recipients, the originally intended recipients of the CARES Act would have to wait for any clarity or solace on how these funds would ultimately be of impact.

I think it’s safe to assume that we all understand the rules as they currently stand and we are admittedly thankful for the CARES Act.  The end game goal with the PPP loan is that you needed to keep staff on payroll, if you laid anyone off you needed to rehire them and overall you needed 60% of the funding to go towards payroll with the remaining funding allowed towards mortgage interest, rent and utilities.

Again, that leaves me with the question of what the overall impact to the business will be. This is where it counts!  Let’s for a moment consider that we have utilized the funding properly and within the terms of forgiveness at 100% with the EIDL advance that was received also having an impact.  We essentially received a pass for a period of time related to our payroll costs, rent, and utilities.  The expenses are still sitting on our P&L,  we have a note that will be forgiven which will ultimately end up as income, but the IRS will be limiting the deduction of these expenses from our business’ taxable income.

What does this mean?  Now is the time to pull your General Ledger and scour through your P&L line items.  Understand your normal deductible business expenses and make sure that you have items classified properly for your tax reporting.  Don’t leave this for your tax preparer to question; nobody knows your business like you do. Who in your company is responsible for credit card allocations? How many times do you use your corporate credit card and the accounting team inadvertently books those charges to meals & entertainment or distributions, when in actuality it was a corporate team building lunch related to a client account or a client meeting, i.e. business meal, marketing or travel related expenses.? Meals & entertainment are limited at 50%, be cautious as to what is classified here.  Marketing, travel and mileage are 100% deductible.

In summation, if the PPP funding was utilized within the forgivable guidelines you should be able to apply for forgiveness at 100% less the EIDL advance you’ve received. These forgiven expenditures will be unallowed deductions on your tax filing for the year so make sure your other business related expenses are classified properly to capture as many deductible expenses as possible to reduce your tax liability. Connect with your lender and identify their protocol for the forgiveness application. A Professional Employer Organization (PEO) can be immensely helpful in providing canned reporting for both the PPP application process and the allowable payroll costs under the 8 week or 24 week option under the PPP loan needed for the forgiveness application.  

If you are unsure as to whether or not a PEO makes sense for your small business, we can help you decide! Libertate Insurance Services has a client first motto and works hard to help transfer risk in your business. So whether you’re looking for a PEO or you are a PEO seeking hard-to-place markets, connect with us today. Visit our website here for more info or check out the rest of the PEO Compass blogs here.

We would love to connect with you!

Was our article on Paycheck Protection Program forgiveness useful to you?

View Results

Loading ... Loading ...

Insurance and Data Risk Management with Technology Resources to protect your most important assets

Research credits: IRS.gov, uschamber.com, sba.gov

When Robert Hartwig Talks, People Listen…

As I was pulling this post together, for good reason, the old EF Hutton commercials we grew up with (dating myself)…

…came to mind. “When E.F. Hutton talks, people listen”…

As EF Hutton was considered (or at least advertised) as “the smartest guy in room” for all things investments; the same holds true for Robert Hartwig @Bob_Hartwig when it comes to insurance economics. He is the guy insurance company CEO’s call to help predict the future and someone I have had the pleasure to meet and see present on a few occasions. You will not see anyone provide more data and direction in a short session that is credible and meaningful.

Robert, a PHD/CPCU, was the former Chief Economist of the Insurance Institute of America and currently serves as the Clinical Associate Professor of Finance, Risk Management & Insurance @ USC’s Darla Moore School of Business. His latest presentation points to some areas that are important to understand and budget for.

https://www.uscriskcenter.com/wp-content/uploads/2020/09/Inland-Marine-UW-Association-American-Institue-of-Marine-Underwriters-9-30-2020.pdf

I have listed some of my key take-aways below and the slide number you can reference for the detail:

Slide 12 – 12.5-25% reduction in workers’ compensation premiums based on rate reductions coupled with drop in exposure basis due to COVID-19. COVID-19 Claims will not be used for rate-making purposes in most states until 2021. All other lines are seeing material drops in written premium due to usage, but rates at the same time are on the rise.

Slide 13 – Range of workers’ compensation losses on a national basis due to presumption is $.2 – $92B … quite a delta and as you will note, and a far greater one than any other line (which are also not yet understood). The range for Business Interruption losses is next with anywhere from $2B – $22B expected. The courts will be the most impactful on where this end result comes in based on policy interpretation. Policy language and intent will be the battlefronts.

Slide 15 – Cost of COVID v comparable pandemics in recent age – the cost and number of countries impacted by COVID-19 versus other pandemics (SIKA, Swine Flu, SARS etc.) is staggering and exponential.

Slide 30 – Presents the investment yield trends for 10-year US Securities which is a foundational “safe” investment for insurance carriers – down 61%. Puts more pressure on operational results which in turn, more pressure on upward pricing.

Slide 31 – 9 of the the top 10 ever point drops on the S and P ever occurred in 2020. The 3’rd largest percentage drop in history occurred on 3/16/20 at -11.98%/-324.9 points. This volatility is of grave concern to the investment strategies of the insurance carrier community. This also puts upward pressure on pricing.

Slide 41 – Business closures will cause debt of $3T for at least a generation to overcome. This is very saddening and a complex issue to make a call on. Be safe and put us in debt for another generation or open up and hope for the best? Question of the century –

Slide 47 – Rates on most lines of insurance (with the exception of Workers’ Compensation) are rising at a rapid pace. Umbrella (20%) and Directors and Officers insurance (16.8%) being hammered the hardest, with Business Interruption (9.7%), Commercial Auto (9.6%) and Employment Practices Liability insurance (9.4%) also expecting hefty increases.

Slide 50 – Business Interruption insurance will be highly litigated going forward, especially on those policies that do not have a pandemic disease exclusion. This and the presumption issue in regard to workers’ compensation are what will cause the greatest uncertainty going forward as to the exposure to the insurance community and how they react as a result the pandemic.

In conclusion, it has been a long cycle of premium reductions. Drop of exposure basis (payrolls, sales, miles travelled etc) may neutralize overall premiums to some extent, but the “as is or lower” rate renewals of the last decade will be very tough to navigate this year. Get out ahead of your renewals, especially on the specialty casualty side. Let us know if we can help.