You want your disaster plan, also known as a “business continuity” plan, to be complete, accurate, functional, up to date, and able to meet your recovery objectives. To ensure that you meet these goals, there’s no better way than a “live test.”
You can create buy-in among managers and staff by providing a test scenario that’s specific, realistic, detailed, and comprehensive.
Consider this real-world example: A television communication company in Miami was completing its disaster plan when it learned that a powerful hurricane was headed straight toward Southeastern Florida. Fortunately, because the business had several days’ warning, it was able to implement the plan rapidly and communicate it to employees. Although the company was prepared for the worst, the storm struck to the south and west, near Key West.
Although there was no significant damage in the Miami area, the exercise tested important components of the plan, such as the ability of the business to:
- protect equipment and strengthen the building in a timely and orderly manner
- activate and maintain an alternate transmission site
- test backup electrical generation and other equipment under adverse weather conditions
- communicate emergency technical instructions to affiliate stations throughout the Spanish and Portuguese speaking world
- sponsor a shelter for emergency storm personnel
- release and recall staff in an orderly basis
A post-disaster meeting led to a number of refinements in the plan. Most important, the exercise confirmed the ability of the company to maintain important business activities at a pre-established acceptable level, with minimal impact to its customers and revenue stream.
If you’d like advice on testing your company’s business continuity plan before disaster strikes, just give us a call.
The American Management Association recently reported that only half of the corporations it surveyed had a disaster plan. What’s more, many respondents felt that the time spent preparing a plan was too costly or that they had just never thought about it.
As insurance professionals, we find such news disappointing. After all, a disaster management plan should be a top priority for every company.
The safety of your employees and the future of your business depend on drafting a disaster management plan now. From the loss of key personnel to physical property damage, everything that can go wrong in a serious situation might very well do so. Are you prepared?
Your plan should also include comprehensive insurance coverage. For example,
Once a disaster happens, if you don’t carry a business income policy with, “Extra Expense,” coverage, you will lose money. Maybe even enough to put your business under for good. This coverage kicks in to help you replace lost revenue and expenses to get up and running fast.
For more information on adding Business Income insurance with Extra Expense coverage to your protection package, call our service team today.
Mobile devices are the mighty double-edged swords of today’s workplace. On the one hand, they provide greater integration of information, on the other, they could be your business’s one-way ticket to a catastrophic security breach. This week we had the amazing opportunity to speak with Anthony Kinney, Microsoft’s Verizon Partner Manager, about mobile security and the ways to mitigate data risk in a BYOD environment.
According to Kinney, the three main security risk areas associated with BYOD are:
- Data loss prevention, which has to do with securing the data on a device in the
case of it being lost or stolen.
- Data in transit, which is most often
protected by encrypting information to ensure that all communications between
the device and backend infrastructure are secure.
- Data leakage, which is
about keeping a user’s work and personal information separate. In other words,
“protecting users from themselves.”
We asked Kinney what Microsoft is doing to make sure that moving to a pocket office doesn’t mean introducing security risk. He discussed how our multilayered approach to security makes adopting a BYOD policy far less of a risk, with solutions like Secure boot technology, remote “wipe” capabilities, and automatic cloud storage (among other security solutions).
What makes the greatest difference, however, are the actions a company takes to ensure that their data is secure. The way Kinney sees it, employees jailbreaking and rooting devices is one of the largest risk factors for companies who allow employees to BYOD. What those companies do is implement third-party services to “containerize the data,” so it never actually goes onto the local device.
According to Kinney, Windows Phone solves for this by protecting the data at the data center level before it even gets to the device. This means each document can have specific edit/view/share settings so that when it’s accessed on a mobile device it can’t be ‘saved as’ or forwarded to another cloud service, depending on what the settings permit. This way the phone fully understands the corporate policies on the document, helping IT to provide security—even at the file level.
This level of device integration with your data allows your company to consider a BYOD or CYOD policy without the need for third-party security solutions—which themselves offer another point of potential failure and risk. By working with your existing desktop OS, email, and other systems, the native Windows Phone OS helps mitigate data loss risk for your pocket office by preventing it in the first place.
More and more companies are restricting employee use of personal cell phone cameras on the job for fear that these ubiquitous devices might create legal headaches, lead to job-related claims, and/or compromise company trade secrets.
For example, employees might take inappropriate photos or videos of co-workers without their permission, leading to accusations of sexual harassment or invasion of privacy. Even if the picture-taking doesn’t create legal problems having these images posted online might well embarrass the employees depicted or make them uncomfortable.
Soured relationships in the workplace can also create problems. A disgruntled employee might want to embarrass a boss or gather evidence for filing a legal claim. All sorts of types of images – from a supervisor getting upset with an employee to overall working conditions – could easily become fodder in an employment dispute.
What’s more, if your company has patented products and closely-protected manufacturing processes, any information leaked to a competitor might be extremely damaging.
The best way to deal with this risk is to develop a written policy that controls employee use of cell phone cameras at work, with clear penalties for violations. Determine which workers need cameras as part of their jobs (for example, truck drivers who might have to photograph an accident for insurance purposes). Make sure that employees permitted to use camera phones at work give you the right to review all images and delete any work-related images. You should also prohibit employees from posting work-related photos on line.
The key to success lies in keeping your workers informed about this policy and enforcing it consistently.
To learn more, feel free to get in touch with our agency’s risk management specialists.
Most states allow company owners and executives to opt out of (or not opt in to) Workers Compensation insurance. But did you know that if you choose this option your Health insurance policy might well not pick up work-related medical claims?
If you carry Health coverage through your company Group plan, you can usually arrange to be covered for work-related injuries under this policy – which then becomes “24-hour” coverage for you. However, many small business owners and managers are insured under the Health Plan of their spouse or parents – which almost always exclude work-related injuries.
Let’s say that you exempt yourself from Workers Compensation and have coverage under your spouse’s Health insurance – and you suffer a serious injury in a work-related, at-fault auto accident. Once you have exhausted the Medical Payments coverage under the company’s Commercial Auto policy, the chances are that you’ll have to pick up the tab for the rest of your medical bills. You might even have to choose between limiting your treatment options or going bankrupt (unpaid medical bills are the nation’s leading cause of bankruptcy).
Even if you have “24-hour” insurance under your own Health policy, this coverage will not reimburse you for income lost during your convalescence.
So, what’s the solution? You might consider buying a Disability income policy – or decide to cover yourself under Workers Compensation, after all.
As always, our agency stands ready to offer our professional advice. Just give us a call.
You need Employment Practices Liability insurance (EPLI) to protect you from lawsuits filed (justly or unjustly) by anyone who you employ, have employed, or even considered employing.
Before you buy this essential coverage, be sure to ask these questions:
- Who is insured? This should include the company as an entity, along with officers, directors, and every type of employee (full-time, part-time, temp, leased, loaned and seasonal). The importance of this becomes clear if you’re ever sued for a sexist slur made by temporary receptionist to a job applicant.
- What claims does the policy cover? You want coverage for every eventuality: monetary damages, all types of legal proceeding from criminal to regulatory, settlements, judgments, lost pay, defense fees and punitive damages.
- How does the policy define “wrongful employment practices” beyond the obvious (sexual harassment and racial discrimination)? Make sure that you have coverage for violations of federal, state, local and common law on employment discrimination;, deprivation of career opportunities; defamation; retaliation, negligent job evaluation, and failure to have an acceptable written employment policy.
- What does the policy exclude? EPLI should include wrongful practices that might have taken place before you bought coverage – so you don’t have to worry about a suit by that disgruntled vice president you fired three years ago for pilfering paperclips.
A word to the wise: use EPLI as a last line of defense. Risk management for your business should include diversity and sensitivity training. The U. S. Equal Employment Opportunity Commission offers a wealth of free training resources, guides, compliance information, and links to free training throughout the nation.
As always, we stand ready to offer you our professional advice, free of charge.
Product Liability Insurance helps protect your company from damages for losses related to manufacturing or selling products or other goods.
These claims can, and do, put businesses out of business – just ask the officers of any asbestos manufacturer.
Companies are vulnerable to three types of products claims
- Manufacturing or production flaws that create an unsafe defect in the product. For an example, just recall the recent claims against Chinese manufacturers for using dangerous chemicals in their products.
- Design defects that make the product inherently unsafe. (The series of lawsuits against Toyota vehicles for defective acceleration controls during the past two years comes to mind.)
- Inadequate warnings or instructions, such as failing to label a product properly or advise consumers about potential risks. A famous example is the McDonald’s “hot coffee case.”
Damages can include medical costs, compensatory damages, economic damages, and (in some instances) attorney fees and costs, as well as any punitive damages.
Some sellers and retailers choose not to buy Product Liability Insurance because they don’t actually “manufacture” anything. However, most states follow the “stream of commerce” model of liability, meaning that if your company sells a product, you can be held liable for damages to the end user.
“Business Owners” and Commercial General Liability policies usually include some type of Product Liability Coverage (Sometimes known as Product/Completed Operations Insurance).
Premiums are based upon the type of product and sales volume. If you try to reduce premiums by underreporting sales or insuring only a percentage of your sales, you’ll probably face a hefty “underinsurance” penalty. Make sure to identify your products properly, too. For example; if you supply stepstools, you don’t want them categorized as ladders, which have a higher premium because of their greater risk potential.
For more information, feel free to get in touch with our Business Insurance professionals.
Nearly six million traffic accidents occur in the U.S. every year – more than 16,000 a day (or one every 10 seconds).
If your company owns, operates, or uses motor vehicles – or if you have employees who use their cars for business purposes – you need Commercial Auto Insurance to provide financial protection against losses from mishaps that occur behind the wheel.
This valuable policy provides these coverages:
- Bodily Injury Liability pays the cost of bodily injury to others from accidents for which you are responsible. If you’re sued, it also pays your defense and court costs.
- Property Damage Liability picks up the tab for property damage to others for which you are responsible, as well as defense and court expenses.
- Personal Injury/Medical Payments usually covers medical and funeral expenses for bodily injury from an accident that involves an insured vehicle.
- Collision pays for a covered vehicle that is damaged by a collision with another vehicle or object.
- Comprehensive Coverage pays for a covered auto that is stolen or that is damaged by causes other than collision or reckless driving.
- Uninsured/Underinsured Motorists covers injuries and, in some cases, property damage, when you’re involved in an accident with another person who either doesn’t have Auto Insurance or carry enough coverage.
Before you purchase or renew your Commercial Auto Insurance ask yourself these questions: 1) how much Liability Coverage you should buy, and 2) how large of a deductible should you choose?
We’d be happy to help you choose the most cost effective policy for your needs. Just give us a call.
The more heavily your business relies on electronic technology, the greater your vulnerability to cyber criminals.
Criminal activity conducted through the Internet impacts businesses of all sizes. One study found that companies with 100 or fewer employees accounted for 72% of data breaches worldwide.
Today’s cybercrimes put your grandmothers’ spam email list to shame. According to a nationwide study by Ponemon Institute, the median annual cost of cybercrime for a large company in 2011 came to $5.9 million.
Cybercrime covers a variety of activities, from malicious codes and hacks in which private client or company information is made public or stolen, to disruption of normal operations. Perpetrators include rogue employees, “hacktivists” seeking to make a political statement, or third parties seeking financial gain.
Businesses, such as coffee shops, that allow customers on their premises to use Wi-Fi face unique risks. In one case, a Hollywood producer sued the owner of a restaurant offering Wi-Fi access after a customer used the network to download a film for bootlegging.
To help protect your business against potential losses from cybercrime, here are some recommendations:
- Review your specific exposures. For example, if you allow people outside the company to use your WiFi, this can increase your exposure.
- Focus on the human element in data security by offering employees effective training and specific guidelines.
- Re-evaluate your guidelines frequently.
- Evaluate the potential risks of adopting new technology.
Last, but not least, make sure that you carry adequate Cyber Liability Insurance.
Our agency would be happy to tailor cost-effective coverage to your needs, and help you develop and implement a comprehensive program for managing your exposure to cybercrime.
In the controversial Citizens United case, the Supreme Court ruled that corporations have rights similar to those of an individual. If followed they have identities and are vulnerable to identity theft.
Although insurance offers one way to manage this risk, it might well be a long time before a company discovers the theft — at which point, it would be too late. To avoid or minimize the danger of having your corporate identity stolen, we’d recommend a three-step approach:
- Storing sensitive information. Sensitive files and information (credit card numbers, medical data, Social Security numbers, etc.) might be stored on computers, external drives, filing cabinets, or mobile devices. It’s wise to consolidate and secure this data either physically behind lock and key or by using electronic network security measures. Be sure to train employees on handling, storing, and disposing of this type of information properly.
- Your business documentation. Identity thieves might use highly sophisticated or surprisingly elementary and low-tech techniques for delving into a company’s records and misappropriating them. These might include intercepting paper mail, stealing trash, or physically taking documents. To safeguard this information, determine what records you need to run the business, inventory them, and use electronic statements to limit the amount of mail containing company information. Never share financial details or documents through e-mail!
- Credit reports. Check your company’s credit reports regularly for unusual charges or bills.
The Federal Trade Commission (http://www.business.ftc.gov/documents/bus69-protecting-personal-information-guide-business) provides a variety of resources you can use to help protect your corporate identity and confidential customer information against identity thieves.
Our agency’s professionals would be happy to offer their help — just give us a call.