At Hays, our Private Client Group works to insure protection for every lifestyle. Whether it’s Home and Auto, Directors and Officers liability, Life Insurance, Disability or Long Term Care or unique areas of risk, such as kidnap and ransom, aviation, equine, or valuable articles, we’re here to help.
With expertise in the industry spanning 35 years, we have gathered five essential tips you need to know to protect your home and other assets:
1. Your Advisor Should Help Organize your Insurance Program.
With numerous assets acquired over time, it’s common to insure them with many different programs, often leaving your assets unorganized and expensive to manage. This can lead to gaps in coverage that will only be revealed when a claim is unexpectedly denied.
2. Be Presented With Options.
The benefit of retaining an independent insurance agent or broker is that they are working in your best interest. You should be frequently presented with options to organize your coverage.
3. Have Enough Personal Liability Insurance.
If a lawsuit puts your assets at risk, the last thing you want to worry about are insufficient limits. Make sure your liability coverage limits exceed your net worth. The Hays team can help you determine this value.
4. Be Certain of Your Insurer’s Financial Strength.
Always look for financial stability when choosing your insurer. It’s important your provider is strongly capitalized and will be able to pay your claims. Look for insurance companies rated “A” or “Excellent” by A.M. Best.
5. Work With High Net Worth Insurance Specialists.
Complex insurance situations require specialists. If you have a net worth of $2 million or more, most insurance carriers are not equipped to address your complex personal risk management needs.
Hays Private Client Group thrives at being problem-solvers in complex insurance situations. To contact us or to discover how we can keep your valuable assets protected, visit us here. Come experience The Hays Difference.
Mark your calendars! The following educational seminars have been announced for 2018.
Preparing for a DOL Audit – Deb Linder, Fredrikson & Byron, P.A.
Are you prepared for an IRS or DOL audit? In this seminar, we will review the documents and information needed to help you prepare for an audit, highlight common issues raised and discuss correction options.
Debra is a shareholder in the Compensation Planning & Employee Benefits Group at Fredrikson & Byron, P.A. Her practice involves a full range of employee benefit programs. She advises large and small public, closely- held, and tax-exempt employers on plan design, administration, and compliance issues.
Wednesday, April 18, 2018: 8:30 – 10:30 AM
Midland Hills Country Club
Managing Generational Diversity – Steve Baue, CEO of ERC: Counselors and Consulting
Teams are more diverse than ever before and, in today’s market, talent is scarce. Today’s leaders must look for ways to engage every employee, drive retention, and achieve peak performance. Seminar attendees will learn what makes our personalities tick, the generational influences, what almost every employee wants from their work, and ‘real-world’ leadership techniques that produce true results.
Steve Baue is the President / CEO of ERC, the award-winning Green Bay-based EAP and performance consulting company. ERC is known for its outstanding mental health counseling and strong reputation for organization and leadership development.
Thursday, May 17, 2018: 11:30 AM – 1:30 PM
Golden Valley Country Club
Change your focus from managing talent to activating it-Today! –Kelly Johnson with The Marcus Buckingham Company, an ADP Company
Today’s increasingly competitive marketplace paired with the low unemployment rate has made attracting, retaining and developing talent a top priority for HR as your people remain a huge differentiator for you. Join The Marcus Buckingham Company, An ADP Company to learn why HR needs to change its focus from managing talent to activating it – today.
Kelly Johnson is a Talent Executive with Fortune 30 experience. As a Strategic Consultant for The Marcus Buckingham Company, she works with organizations and teams to achieve exceptional talent performance and engagement through dynamic and strength-based strategies.
Wednesday, July 18, 2018: 8:30 – 10:30 AM
Midland Hills Country Club
Annual Review – Preparing for 2019
An annual crowd favorite! Come recap the year’s most notable legislative updates and get ready for 2019 with the Hays Research & Compliance team.
Thursday, September 13, 2018: 2:00 – 5:00 PM
Golden Valley Country Club
Registration for each seminar and complete details will be made available closer to the actual date of the event
What do they have in common? You guessed it — they’ve all experienced major data breaches that exposed tens of millions of users’ sensitive personal and/or financial data. Yahoo was actually victimized twice, each attack compromising hundreds of millions of users. (Oh, Yahoo.)
Your company is vulnerable
Big-company cyber incidents are understandably newsworthy, but they’re really just the tip of the iceberg. Most incidents go unreported in the media, even in wonky tech blogs, because they directly impact fewer people or fail to compromise critical systems.
A 2016 FBI report put the average daily number of U.S. ransomware attacks at 4,000, a 300% increase from2015.
That figure doesn’t count other types of cyber-attacks, such as phishing. Check your spam folder when you get a chance — it’s a virtual certainty that some of those sketchy emails contain malicious files or links.
Insurance can help
“Cybersecurity insurance is a misnomer,” says Dave Wasson, Vice President and Cyber Liability Practice Leader at Hays Companies in Minneapolis. “‘Privacy and security insurance’ is more accurate. Lots of claims have nothing to do with hacking — someone forgot to shred a sensitive document, maybe.”
For brevity, we’ll call it cybersecurity insurance. It exists because general commercial liability policies typically exclude digital and analog privacy and IP threats.
Cybersecurity insurance policies provide financial redress for a broad range of potential threats: the U.S. Department of Homeland Security cites “costs a from data destruction and/or theft, extortion demands, hacking, denial of service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud, and privacy violations.”
How to approach cybersecurity insurance
Many owners and execs have only a tenuous handle on their companies’ digital and analog vulnerabilities.
“A significant portion of what we do is educational,” says Wasson. “With new clients, the key question is: ‘Is your understanding of your exposure correct?’”
Some companies mistakenly believe they’re taking adequate measures to address perceived vulnerabilities, which they may or may not fully understand. Others affirmatively avoid due diligence on the not-incorrect assumption that actively researching the threat landscape eliminates plausible deniability and increases liability.
At least one large, well-known Minnesota company takes this “head in the sand approach,” says Wasson. (He declined to identify the firm.) Wasson is not a fan: “That’s like saying you’re healthy because you haven’t gone to the doctor,” he says. Self-insuring against privacy and security threats is doable for larger companies with the resources to absorb the cost of a cyber incident, but “understanding potential threats is always better than not understanding.”
What it costs, what it covers
Needless to say, most sizable companies do carry cybersecurity insurance policies. Coverage is increasingly common among SMBs too. When resources are tight, any significant cybersecurity incident is a grave threat.
“For small businesses, you can find good quality policies, not pared down at all, for less than $1,000 per year,” says Wasson. The lower end of the market, below $50,000 per year, is growing fast. (The costliest policies, built for Fortune 1000 firms, cost more than $1 million per year.)
Like other forms of insurance, cybersecurity insurance products are highly customizable, but most policies have seven basic coverages. The devil is usually in the details. Wasson advises clients to pay close attention to three key issues:
“Failure to maintain” clause: This exclusion penalizes policyholders who fail to execute or maintain stated security practices. “It basically says, ‘If you say you have a particular safeguard in place and you don’t, we’ll deny your claim,’” says Wasson. He strongly advises against buying policies with “failure to maintain” clauses.
IP protection: Cybersecurity insurance newbies are often disappointed by policies’ anemic or nonexistent intellectual property coverages. Some policies do cover NDA-protected IP compromised in a breach. Premiums may be higher, though.
Bringing in outside experts: Does the policy let you bring in your own legal and forensic IT experts after a breach? Some force policyholders to choose from approved professionals; using non-approved experts could compromise or even void your claim. “It’s like the requirement that you select a provider in your health insurer’s network,” says Michael Cohen, head of the Global Privacy, Cybersecurity and Data Protection legal team at Minneapolis-based Gray Plant Mooty.
Data breach? Minimize exposure and get the response right
Cybersecurity insurance alone can’t prevent privacy and security incidents. Insurers require, incentivize and recommend that policyholders take steps to mitigate their exposure.
Established regulatory structures are non-negotiable. For instance, policyholders must abide by the Payment Card Industry Data Security Standard (PCI DSS), an electronic payments security framework backed by major credit card issuers. Healthcare and finance companies must follow other frameworks.
Insurers incentivize the adoption of other safeguards, like robust encryption. “Encryption is one of the few things that has an actual causal impact on policy pricing,” says Wasson.
“The better your encryption, the less you’ll pay.”
Be honest about your data security practices and degree of exposure: On your cybersecurity insurance application, honestly disclose your exposure and mitigation practices. Even absent a “failure to maintain” clause, a misleading or incomplete application could lead to inadequate coverage. Plus, says Cohen, “Being recognized as a leader in data security benefits your organization in the marketplace.”
Don’t needlessly retain data: “Most companies don’t need to collect Social Security numbers,” says Wasson, “and they certainly don’t need to keep them in unencrypted files on mobile devices.” Only collect and retain data needed for essential business functions.
Take special care with legacy systems:
Many companies run key processes on functionally obsolete, unsupported IT systems. This is sub-optimal for all sorts of reasons, but overhauling is costly and disruptive, so it happens. Unfortunately, breaches can wreak havoc on legacy systems, which typically need to be overhauled after the fact anyway. When I spoke to Wasson, he was helping a client through a catastrophic ransomware attack made worse by the forensic impenetrability of its ancient IT. With no backup, the client had to shut down for a month to upgrade its systems and get out from under the attack. (Also relevant: Back everything up!)
Know your obligations under the law:
Legally mandated notification requirements may greatly increase post-breach costs. Firms must abide by notification rules in affected individuals’ home jurisdictions. Said rules vary widely, so firms typically adhere to standards in the strictest state in which they operate. Still, you need an attorney to work through dense regulatory language. To handle high notification volumes, you’ll need to retain a specialized firm.
Create an incident response team:
Don’t wait until it’s too late to build an incident response team. The point person (“breach coach”) should be an attorney experienced in handling data breach matters, whether in-house counsel or an outside expert like Cohen. Add at least one member from HR, IT (inside or outside), marketing or PR (inside or outside), finance, and upper management. Define each member’s role in the event of an incident. Mind insurance company restrictions — remember Cohen’s attorney networks.
Have an incident response plan ready:
Different scenarios call for different responses, but your first call should always be to your designated attorney. They’ll quickly assess the situation’s severity and determine what needs to happen next. If the situation warrants, “next” means a call to the FBI, which has a first-rate cyber forensics team. “The FBI is very discreet,” says Cohen. “Your business won’t leak just because they’re involved.” They may also know about other incidents that hold clues to your own.
You should do these six things “even if you choose to forgo cybersecurity insurance,” says Cohen. After all, fortune favors the prepared. And the careful.
WHAT CYBERSECURITY INSURANCE COVERS:
Privacy Regulatory Defense and Penalties: Covers regulator-assessed penalties and fees, where allowed by law, as well as costs associated with “complying with or defending against a privacy related regulatory investigation” by certain state and federal agencies or authorities.
Breach Costs: Covers costs directly associated with breach response, including notification to potentially affected parties, computer forensics, legal expenses, public relations campaigns,
and ongoing identity theft protection and monitoring.
Multimedia Liability: Covers “claims alleging intellectual property infringement [copyright infringement, defamation and libel, common law privacy rights, plagiarism or piracy, misappropriation of ideas] arising out of the advertising of a company’s goods or services, either online or offline.”
Business Interruption: Covers loss of income if the insured party is unable to conduct business “due to a malicious third party hacking event.”
Data Recovery: Covers costs associated with digital asset replacement, such as software licenses and proprietary software. May be combined with business interruption coverage.
Cyber Extortion: Covers costs associated with ransomware attacks, including investigations to determine whether the threat is credible and the cost of complying with the attackers’ demands (e.g., paying the ransom).
2017 was another eventful year for Employee Benefits and Compliance:
• The House passed an ACA repeal and replace bill but the Senate failed to do so – we will discuss what this means.
• Employers and health insurance carriers went through a second round of reporting of health care offers and coverage for 2016 – the reporting requirements are still “on the books.” What is the IRS doing about it?
• The ACA and HSA out-of-pocket maximums for 2018 were updated – we will review these requirements and why plans need to know how these two laws interact.
• Self-insured plans, essential health benefits (EHB) and benchmark plans are still tied to the ACA’s prohibition on lifetime and annual limits – maybe this is an area ready for a bipartisan update?
This webinar is an opportunity to get ready for 2018 and ensure you are in compliance with the laws and changes for the upcoming year.
Provided via the link below is a recorded presentation of the Hays Benefits Research and Compliance Department’s presentation Annual Review and Preparing for 2018. Feel free to watch the recorded presentation at your convenience by clicking on the link, below. The presentation is approximately 40 minutes long.
The IRS recently released the 2017 draft versions of the 1095-C, 1094-C, 1095-B and 1094-B forms for use in reporting coverage offers under the Affordable Care Act.
Generally, employers will use the Form 1095-C to report offers of health plan coverage to the individual and will also use Form 1094-C, which is then provided to the IRS.
There are a few changes to the forms and instructions from previous years, none of which are too drastic. Here is what has changed:
· Section 4980H Transition Relief. Several forms of transition relief were available to some employers under Section 4980H for the 2015 plan year (including any portion of the 2015 plan year that fell in 2016). However, no Section 4980H transition relief is available for 2017. Form 1094-C has been revised to remove references to this transition relief.
Specifically, the two sections on Form 1094-C and 1094-B related to this transition relief have been designated as “Reserved” and should not be used. They are:
Part II, in the “Certifications of Eligibility” Section on Line 22, Box C
Part III, in the “ALE Member Information – Monthly” table, column (e).
· Instructionsfor Recipient. The Form 1095-C and the 1095-B include an “Instructions for Recipient” section which states: “Additional information. For additional information about the tax provisions of the Affordable Care Act (ACA), including the individual shared responsibility provisions, the premium tax credit, and the employer shared responsibility provisions, see www.irs.gov/Affordable-Care-Act/Individuals-and-Families or call the IRS Healthcare Hotline for ACA questions (1-800-919-0452).”
· Updated Penalty Amounts. The adjusted penalty amount for 2017 is $260 per violation, with an annual maximum of $3,218,500 (up from a maximum of $3,193,000, for 2016).
· Code Series 2 (Section 4980H Safe Harbor Codes and Other Relief). The 2017 draft instructions for Forms 1094-C and 1095-C clarify that there is no specific code to enter on line 16 to indicate that a fulltime employee who was offered coverage either did not enroll or waived the coverage.
· Corrected Forms 1095-C. The 2017, the draft instructions indicate that Forms 1095-C filed with incorrect dollar amounts on line 15, Employee Required Contribution, may fall under a safe harbor for certain de minimis errors. The safe harbor generally applies if no single amount in error differs from the correct amount by more than $100.
If the safe harbor applies, employers will not have to correct Form 1095-C to avoid penalties. However, if the recipient elects for the safe harbor not to apply, the employer may have to issue a corrected Form 1095-C to avoid penalties. For more information, see Notice 2017-9.
· Formatting Returns Filed with the IRS. Both sets of 2017 draft instructions clarify that all returns filed with the IRS must be printed in landscape format.
Remember, Forms 1095-C and/or 1095-B must be provided to individuals by January 31, 2018. Form 10945-C and/or 1094-B must be filed by February 28, 2018 if filing a paper copy. If filed electronically, it must be sent no later than March 31, 2018.
Please contact your Hays Companies representative for more information on reporting under the Affordable Care Act.
MINNEAPOLIS, MN – Frank Bacon has been named as a National Pharmacy Consultant within Hays Companies. The Pharmacy Practice serves employee benefits clients to better manage the effective delivery of prescription benefits while maximizing cost efficiencies within organizations.
Bacon joined Hays Companies in 2016, bringing over ten years of pharmacy experience with him. Prior to coming aboard the Hays team, Bacon served as a PBM Network Pricing Consultant for one of the nation’s largest Pharmacy Benefit Managers. He draws on that experience while advising Hays’ clients on how to best manage and mitigate prescription related costs. Bacon’s unique insights are invaluable in navigating the complicated pharmacy benefits systems.
His new responsibilities will include advising Hays clients in PBM contracting and pharmacy benefit design.
Approximately 3,000 state and local agencies are responsible for inspecting more than one million food establishments in the United States, according to the Food and Drug Administration (FDA). Health inspectors investigate a company’s food handling, preparation and storage procedures to ensure that food is fresh and the environment in which it is prepared is sanitary. The Center for Disease Control (CDC) reports that approximately 48 million Americans get sick, 128,000 are hospitalized and 3,000 die of foodborne illness each year.
On average, state health departments conduct health inspections two to four times per year.
There are three types of inspections:
1. Routine inspections are usually unexpected. The inspector examines of all aspects of your restaurant to ensure compliance with state health codes.
2. A complaint inspection happens after customers observe unsafe food practices or complain they got sick as a result of dining at an establishment.
3. A follow-up inspection occurs after a restaurant was issued a violation and was given a certain amount of time to correct the violation.
Mandated by law, health inspections cannot be avoided. Take a proactive approach and you’ll always be prepared for an unexpected inspection. While consistent readiness may not always be feasible, it’s an important goal to work towards.
Having preventative measures in place will help you during a health inspector’s visit. Here are some ways to stay on top of inspections:
· Research your local and state laws regarding health inspections. Laws vary from state to state. Know what laws are applicable to your establishment.
· Obtain a copy of the food service inspection checklist for your state and regularly conduct your own health inspections to ensure your business is ready for the day when the real inspector shows up.
· Consult the FDA website for a current copy of the Food Code, which offers suggestions and best practices for food safety and health inspections. Many state laws have been modeled after this document.
· Join your state’s restaurant association to stay on top of state regulations regarding food safety, foodborne illness and health inspections.
· Require employees to take food safety courses and make safe food handling and preparation a priority in your company’s culture. Display food safety posters and other relevant safety information in the kitchen, at hand washing stations and in the employee break room so information is readily available to all employees.
For more information about health inspections, managing your risks and obtaining insurance for your business, please visit http://www.hayscompanies.com/contact-us/ to get in touch with your local consultant.
As of Monday, Irma has officially been downgraded to a tropical storm.
After battering its way up Florida over the weekend, Irma has moved through Georgia and South Carolina, leaving nearly fifteen million without power as flooding and winds continue to produce damage. Currently, officials are predicting that it could take up to ten days for all of the affected areas to have full power restored.
And although the storm is over, it does not mean that the danger has subsided. If you or a loved one is in an area that was affected by Irma, please follow these safety tips as provided by the Centers for Disease Control and Prevention to keep safe as rebuilding efforts begin:
Track all expenses you incur to mitigate your loss and continue business.
Exercise caution when inspecting damage. Do not try to inspect damaged utilities and appliances; contact a professional to do so.
Do what you can to prevent further damage to your property, (e.g., putting a tarp on a damaged roof), as insurance may not cover additional damage that occurs after the storm.
Secure Inventory – prior to a storm’s arrival, you should have compiled an inventory of all of your possessions at your home or business. If you did not create one, start as soon as possible.
File a Claim Immediately – it is in your best interest to file a claim as quickly as possible. Insurance adjusters may not be able to access the property right away, but it helps insurers to know where to look for damage and how to contact you in the coming weeks.
A drop of blood can tell a lot about you. That’s good. And bad.
In this age of technological and scientific breakthroughs, the most revealing medical test may come from a single drop of your blood.
Every drop of the 1.5 gallons of blood that you have in your system teems with data. Not just about your current state of health, but also your future health.
“There’s a data set in blood that is 100 times more interesting than that in the genomes.”— Dr. Eugene Chan, CEO of the DNA Medicine Institute.
Like many scientists and entrepreneurs across the country, Chan’s work taps into the huge potential in blood to indicate what illnesses may be lurking in the body.
As with the simplicity of today’s biometrics testing, Chan believes that in the future, blood screening may be able to detect early breast cancer and even detect early signs of Alzheimer’s, increasing the likelihood that treatment begins before toxic changes start attacking the brain.
It’s easy to see why growing numbers of large companies are recognizing the significant advantages of blood screening. They are accessible, inexpensive, and provide potentially life-altering information.
Many health conditions may soon be detected with a simple blood test.
the time it takes for a basic Biometric screening that includes: blood pressure, cholesterol levels, blood sugar levels, disease risk, body mass index (BMI), triglycerides levels — the amount of fatty acid in the blood.
of health risks are preventable and reversible through lifestyle changes.
the dollar amount that diagnostic tests, including blood-based, could grow to by 2018.
health threats that Biometrics screen for are: heart disease, diabetes, and hypertension.
Biometrics are becoming a healthy investment.
There is a healthy trend emerging in business today.
A growing number of large companies are taking action-oriented interest in the health of their employees by enhancing wellness programs to include Biometrics.
Basic Biometric screenings gives employees:
A report identifying specific health risks
Recommendations for addressing risks
Suggesting providers who can assist in reaching goals
Biometric screenings also provide valuable information to many employees who do not get regular physicals. These screenings can alert them to medical conditions that may go unchecked.
Blood-based diagnostic tests are estimated to grow into a $27.5 billion business category by 2018.
As a result of the acceptance in combining Biometrics and wellness programs in the last two years, 64 percent of large employers are now offering incentives such as health insurance premium discounts/credits or gift cards.
All things considered, Biometrics are an investment that is protecting employees from potential health dangers such as risks for heart disease and diabetes and generates increased productivity and reduces sick days.
Biometrics information is good. Who may have access isn’t.
With the ever-emerging growth of digital technology, simply storing the data is problematic. Controlling access is the most critical issue, as the personal health data captured from Biometric screenings needs to stay confidential.
Because of HIPAA laws, personal medical information is required to be kept strictly confidential.
In fact, as storing data becomes more of an issue, privacy becomes a greater concern. According to industry reports, a review of privacy policies showed that many wellness vendors adopt policies allowing them to share identifiable data with unnamed third parties and agents who are working to improve employee health. Beginning January 1, 2017, there are new confidentiality protections from GINA and the ADA which require disclosures to employees as to how collected wellness data will be used. Your Hays Representative can help ensure you stay compliant with these new standards.
Thus the digital data privacy issue is three fold:
Growing amounts of digital data
Finding secure storage
With the growing popularity of wearables, more health data is on the way.
ABI Research projects that by 2018, more than 13 million Fitbits and other wearable devices used in corporate wellness programs will be collecting and storing personal health data.
As Robert Gellman, an independent privacy and security consultant with 40 years experience, explained, “I don’t know of any best practices from the wellness industry to handle the data. It’s the Wild West.”
If you have questions about Biometrics, data security, and wellness programs working together, your Hays representative can provide the answers and guidance you need to make smart and safe decisions for your company and employees.
The best way to minimize damage from a hurricane is to be prepared before one strikes. To help you plan and remain safe at home during these potentially deadly storms, follow these safety tips.
During Hurricane Season:
· Plan evacuation routes and designate a contact person who family members know to call once the storm is over.
· Stock up on items such as bottled water, flashlights, battery-operated radio, nails, tarps and plywood.
When There’s A Hurricane Threat:
· Keep an up-to-date log of all of your possessions with photographs and videos, and review your home insurance policy.
· Place important, valuable papers such as your log of possessions and insurance policy in waterproof bags.
· Cover windows and doors and secure outdoor furniture.
· Refill your prescriptions, fill up your gas tank and withdraw a week’s worth of cash so you are prepared in the event of a power outage.
· Move your furniture and valuables to higher floors of your home.
· Gather emergency supplies and fill bathtubs with clean water.
· Move to higher ground away from rivers, streams, creeks and storm drains. If you are told to evacuate, do so immediately.
During a Hurricane:
• Listen to your battery-operated radio for instructions from the local authorities on evacuation and safety guidelines.
• Seek shelter in an interior room away from windows, such as a closet.
• If the electricity goes out, use a flashlight to see; do not use candles.
• If you hear the winds subside, do not assume that the storm is over. The calm may be the eye of the storm, and the worst part may still be coming.
After a hurricane is over, stay inside until you hear that an “all clear” notice has been issued. If you were told to evacuate, do not return home until you have been given permission by the authorities. Additionally, exercise extreme caution when inspecting your home for damage. Do not try to inspect damaged utilities and appliances; contact a professional to do so.
Please call Hays Companies Private Client Group with any questions or claims. You can contact us 24 hours a day at (612) 747-1095 or email@example.com.