Here at Hays Companies, we want to work together to keep employees safe at all times, especially on the roads. We are here to help with workplace policies and education. To learn more on how we can help, contact your Hays representative or email us at email@example.com
According to the US Department of Labor’s Bureau of Labor Statistics, 59% more individuals aged 65 or older remain in the workforce compared to 2006. Additionally, the number of post-war baby boomers under age 65 who are actively employed has increased by more than 100% over a 30-year period (1977-2007). With these changes to the workforce demographics, employers face challenges surrounding how Medicare eligibility and entitlement affect group health plans.
Hays Companies’ Amanda Swanson, Compliance Consultant, will host a webinar on “Medicare and the Group Health Plan.”
The webinar slated for Thursday, April 26th at 1:00pm Central Time will cover:
What are the various components of Medicare, and what are the costs?
What are the Medicare eligibility, enrollment and entitlement dates for disabled individuals and individuals who are age 65 or older?
For active employees, does eligibility for Medicare affect the coverage we provide under our group health plan?
About the presenter:
Amanda Swanson is a licensed attorney in the state of Minnesota who specializes in the area of Employee Benefits. She joined Hays Companies in August of 2016 after completing her MN Bar Exam. Currently, she is responsible for assisting with form 5500 filings and provides in-depth employee welfare benefit laws and guidance research and analysis in support of Hays Companies Research and Compliance Team. Amanda has a particular focus in the area of Employer Wellness Programs and has developed several wellness tools for consultants to utilize while assisting clients.
Amanda graduated Magna Cum Laude from William Mitchell College of Law where she was a Mitchell Fellow.
Bruce Lyon, Hays Vice President and Director of Risk Management, recently received first place honors by The American Society of Safety Engineers’ (ASSE) Editorial Board and the Council on Professional Development for his article, Communicating and Managing Risk: The Key Result of Risk Assessment.
The article, co-authored by Dr. Georgi Popov, speaks to the critical impact that communication has on effectively managing risk. Without communication, risk assessments lack the power for positive change within an organization. To implement effective change, key-decision makers must be informed and safety professionals empowered to share potential for risk.
By establishing risk assessment methods that identify, assess and communicate potential operating risks, a trickledown effect is established that demonstrates downstream business consequences and the link between operational risk, occupational safety and health (OSH) risk, and business risk – an essential aspect for future planning.
This prestigious accomplishment demonstrates the depth of professionalism and risk control expertise that organizations can expect to receive from Hays Companies. To learn more about how Hays can help you manage your risk, please contact your local Hays Representative.
Bio: Lyon is a professional member and past president of ASSE’s Heart of America Chapter and a recipient of the Region V Safety Professional of the Year Award. He is advisory board chair to UCM’s Safety Sciences Program and co-author of RiskAssessment: A Practical Guide for Assessing Operational Risk.
Hays Companies recently joined the National Safety Council’s Road to Zero initiative, a partnership focused on ending traffic fatalities – a leading cause of unintentional deaths. The goal is safe mobility for all people through a coordinated, data-driven approach. As a partner of the Road to Zero Coalition, Hays will work to develop priorities and encourage stakeholders to take action to meet the goal of eliminating traffic fatalities by 2050.
It might seem like a lofty goal, but key stakeholders believe it is possible. “The aim of Road to Zero is to get to zero deaths by 2050,” says Debbie Hersman, the president and CEO of the National Safety Council, the lead on the Road to Zero initiative. “That’s the goal. We’ve done this with aviation—there have been several years with zero deaths in commercial aviation—and a lot of people thought that was impossible.”
At Hays Companies, we have continued to make distracted driving our national safety focus as an organization.
We are committed to the safety of our employees and clients on our roadways. We’ve been incredibly moved by our VP of Risk Management Services, Tom Goeltz, and his personal story with losing his daughter due to an alleged distracted driver. Goeltz is actively building national awareness as a legislative advocate and frequent public speaker on how to help keep employees and their families safe. Our Road to Zero Coalition partnership exemplifies the importance and value we at Hays Companies place on safety, and how we can work together to combat this epidemic.
“It’s not impossible – it just hasn’t been done yet. Working together, we will find new solutions to old problems and eliminate these preventable deaths,” said Tom Goeltz.
Looking for an employer toolkit on Distracted Driving? Consider these resources:
Pandora. GPS. Radio Commercials. Drinking Coffee. Talking to your kids in the backseat. Even if you’re not texting behind the wheel, chances are high that something happens while you’re driving that prevents you from giving the road your full attention. And while most of these activities seem fairly innocent, taking only a second or two to address, they each represent a different form of distracted driving that can dramatically increase your risk of an accident.
Fully 94% of all vehicle crashes are caused by human error – a sobering fact when you consider the real life implications behind the statistics. Hays Vice President of Risk Management Services, Tom Goeltz, understands this better than most as his daughter, Megan Goeltz, was killed at the age of 22 by alleged distracted driver, leaving behind a three-year-old daughter and a loving family.
For Goeltz, distracted driving is a national epidemic. OSHA agrees, having launched a distracted driving initiative in recent months. In a supporting compliance article, the administration states “The top priority of the Occupational Safety and Health Administration (OSHA) is keeping workers safe. While workplace fatalities have been decreasing in recent years, motor vehicle crashes continue to be one of the leading causes of death among American workers.” In addition, a study conducted by the University of Utah discovered that cell phone users demonstrated higher levels of impairment then drivers who had been drinking.
To prevent distracted driving, OSHA recommends implementing policies that prevent individuals from reaching for their phones in the first place. Goeltz supports the position, arguing that breaking the habit of distracted driving requires a similar mentality shift as our approach to drinking and driving. In our society, driving under the influence has become a universal taboo, resulting in using a designated driver or a service like Uber. As Goeltz says, the same can be done with distracted driving habits.
With their most recent iOS update, Apple will be doing their part to keep the roads safe with the new “Do Not Disturb While Driving” feature. The feature, which will be triggered when a phone is connected to a car via Bluetooth or cable, will withhold all notifications while the car is moving. Users will still be able to access Apple Maps, but the majority of apps will stay locked for the duration of the drive.
Not an iPhone user? Goeltz offers some additional tips to prevent distracted driving:
Turn your phone off or put it in airplane mode.
Use a Cell Slip, which blocks all incoming and outgoing cell phone signals while the phone is in the slip or keep your phone out of reach.
Have an App installed on your phone to silence incoming texts, emails, phone calls. We recommend one of the following:
At Hays, our Private Client Group works to insure protection for every lifestyle. Whether it’s Home and Auto, Directors and Officers liability, Life Insurance, Disability or Long Term Care or unique areas of risk, such as kidnap and ransom, aviation, equine, or valuable articles, we’re here to help.
With expertise in the industry spanning 35 years, we have gathered five essential tips you need to know to protect your home and other assets:
1. Your Advisor Should Help Organize your Insurance Program.
With numerous assets acquired over time, it’s common to insure them with many different programs, often leaving your assets unorganized and expensive to manage. This can lead to gaps in coverage that will only be revealed when a claim is unexpectedly denied.
2. Be Presented With Options.
The benefit of retaining an independent insurance agent or broker is that they are working in your best interest. You should be frequently presented with options to organize your coverage.
3. Have Enough Personal Liability Insurance.
If a lawsuit puts your assets at risk, the last thing you want to worry about are insufficient limits. Make sure your liability coverage limits exceed your net worth. The Hays team can help you determine this value.
4. Be Certain of Your Insurer’s Financial Strength.
Always look for financial stability when choosing your insurer. It’s important your provider is strongly capitalized and will be able to pay your claims. Look for insurance companies rated “A” or “Excellent” by A.M. Best.
5. Work With High Net Worth Insurance Specialists.
Complex insurance situations require specialists. If you have a net worth of $2 million or more, most insurance carriers are not equipped to address your complex personal risk management needs.
Hays Private Client Group thrives at being problem-solvers in complex insurance situations. To contact us or to discover how we can keep your valuable assets protected, visit us here. Come experience The Hays Difference.
Mark your calendars! The following educational seminars have been announced for 2018.
Preparing for a DOL Audit – Deb Linder, Fredrikson & Byron, P.A.
Are you prepared for an IRS or DOL audit? In this seminar, we will review the documents and information needed to help you prepare for an audit, highlight common issues raised and discuss correction options.
Debra is a shareholder in the Compensation Planning & Employee Benefits Group at Fredrikson & Byron, P.A. Her practice involves a full range of employee benefit programs. She advises large and small public, closely- held, and tax-exempt employers on plan design, administration, and compliance issues.
Wednesday, April 18, 2018: 8:30 – 10:30 AM
Midland Hills Country Club
Managing Generational Diversity – Steve Baue, CEO of ERC: Counselors and Consulting
Teams are more diverse than ever before and, in today’s market, talent is scarce. Today’s leaders must look for ways to engage every employee, drive retention, and achieve peak performance. Seminar attendees will learn what makes our personalities tick, the generational influences, what almost every employee wants from their work, and ‘real-world’ leadership techniques that produce true results.
Steve Baue is the President / CEO of ERC, the award-winning Green Bay-based EAP and performance consulting company. ERC is known for its outstanding mental health counseling and strong reputation for organization and leadership development.
Thursday, May 17, 2018: 11:30 AM – 1:30 PM
Golden Valley Country Club
Change your focus from managing talent to activating it-Today! –Kelly Johnson with The Marcus Buckingham Company, an ADP Company
Today’s increasingly competitive marketplace paired with the low unemployment rate has made attracting, retaining and developing talent a top priority for HR as your people remain a huge differentiator for you. Join The Marcus Buckingham Company, An ADP Company to learn why HR needs to change its focus from managing talent to activating it – today.
Kelly Johnson is a Talent Executive with Fortune 30 experience. As a Strategic Consultant for The Marcus Buckingham Company, she works with organizations and teams to achieve exceptional talent performance and engagement through dynamic and strength-based strategies.
Wednesday, July 18, 2018: 8:30 – 10:30 AM
Midland Hills Country Club
Annual Review – Preparing for 2019
An annual crowd favorite! Come recap the year’s most notable legislative updates and get ready for 2019 with the Hays Research & Compliance team.
Thursday, September 13, 2018: 2:00 – 5:00 PM
Golden Valley Country Club
Registration for each seminar and complete details will be made available closer to the actual date of the event
What do they have in common? You guessed it — they’ve all experienced major data breaches that exposed tens of millions of users’ sensitive personal and/or financial data. Yahoo was actually victimized twice, each attack compromising hundreds of millions of users. (Oh, Yahoo.)
Your company is vulnerable
Big-company cyber incidents are understandably newsworthy, but they’re really just the tip of the iceberg. Most incidents go unreported in the media, even in wonky tech blogs, because they directly impact fewer people or fail to compromise critical systems.
A 2016 FBI report put the average daily number of U.S. ransomware attacks at 4,000, a 300% increase from2015.
That figure doesn’t count other types of cyber-attacks, such as phishing. Check your spam folder when you get a chance — it’s a virtual certainty that some of those sketchy emails contain malicious files or links.
Insurance can help
“Cybersecurity insurance is a misnomer,” says Dave Wasson, Vice President and Cyber Liability Practice Leader at Hays Companies in Minneapolis. “‘Privacy and security insurance’ is more accurate. Lots of claims have nothing to do with hacking — someone forgot to shred a sensitive document, maybe.”
For brevity, we’ll call it cybersecurity insurance. It exists because general commercial liability policies typically exclude digital and analog privacy and IP threats.
Cybersecurity insurance policies provide financial redress for a broad range of potential threats: the U.S. Department of Homeland Security cites “costs a from data destruction and/or theft, extortion demands, hacking, denial of service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud, and privacy violations.”
How to approach cybersecurity insurance
Many owners and execs have only a tenuous handle on their companies’ digital and analog vulnerabilities.
“A significant portion of what we do is educational,” says Wasson. “With new clients, the key question is: ‘Is your understanding of your exposure correct?’”
Some companies mistakenly believe they’re taking adequate measures to address perceived vulnerabilities, which they may or may not fully understand. Others affirmatively avoid due diligence on the not-incorrect assumption that actively researching the threat landscape eliminates plausible deniability and increases liability.
At least one large, well-known Minnesota company takes this “head in the sand approach,” says Wasson. (He declined to identify the firm.) Wasson is not a fan: “That’s like saying you’re healthy because you haven’t gone to the doctor,” he says. Self-insuring against privacy and security threats is doable for larger companies with the resources to absorb the cost of a cyber incident, but “understanding potential threats is always better than not understanding.”
What it costs, what it covers
Needless to say, most sizable companies do carry cybersecurity insurance policies. Coverage is increasingly common among SMBs too. When resources are tight, any significant cybersecurity incident is a grave threat.
“For small businesses, you can find good quality policies, not pared down at all, for less than $1,000 per year,” says Wasson. The lower end of the market, below $50,000 per year, is growing fast. (The costliest policies, built for Fortune 1000 firms, cost more than $1 million per year.)
Like other forms of insurance, cybersecurity insurance products are highly customizable, but most policies have seven basic coverages. The devil is usually in the details. Wasson advises clients to pay close attention to three key issues:
“Failure to maintain” clause: This exclusion penalizes policyholders who fail to execute or maintain stated security practices. “It basically says, ‘If you say you have a particular safeguard in place and you don’t, we’ll deny your claim,’” says Wasson. He strongly advises against buying policies with “failure to maintain” clauses.
IP protection: Cybersecurity insurance newbies are often disappointed by policies’ anemic or nonexistent intellectual property coverages. Some policies do cover NDA-protected IP compromised in a breach. Premiums may be higher, though.
Bringing in outside experts: Does the policy let you bring in your own legal and forensic IT experts after a breach? Some force policyholders to choose from approved professionals; using non-approved experts could compromise or even void your claim. “It’s like the requirement that you select a provider in your health insurer’s network,” says Michael Cohen, head of the Global Privacy, Cybersecurity and Data Protection legal team at Minneapolis-based Gray Plant Mooty.
Data breach? Minimize exposure and get the response right
Cybersecurity insurance alone can’t prevent privacy and security incidents. Insurers require, incentivize and recommend that policyholders take steps to mitigate their exposure.
Established regulatory structures are non-negotiable. For instance, policyholders must abide by the Payment Card Industry Data Security Standard (PCI DSS), an electronic payments security framework backed by major credit card issuers. Healthcare and finance companies must follow other frameworks.
Insurers incentivize the adoption of other safeguards, like robust encryption. “Encryption is one of the few things that has an actual causal impact on policy pricing,” says Wasson.
“The better your encryption, the less you’ll pay.”
Be honest about your data security practices and degree of exposure: On your cybersecurity insurance application, honestly disclose your exposure and mitigation practices. Even absent a “failure to maintain” clause, a misleading or incomplete application could lead to inadequate coverage. Plus, says Cohen, “Being recognized as a leader in data security benefits your organization in the marketplace.”
Don’t needlessly retain data: “Most companies don’t need to collect Social Security numbers,” says Wasson, “and they certainly don’t need to keep them in unencrypted files on mobile devices.” Only collect and retain data needed for essential business functions.
Take special care with legacy systems:
Many companies run key processes on functionally obsolete, unsupported IT systems. This is sub-optimal for all sorts of reasons, but overhauling is costly and disruptive, so it happens. Unfortunately, breaches can wreak havoc on legacy systems, which typically need to be overhauled after the fact anyway. When I spoke to Wasson, he was helping a client through a catastrophic ransomware attack made worse by the forensic impenetrability of its ancient IT. With no backup, the client had to shut down for a month to upgrade its systems and get out from under the attack. (Also relevant: Back everything up!)
Know your obligations under the law:
Legally mandated notification requirements may greatly increase post-breach costs. Firms must abide by notification rules in affected individuals’ home jurisdictions. Said rules vary widely, so firms typically adhere to standards in the strictest state in which they operate. Still, you need an attorney to work through dense regulatory language. To handle high notification volumes, you’ll need to retain a specialized firm.
Create an incident response team:
Don’t wait until it’s too late to build an incident response team. The point person (“breach coach”) should be an attorney experienced in handling data breach matters, whether in-house counsel or an outside expert like Cohen. Add at least one member from HR, IT (inside or outside), marketing or PR (inside or outside), finance, and upper management. Define each member’s role in the event of an incident. Mind insurance company restrictions — remember Cohen’s attorney networks.
Have an incident response plan ready:
Different scenarios call for different responses, but your first call should always be to your designated attorney. They’ll quickly assess the situation’s severity and determine what needs to happen next. If the situation warrants, “next” means a call to the FBI, which has a first-rate cyber forensics team. “The FBI is very discreet,” says Cohen. “Your business won’t leak just because they’re involved.” They may also know about other incidents that hold clues to your own.
You should do these six things “even if you choose to forgo cybersecurity insurance,” says Cohen. After all, fortune favors the prepared. And the careful.
WHAT CYBERSECURITY INSURANCE COVERS:
Privacy Regulatory Defense and Penalties: Covers regulator-assessed penalties and fees, where allowed by law, as well as costs associated with “complying with or defending against a privacy related regulatory investigation” by certain state and federal agencies or authorities.
Breach Costs: Covers costs directly associated with breach response, including notification to potentially affected parties, computer forensics, legal expenses, public relations campaigns,
and ongoing identity theft protection and monitoring.
Multimedia Liability: Covers “claims alleging intellectual property infringement [copyright infringement, defamation and libel, common law privacy rights, plagiarism or piracy, misappropriation of ideas] arising out of the advertising of a company’s goods or services, either online or offline.”
Business Interruption: Covers loss of income if the insured party is unable to conduct business “due to a malicious third party hacking event.”
Data Recovery: Covers costs associated with digital asset replacement, such as software licenses and proprietary software. May be combined with business interruption coverage.
Cyber Extortion: Covers costs associated with ransomware attacks, including investigations to determine whether the threat is credible and the cost of complying with the attackers’ demands (e.g., paying the ransom).
2017 was another eventful year for Employee Benefits and Compliance:
• The House passed an ACA repeal and replace bill but the Senate failed to do so – we will discuss what this means.
• Employers and health insurance carriers went through a second round of reporting of health care offers and coverage for 2016 – the reporting requirements are still “on the books.” What is the IRS doing about it?
• The ACA and HSA out-of-pocket maximums for 2018 were updated – we will review these requirements and why plans need to know how these two laws interact.
• Self-insured plans, essential health benefits (EHB) and benchmark plans are still tied to the ACA’s prohibition on lifetime and annual limits – maybe this is an area ready for a bipartisan update?
This webinar is an opportunity to get ready for 2018 and ensure you are in compliance with the laws and changes for the upcoming year.
Provided via the link below is a recorded presentation of the Hays Benefits Research and Compliance Department’s presentation Annual Review and Preparing for 2018. Feel free to watch the recorded presentation at your convenience by clicking on the link, below. The presentation is approximately 40 minutes long.
The IRS recently released the 2017 draft versions of the 1095-C, 1094-C, 1095-B and 1094-B forms for use in reporting coverage offers under the Affordable Care Act.
Generally, employers will use the Form 1095-C to report offers of health plan coverage to the individual and will also use Form 1094-C, which is then provided to the IRS.
There are a few changes to the forms and instructions from previous years, none of which are too drastic. Here is what has changed:
· Section 4980H Transition Relief. Several forms of transition relief were available to some employers under Section 4980H for the 2015 plan year (including any portion of the 2015 plan year that fell in 2016). However, no Section 4980H transition relief is available for 2017. Form 1094-C has been revised to remove references to this transition relief.
Specifically, the two sections on Form 1094-C and 1094-B related to this transition relief have been designated as “Reserved” and should not be used. They are:
Part II, in the “Certifications of Eligibility” Section on Line 22, Box C
Part III, in the “ALE Member Information – Monthly” table, column (e).
· Instructionsfor Recipient. The Form 1095-C and the 1095-B include an “Instructions for Recipient” section which states: “Additional information. For additional information about the tax provisions of the Affordable Care Act (ACA), including the individual shared responsibility provisions, the premium tax credit, and the employer shared responsibility provisions, see www.irs.gov/Affordable-Care-Act/Individuals-and-Families or call the IRS Healthcare Hotline for ACA questions (1-800-919-0452).”
· Updated Penalty Amounts. The adjusted penalty amount for 2017 is $260 per violation, with an annual maximum of $3,218,500 (up from a maximum of $3,193,000, for 2016).
· Code Series 2 (Section 4980H Safe Harbor Codes and Other Relief). The 2017 draft instructions for Forms 1094-C and 1095-C clarify that there is no specific code to enter on line 16 to indicate that a fulltime employee who was offered coverage either did not enroll or waived the coverage.
· Corrected Forms 1095-C. The 2017, the draft instructions indicate that Forms 1095-C filed with incorrect dollar amounts on line 15, Employee Required Contribution, may fall under a safe harbor for certain de minimis errors. The safe harbor generally applies if no single amount in error differs from the correct amount by more than $100.
If the safe harbor applies, employers will not have to correct Form 1095-C to avoid penalties. However, if the recipient elects for the safe harbor not to apply, the employer may have to issue a corrected Form 1095-C to avoid penalties. For more information, see Notice 2017-9.
· Formatting Returns Filed with the IRS. Both sets of 2017 draft instructions clarify that all returns filed with the IRS must be printed in landscape format.
Remember, Forms 1095-C and/or 1095-B must be provided to individuals by January 31, 2018. Form 10945-C and/or 1094-B must be filed by February 28, 2018 if filing a paper copy. If filed electronically, it must be sent no later than March 31, 2018.
Please contact your Hays Companies representative for more information on reporting under the Affordable Care Act.