By Brian Weiscarger and Joe DiBella
Open enrollment offers human resources (HR) departments a critical opportunity. It’s one of the few times of the year they have their employees’ full attention to educate them on health plan information and guide them to make better choices.
Now more than ever, data analytics has a critical role to play for HR departments seeking to maximize the effectiveness of their open enrollment periods. The volume of data available to HR professionals has exploded, and powerful analytics tools have made extracting actionable insights faster and more efficient.
Typically, this data is used during open enrollment to help employees select the right plan. But there’s another way to use data analytics that’s gaining popularity. Innovative HR departments today are analyzing data around health plan utilization, identifying unused resources, and educating their employees during the open enrollment period in ways that save lives and significantly lower costs.
Not long ago, we worked with a large plan sponsor that was experiencing elevated rates of breast cancer in their employee population. This group turned to their benefits data for a solution. After reviewing the data, they found that only 50 percent of recommended employees were receiving their annual mammograms. While preventive mammograms are paid in full under the Affordable Care Act, only half of those recommended were receiving this life-saving screening. So, rather than just focusing on enrollment options, this group used open enrollment to launch a full-blown communications campaign to raise awareness about breast cancer and the organization’s low adherence rate for preventive mammograms.
Understanding that early detection is critical in treating this disease, the employer took this awareness campaign a step further. They set up a service that made it incredibly easy for employees to schedule mammograms and follow up with those overdue for the screening. In the end, this open enrollment campaign produced extraordinary results, elevating compliance with recommended screenings to 80 percent. Improving the population’s compliance with breast cancer screenings undoubtedly saved lives. It also saved the employer thousands of dollars in lengthy and costly cancer treatments over many years. None of this would have been possible had the employer not analyzed and acted on the insights gleaned from the collection of its employee data. And, importantly, using the attention open enrollment draws to get employees focused on this important issue.
Leveraging data analytics to enhance open enrollment is accomplishable for employers of all sizes. Doing so requires some planning ahead. Here are four steps HR departments can take to set themselves up for success.
1. Get Access to Your Data: Most midsized and large employers should have access to their health plan and employee engagement data. But no matter what the size of the business, HR departments are entitled to this information. To get started, HR professionals can ask their health plan and insurance brokers for access to their employee data.
2. Utilize Powerful Analytics Technology: Without the right tools, sifting through high volumes of data can be a challenge for HR departments. Thankfully, there’s a powerful technology that adds speed and efficiency to this process. For example, data warehouse tools can capture a group’s claims and utilization experience and analyze drivers of cost and gaps in care so that specific actions can be taken to address cost and quality proactively. It was a data warehouse tool that allowed us to help the plan sponsor that focused on cancer screenings identify their low mammogram rate.
3. Look for Actionable Advice: Countless actionable insights are waiting to be uncovered in every employer’s healthcare data. It’s important to look at employee claims data to see what behaviors or claims are driving costs, what top conditions are leading to higher claims, and what gaps in care may exist that can lead to greater disease prevention or early detection. For example, are employees using a high-cost drug when a comparable generic alternative is available? Or are low-risk employees selecting high-cost plans when a different option is more suitable for them? Employers should also cross-reference these insights with the demographics of their employee population to get a better understanding of every opportunity to improve plan utilization. Armed with this data, employers are advised to leverage open enrollment time when employees are paying attention to build an action case.
4. Leverage Insights During Open Enrollment: Open enrollment is one of the few times when most employees are focused on benefits and healthcare, making it the perfect time to leverage these insights to influence employee behavior. Employers can create materials that educate employees on the services available to them and how to take advantage. These campaigns can include emails, videos, text messages, presentations, or any touch point that makes the most sense for the employee population. By educating employees at a time when they’re already thinking about health benefits, they will be much more likely to utilize the services available to them that can improve their health, increase early detection of serious illnesses, and ultimately save the organization money in future healthcare costs.
For any employer or plan sponsor seeking to leverage data-driven insights during their next open enrollment period, it is important to partner with insurance brokers or consultants who have deep experience in both employee benefits and data analytics. These firms can help employers access, organize, and analyze their data in ways that produce quality, actionable insights. They can also bring powerful technologies to the table that can lead to the fast discovery of value-adding information. These experts can counsel organizations on how to best put these insights into action during open enrollment to ultimately improve employee health and lower overall healthcare costs.
Cybersecurity breaches happen nearly every day at organizations around the world.
Cyber criminals have grown increasingly sophisticated in their attacks, causing the frequency of breaches to skyrocket. According to the Identity Theft Resource Center, the number of breaches increased by 78 percent in 2023 compared to the prior year.
It’s no secret these incidents can cause significant financial, operational and reputational damage – and organizations of all sizes and industries must take precautions to protect themselves. In honor of Cybersecurity Awareness Month, we’re sharing the top five tactics organizations can leverage to enhance their cybersecurity defense.
More than ever, cybercriminals are leveraging sophisticated phishing attacks to breach company systems. Employees are an organization’s first line of defense. Training them to recognize and report phishing attempts has become one of the most important tactics to keeping sensitive information safe.
Ransomware attacks where cybercriminals prevent company employees from accessing their computer files, systems or networks are becoming increasingly common. The rising frequency of these attacks makes it critical to regularly back up important company information. Maintaining data backups separate from your main system, perhaps with multiple providers, can add an extra layer of security should any single provider suffer a data breach.
Strong passwords are a first line of defense against bad actors accessing your network. Make sure your organization’s password requirements compel users to set strong passwords via more characters, upper and lower case letters, numbers and symbols. Encourage users to use random characters or long phrases and avoid common words, names or dates. And educate users to never share passwords. You can also use a password manager to generate passwords, store encrypted passwords, prevent reuse of passwords and advise users when passwords should be changed or are weak.
Multi-factor authentication (MFA) has become a commonplace practice where users are required to provide more than just a password to log into their accounts. One example of multi-factor authentication is when users receive a one-time code via text or phone that they must enter in addition to their password to gain access. For single sign-on networks, it is also important to close potential “back doors” by making sure MFA is in place at multiple access points. Multi-factor authentication is one of the simplest and most effective ways to prevent cybercriminals from accessing private files or systems should they obtain a user’s credentials.
Updating your systems and installing security patches promptly is an essential component of keeping your company’s system and data safe. Think of security patches as a way to close holes in your security fence. If you fail to act promptly when system patches are released, you leave your organization vulnerable to cyber attacks.
Cybersecurity Awareness Month is a great time to brush up on cyber defense. Our experts at Conner Strong & Buckelew are going to be discussing cybersecurity and insurance issues all month long, offering tips to help organizations protect their data and systems. Not only are the tactics discussed above very effective in thwarting cyber attacks, but many cyber insurance carriers refuse to provide coverage unless these safety measures are in place.
Carriers often view these tactics as foundational musts and want to see additional layers of security when writing policies. At Conner Strong & Buckelew, our in-house cybersecurity experts can examine your situation and provide guidance to help you optimize your cybersecurity defense. We’re also deeply experienced in cyber insurance and can help your organization ensure it is protected.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
On July 19, 2024 businesses around the world came to a screeching halt. Operations at airlines, television networks, banks, hospitals and more were shut down as a massive technical outage crashed computer systems around the globe.
Although the disruption caused by the event was similar to that of a ransomware attack where cyber criminals hold systems and data hostage, it was actually caused by a faulty update installed by CrowdStrike, one of the world’s most widely used cybersecurity firms. The outage impacted more than 8.5 million Windows PCs and servers connected to the CrowdStrike security platform, interrupting countless businesses worldwide.
In honor of Cybersecurity Awareness Month, we’re sharing three of the most significant risk management and insurance takeaways that emerged in the aftermath of the CrowdStrike incident.
Organizations must have plans in place to quickly respond to cyber incidents and restore critical business functions and data with as little down time as possible. Plans must include comprehensive procedures to ensure early detection, mitigation of the effects of the event and rapid restoration of data and business operations. Plans should delineate a clear chain of command and the roles and responsibilities of staff members. Elements such as contact information and alternative channels of communication are essential to plans, and response and business continuity plans must extend to key vendors.
Many impacted organizations turned to their cybersecurity insurance policies to recover some of the revenue lost during the interruption. However, many were informed by their carriers that this was not a covered event because the outage was caused by a faulty security patch implemented by CrowdStrike, not by cyber criminals. Because there was no malicious act, most cybersecurity policies were not triggered, leaving the companies without coverage. To avoid coverage gaps in the future, it is critical for organizations to fully understand their cyber policy’s coverage limitations and work with their broker to find ways to close protection gaps.
Beyond securing comprehensive insurance coverage, organizations must ensure their contracts with third party vendors include strong indemnity clauses. These contracts must clearly detail responsibility for damages and financial losses resulting from business interruptions caused by technical failures as well as cybersecurity breaches.
Cybersecurity Awareness Month is a great time to brush up on cyber defense and insurance. Our experts at Conner Strong & Buckelew are going to be discussing cybersecurity and insurance issues all month long, offering tips to help organizations protect their data and systems. Securing contracts and understanding coverage requires expertise, and it is best not to go at it alone. At Conner Strong & Buckelew, our team is deeply experienced in cyber insurance and can help your organization ensure it is fully covered. We also employ cybersecurity experts who can examine your cybersecurity defense to confirm best practices are leveraged.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
In Part 1 of this series, we explored the basics of parametric insurance — what it is, how it works and some the of risks it may help mitigate. In this article we will take a deeper dive into the key differences between parametric insurance and traditional indemnity insurance — and how they can work together.
It is important to understand that parametric insurance is not intended to replace traditional coverage. Instead, it can complement traditional insurance coverage by providing an extra layer of protection and/or providing coverage for risks not covered under a traditional policy.
The chart below compares key policy attributes and how they differ.
| Traditional Indemnity Insurance | Parametric Insurance | |
|---|---|---|
| Policy Structure | • Typically a standard product covering a range of common perils. • Long-form policy language with limited customization opportunities. | • Highly customized to cover a specific, verifiable trigger event. • Generally shorter contract length with straightforward language. |
| Coverage Inclusions and Exclusions | • Most policies exclude or sublimit coverage for certain perils, such as floods, earthquakes and cyber liabilities. | • Coverage is strictly limited to the specific, verifiable trigger event and parameters stated in the policy. |
| Policy Term | • Usually one year, with some multi-year options available. | • Typically one year, but terms of 2, 3 or more years are possible. |
| Triggering Event Location | • Covered peril must cause damage to the insured’s property or assets for any coverage, including business interruption, to apply. | • Must occur in a defined geographic area, which can be outside of the insured’s property and direct control, but is key to business operations. |
| Deductibles | • Typically has standard deductibles regardless of the loss amount/severity. | • No deductibles. Payment amounts are based on a pre-determined index. |
| Triggering Event Severity | • No specific event severity is required to trigger coverage under the policy, but there must be damage to the insured’s property or assets. | • The severity of the event must meet the mutually agreed upon parameter in the policy, such as a hurricane with a certain wind speed. |
| Claims Assessment and Payout Process | • Actual losses are determined by an adjuster. • Settlement negotiations may be required. • Based on the complexity, settlement may take months or years. | • Fast payouts with no adjuster or negotiations required. • Payouts are transparent and based on the “occurrence” of the defined trigger event vs. an adjuster’s loss assessment. |
| Claims Proceeds | • Claims proceeds must be used to repair or replace damaged property or assets. | • Proceeds may be used in any manner related to the damage or interruption to the business. |
Let’s look at a hypothetical example of how parametric insurance can provide an extra layer of protection.
A.B. Smith Construction Company: A construction company with a major project underway in Orlando, Florida, just over 84 miles northeast of Tampa Bay, Florida.
Traditional Coverage: Policy provides property damage and business interruption coverage for losses impacting the construction site and all on-site materials, equipment and assets.
Parametric Coverage: Because most of the materials and equipment required for the project arrive via the Port of Tampa Bay and are transported to the project site by trucking companies near the port, the company purchases a parametric insurance policy with the following parameters.
A Category 4 hurricane hits the west coast of Florida. By the time the storm moves inland to the Orlando area it has weakened considerably, but A.B. Smith Construction does suffer the loss of a crane and on-site construction materials. The company reports the claim to their carrier to get the loss adjustment process started. They are glad they have the coverage but know the claim adjustment and settlement process will take time.
While damage to the Orlando construction site was mild, the Tampa Bay area took the full force of the Category 4 hurricane. The Port of Tampa Bay and most of the trucking companies that serve it are shut down indefinitely due to severe storm damage. As a result, A.B. Smith Construction’s Orlando project site cannot get the materials and equipment it needs to resume operations.
This is where the parametric coverage comes into play. Because the storm struck within the specified location and exceeded the wind speeds stated in the parametric policy, A.B. Smith Construction will promptly receive a claims payout of $4.5 million (90% of the total coverage amount as specified in the policy index). The immediate payout will provide A.B. Smith Construction with the cash flow it needs to re-route incoming supplies and equipment through the Port of Miami and quickly get the project back on track.
This is just one example of how parametric insurance can enhance protection and provide quick access to resources when they are needed most. There are a myriad of other ways, such as providing coverage for perils excluded under traditional policies, providing additional capacity or filling in gaps left by high deductibles.
To determine if parametric insurance would be a good complement to your current coverage, you’ll need to talk to a broker with specific expertise in this coverage genre. Conner Strong & Buckelew has the in-house expertise to evaluate your coverage needs and provide the necessary guidance if parametric insurance makes sense for your organization.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
Employers today are making significant investments in their workforce and facilities through safety and loss control programs. These programs can vastly improve worker safety and lower the risk of casualty insurance claims (workers compensation, general liability and automobile liability).
Captives that provide insureds with property and casualty insurance coverage can help organizations better control their overall insurance spend and allow them to reap the benefits of their investment in safety and loss control more efficiently than a guaranteed cost insurance plan.
A P&C captive is an insurance company formed under a special purpose statute with the primary purpose to finance the risk of its owners, participants or members. Captives are capitalized, licensed and regulated insurance companies under specific statutes, and are domiciled both on-shore and off-shore. Captives allow an individual company, or a group of like-minded companies, to form their own insurance entity. There are several types of captive insurance companies. Among the most common are:
By taking on this risk, employers put themselves in a position to reap the financial rewards. When claims are low, captive members, not an insurance carrier, keep the underwriting profit and investment income. These savings are compounded when companies invest heavily in safety and loss control programs that reduce workplace injuries and insurance claims and help to create a culture of workplace safety.
Safety and loss control programs require financial investment to implement and maintain. But in a traditional, guaranteed cost (first dollar) program, the premiums paid are kept by the insurance carrier and employers don’t see any financial return from lowering their claims. In essence, the good performers in the traditional market are subsidizing the companies that are experiencing adverse loss experience. With captives, employers that invest in loss control measures that translate to lower claims costs reap the financial return on their investment.
Aside from keeping the financial return on investment in worker safety, captive insurance programs offer several additional benefits to employers:
Does your business have a successful safety and loss control program? Are you in a high-risk industry? Do you want to stop letting the insurance carriers benefit from your smart thinking and successful safety efforts? If you answered “yes” to these questions, a P&C captive may be able to improve your company’s bottom line. Captives provide employers with more consistency, control and customization that leads to superior results.
At Conner Strong & Buckelew, our team is deeply experienced in P&C captives and can help your organization reap these benefits. We also have close connections to industry-leading safety and loss control experts that can help our clients lower claims even further.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
All human services organizations that provide inpatient care face the risk of patients with a cognitive impairment or developmental disability leaving a supervised environment without proper authorization or supervision. Known as “elopement,” this situation can be prevalent in nursing homes, assisted living facilities or special care units for individuals with conditions like Alzheimer’s disease, dementia or autism.
Research shows that in cases involving elderly patients, if the resident is not located within the first 24 hours there is roughly a 25 percent chance they will not survive. But elopement risk is not limited to elderly patients. While the circumstances surrounding young people and children eloping from inpatient facilities may differ, the consequences can also result in severe injury or death. Faced with this daunting reality, it is incumbent upon care facilities to ensure the wellbeing of patients – and protect themselves from related liability – by preventing elopement.
The right human services broker can help facilities mitigate elopement risk in a number of ways, including:
1. Comprehensive risk assessment: A thorough evaluation of current protocols, elopement incidents, staff training and facility technology can help you find ways to identify which patients may be at greatest risk, where there may be safety gaps and opportunities for risk reduction.
2. Policy and procedure improvement: After the initial risk assessment, knowledgeable brokers can recommend strategic policy and procedure improvements, such as more robust chain of custody communications, employee and vendor background checks, visitor access changes and emergency response protocols.
3. Technology improvements: Your broker can introduce and help the organization source and adopt services and state-of-the-art technologies, such as updated surveillance systems and tracking devices, that have been proven to reduce elopement.
4. Training and Education: Your broker can provide guidance to help you develop a sustainable and repeatable staff and caregiver training program to help ensure the improved safety procedures, protocols and technologies are consistently communicated and applied.
5. Provider networking: Facilities can benefit from the knowledge gained through your broker’s relationships with other providers and the opportunity to network with other organizations that have been successful in reducing elopement incidents.
At Conner Strong & Buckelew, our brokers serve as a valuable resource for service providers in the human services industry. When it comes to elopement, human services organizations must do everything they can to limit these incidents and keep their patients and participants safe. Our leading team of professionals can help these organizations implement effective strategies to prevent these incidents. In the event that elopement does occur, our claims advocacy department will review claims, assist in all claim issues and recoveries and advocate with our carrier partners on your behalf.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
Although Parametric Insurance has been around since the 1990s, increasingly difficult market conditions and recent advancements in underwriting technology have caused a surge in popularity. The concept of parametric insurance is straightforward. Unlike indemnity policies that pay claims based on the insured’s actual losses as determined by a loss adjuster, parametric insurance claims pay out a predetermined amount based on the occurrence of a specific ‘trigger’ event, such as a hurricane or flood, that:
Parametric insurance claims are paid quickly – often in just a few days. This is because the payouts under these policies are tied to the occurrence of the trigger event, which eliminates the need for adjusters and settlement negotiations. The insured also has the freedom to use the claims proceeds in any manner related to the damage or interruption to the business caused by the trigger event. The combination of rapid payouts and flexibility around how claims proceeds may be used can help organizations recover more quickly after a catastrophic or disruptive event.
In addition to a swift claims process, payout amounts are defined in advance as part of the policy design, so there is no ambiguity. Parametric insurance, also known as ‘index-based’ insurance, is structured with a payout index. The index ties the payout amount to the severity of the trigger event relative to the organization’s business continuity plan and risk tolerance. Below is a hypothetical example of how a policy with a hurricane trigger might be structured.
Verifying Source: National Oceanic and Atmosphere Administration (NOAA)
| Within 40-mile radius: • Latitude: 25o 45’ 27.48” • Longitude: 80o 11’ 37.32” | ||
In this example the organization was confident it could withstand and/or absorb all of the damage and disruption from a Category 1 hurricane and most of the damage and disruption caused by a Category 2 hurricane. So, the policy payout scheme was structured accordingly.
Parametric coverage does not have to be limited to the insured’s location. It can be designed to provide coverage for trigger events that occur within a pre-agreed distance from a “point of interest”, typically defined by a specific latitude and longitude. This approach, sometimes referred to as “Cat in a Box”, provides protection for trigger events beyond the insured’s immediate location that could interfere with infrastructure or activities critical to the organization’s operations.
With climate change contributing to the frequency and intensity of storms, wildfires and flooding events, natural disasters will continue to be common parametric insurance coverage triggers. However, parametric insurance policies are not only for large natural disasters. This type of coverage is becoming increasingly popular for covering a wide range of disruptive trigger events, such as:
There are a multitude of risks that can be covered by a parametric policy. The fundamental requirements are that the trigger event must be a:
Parametric insurance is not intended to replace traditional indemnity insurance. However, as a complement to traditional coverage it offers key advantages including:
When considering parametric insurance, it’s important for organizations to partner with a broker that has deep knowledge in this coverage category and the ability to evaluate how it may support protection needs. Conner Strong & Buckelew has the in-house expertise to identify an organization’s specific exposures and determine whether parametric insurance can strengthen its overall protection strategy. And if parametric coverage is a good fit, we can leverage our relationships with the top parametric insurance carriers to help secure coverage designed to meet the organization’s unique needs.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
In human services, organizations have an ethical and legal responsibility to uphold their duty of care to protect and support the well-being of individuals. When a breach of duty occurs, it can have profound consequences.
The consequences of breaching the duty of care vary significantly depending on the nature and degree of the breach, the specific circumstances and the relevant laws and regulations. Consequences can consist of legal repercussions, professional sanctions and damage to the well-being of the individuals involved.
In the case of a 58-year-old resident, a health care services organization breached its duty of care after a resident suffered a serious fall which contributed to her death. Nursing home staff members did not notify the family until over a month after the incident, and one of the staff members allegedly believed the resident was faking her pain. When the resident was finally admitted to the hospital, it was revealed she had broken two of her vertebrae and that the fractures had become infected. The patient subsequently died from the infection, resulting in the facility facing a lawsuit from the family and being fined by the state for failure to meet care standards.
By implementing the prevention tactics and strategies outlined below, human services organizations can reduce the likelihood of duty of care breaches and minimize potential risk to the organization. Knowledgeable brokers can help human services companies seamlessly implement these tactics to ensure they are leveraged to their maximum potential.
1. Provide training and education: Human services organizations should require staff to attend ongoing training sessions on topics such as ethics, legal obligations, best practices for avoiding duty of care breaches and recognizing signs of abuse or neglect. Additionally, they should educate individuals under their care, and their families, about patient rights and available support services.
2. Maintain a safe environment: Creating and maintaining safe physical environments, including homes, facilities and community spaces where services are provided, can significantly limit the frequency and severity of safety incidents. This includes safety measures such as making sure fire exits are accessible and emergency protocols are in place.
3. Implement robust incident response and reporting policies: If an incident occurs, the organization must ensure the immediate safety and well-being of the individuals under their care. This may involve calling emergency services or providing first aid. Once the immediate situation is under control, documentation and notifications should begin. Reports should be factual, objective and should not contain any subjective opinions or judgments. Depending on the severity and nature of the incident, applicable laws and the organization’s policies, notifications could include supervisors, colleagues, family members, legal authorities or regulatory bodies. After the incident is documented and reported, the organization should investigate the root causes to determine what measures could prevent similar incidents in the future.
In this environment, partnering with the right broker can be invaluable. Conner Strong & Buckelew’s brokers help clients design and implement proactive safety and risk control programs that can help them manage and prevent claims. Our clients also benefit from the guidance of our claims and advocacy professionals and safety experts.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
