3 Critical Workers’ Compensation COVID-19 Questions

Workers Compensation Coronavirus Claims – Will Workers Compensation Insurance Cover These Claims?

Coronavirus has emerged as one of the nation’s greatest challenges, and you can rest assured that ensuing workers compensation coronavirus claims will rock the insurance industry. Experts predict a flood of coronavirus-related workers compensation claims, and premium increases may soon follow. The best time to control your workers compensation premiums is at each fiscal quarter when personnel changes may impact your payroll figures.
This article will cover when workers compensation claims are “compensable” or “accepted” by the insurers. It will also offer a few tips to help you manage your premiums and other personnel-related exposures during this national emergency.

When is a Workers Compensation Coronavirus Claim Compensable?

 
A carrier accepts an illness-related workers compensation claim when the claim meets two conditions.
1. The illness must “arise out of the course and scope of employment.”
2. The cause of the illness must be a condition peculiar to that workplace and not a disease of life, like a cold, to which everyone is exposed.
COVID-19 will be widespread, and the greater the spread, the less insurers will be inclined to find the typical employee at greater risk than the general public. Clearly, first responders of all types and caregivers, such as doctors and nurses and nurse aids, will no doubt find coverage for their illness.
For other essential workers, however, the path to compensability will be less clear. Service workers, such as plumbers who work with pathogenic materials like sewage, will no doubt have their claims accepted. Workers compensation insurers are scrambling to develop investigative templates that will help them determine compensability on a case-by-case basis.
Workers compensation laws are state specific. Some jurisdictions may pass laws that offer coverage under certain conditions. Several states, including Louisiana, will soon consider bills that make the COVID-19 a covered workers compensation illness for all essential workers.

What to Do If Your Employee Becomes Ill with COVID-19

 
If your employee, such as a cashier, becomes ill with coronavirus, don’t make the mistake of refusing to submit a claim to your workers compensation carrier. Even if you disagree with the claim’s validity, it is your employee’s right to file a workers compensation claim if he or she feels the injury or illness resulted from employment.
Once you’ve submitted the claim to your insurer, assure your employee that the insurer will do their best to find coverage for the employee, if it’s in order.
Never tell your workers that, if infected, “You will have coverage.” Only the carrier can make that decision. An Arizona plumbing company recently held a COVID-19 meeting and this issue arose. One of the plumbers asked, “If we get sick, are we covered?” The owner responded by saying, “While I can’t tell you for certain, I can say that your work with sewage would probably make it a covered claim. But it’s up to the insurer to decide.” This gave the employees some confidence to continue their daily routines.
Do not waive any of your rights to later allow the insurer to deny the claim. Also, be sure that you do not give your workers false confidence that the carrier will accept and handle their coronavirus claims if they get ill. Telling an employee, “I don’t know, but I’ll check and get back to you,” is often the best way to handle these important issues. In these times, your internal risk management expertise and good advice from your broker or insurance carrier can help. Call us if you have questions or we can help in any way.
 

The Centers for Disease Control offer employer guidelines for COVID-19 employment issues here.

 
Layoffs and Reductions in Force May Lower Your Estimated Workers Compensation Premiums
 
Is COVID-19 causing reductions in your workforce? Are you expecting savings at your end-of-year workers compensation audit? You could qualify for those savings now. First, ask yourself these questions. Do you have fewer workers compared to last year? Did you outsource any services this year instead of using your own workers? What if any differences can you find in your payroll figures over the past few quarters? Is your payroll lower from reductions in force?
 
If so, make a date with your insurance broker to review your payroll numbers. Also, examine the class codes of your workers. Lower payroll and fewer class codes equal lower workers compensation costs. If you qualify, don’t wait until year’s end to realize those savings.

Consider Employment Practices Liability Insurance

When employers face layoffs or other job cuts, employment practices liability insurance (EPLI) can provide several benefits. EPLI offers protection against employment decisions such as reductions in force. Many EPLI carriers also offer a helpline and other resources so you aren’t making difficult employment decisions without expert advice. If you don’t currently have this coverage, call us for a no-obligation quote. EPLI insurance can help business owners navigate choppy waters like those currently facing the nation.
 
Reach out to us if you have questions, please contact info@fidens.com

Cyber Fraud Booming During COVID-19

Cyber Risks Grow as Employees Work from Home After COVID-19

Small to medium-sized companies are increasingly the target of sophisticated social engineering hacks and other types of cyber threats. What does a social engineering cyberattack entail? Wikipedia defines social engineering hacks as follows. “Social engineering, in the context of information security, is the psychological manipulation of people into performing actions or divulging confidential information.”
According to cnet, an electronics-centric website, recent attacks focus on attempting to get readers to click on links related to information about the coronavirus. With many people now working from home, some with access to their business’s confidential data, hackers are targeting this new trove of users. Is your cyber insurance coverage robust enough to meet the coverage challenges of these unique risks?

From Fake Netflix Scams to Phishing Attacks, Cyber Risks Escalate

 
Users with access to business data are a valuable target for hackers. Most phishing attempts take place by email. Using fake Netflix sites and other questionable tactics, scammers use home quarantine and its accompanying boredom to target isolated at-home users. Additionally, general information in emails regarding COVID-19 or charitable donations related to the coronavirus have appeared across the nation.
Scammers developed these sites to lure users to enter payment and other personal information. In some instances, this personal information release resulted in business hacks when users duplicated their social media personal passwords with business passwords. It’s important your employees understand this risk. One of the best ways to protect your business from cyber-attacks is to institute a policy that requires employees to change their passwords regularly, or on a set schedule. Caution them not to use social media passwords in business, as well.
Taking home laptops loaded with company and employee data and logging into corporate websites can pose significant risks for business owners. Many business users regularly log into public Wi-Fi hotspots, which can create a runway into your business data.
With the coronavirus changing the way employees work, we may find businesses relying on work-from-home for the foreseeable, even long-term, future. Now is the time to take a few steps to strengthen your cyber awareness.
Best Practices Information Technology Tips for Today’s Businesses
 
Your cyber insurer may offer some tips to help you manage your information technology. However, Lewis and Brisbois[N1] , a provider of cyber legal training and cyber-response teams, offers a few best practices in cyber management.
 
Appoint a cyber management team with a senior officer to lead. However, your information technology (IT) team members should be at the forefront. Include representatives from other key departments, such as public relations, finance and risk management. If you’re hacked, you’ll need to make rapid decisions. Appoint those who have enough authority to make decisions and who are not afraid to make tough decisions. For example, if you’re hit with ransomware, will you pay? That decision is an agonizing one for businesses.
 
Create a cyber action plan. Ensure your cyber team creates a detailed cyber plan. However, don’t make it so complex it will sit on a shelf. List those people responsible for which tasks and keep that list updated. Practice by working through different “what if” scenarios to prepare your team in the event you experience a cyberattack.
 
Determine the firms that can help in case you face an attack. This should include your cyber insurer, legal counsel, public relations firms, local law enforcement or the FBI, as well as IT vendors who can bolster your internal IT force if needed.
 
Stay current on emerging threats. Historically, businesses faced infiltration of viruses and malicious coding. Social engineering hackers are at the forefront of cyber threats today and have hurried to exploit the work-from-home movement. Hackers continue to grow in sophistication. Invest in training for your IT and cyber team and ensure that information flows back to the organization with frequent updates.
 
Develop a strong training program. Due to COVID-19, social engineering hacks top the list of today’s cyber threats. Keep employees updated on password importance, common cyber tricks and other attempts they may face as they manage their in-home work. Warn employees about the emerging threats from email and other scams faced by many users arising after the COVID-19 epidemic.

Cyber Insurance Coverage Problematic for Small-to-Midsize Businesses

 
Perhaps you have endorsed some level of cyber coverage on your businessowners policy (BOP). Cyber coverage under your BOP, however, is extremely limited. Generally, the BOP provides only third-party coverage in the event you experience a hack that damages others. Coverage for first-party costs, such as business interruption losses you experience or public relations costs you may incur for damage control, can help provide much-needed insurance assistance post-hack.
We can help you tailor cyber insurance coverage that can help you meet the challenges of today’s increasingly sophisticated hacks.

Does My Insurance Policy Provide Coverage for the CoronaVirus?

Will My Commercial Insurance Policies Protect by Business Against the coronavirus COVID-19?

COVID-19 or the coronavirus, a flulike virus that originated in Wuhan, China, has disrupted global supply chains and has American business owners wondering how the virus may impact their businesses. Will your commercial insurance policies cover you for the effects of this global outbreak?
 

Will My Commercial Insurance Policies Respond to an Outbreak?

The answer to this question, as in many insurance issues, is complex. Let’s review coverage by the different policies you may have.
 

General Liability and Property Insurance Coverage

Your general liability (GL) policy may cover you for third-party claims. For example, customers allege they became ill after a visit to your premises due to your failure to disinfect. In many cases, your GL coverage will respond. However, some GL policies have exclusions that limit or eliminate third-party coverage. Fear of illness by visitors absent physical symptoms, for example, probably would not trigger coverage.
If you incur cleanup costs, your pollution liability policy may provide some coverage. Most standard commercial property policies, however, usually have significant contamination exclusions.
 

The Effects of Business Interruption and Your Business Income Coverage

Absent special endorsements, most business income (BI) coverage applies only after the business experiences an income loss related to a peril covered under the policy. For example, BI coverage helps businesses that experience a loss of income after a fire. In the case of the coronavirus, it’s unlikely that coverage would apply without adding endorsements, when available, at an additional cost.
If you must close your business due to the virus, most BI policies respond only if the government orders the business closure. Additionally, the standard BI form excludes “loss or damage caused by or resulting from any virus, bacterium, or other microorganism that induces or is capable of inducing physical distress, illness, or disease.” The BI form also excludes a “loss of market.” This scenario could emerge for hotel owners who cannot fill rooms because people stopped traveling due to the disease.
However, hope for specific coverage has appeared on the horizon. The Insurance Services Office, which develops many of the coverage forms insurers utilize, offers two BI endorsements that could provide coverage if the government orders a quarantine. If your business depends on a property, you may have coverage. For example, you operate a restaurant in a hotel impacted by the lack of traveling customers, and you list the hotel as a “dependent property,” which can trigger coverage.

Workers Compensation Coverage

Under your workers compensation coverage, if an employee contacts the virus because of employment, coverage should apply. For example, a healthcare worker at your clinic falls ill after treating COVID-19 patients.

Employment Practices Liability Coverage

If employees allege you discriminated against them in handling the illness, your employment practices policy probably would respond. One of the issues to consider is how to manage an employee’s return to work after he or she contracted the coronavirus or was a caregiver for someone ill with the virus. The Centers for Disease Control (CDC) offers some COVID-19 guidance for how to manage these employment issues.

Proactive Risk Management Highlights the Need for a COVID-19 Response Plan

Ensuring you take steps to manage a crisis before it hits your business is the key to effective risk management. Document the steps you can take to manage problems before they arise. This proactive approach is essential to successfully defending yourself in the event of litigation. The CDC has basic “interim” COVID-19 guidelines on its website. We stress the word “interim” because the coronavirus repercussions change almost by the hour. Once you’ve developed and implemented a basic COVID-19 response plan, you’ll need to update it if circumstances change.

Working with Your Insurance Broker in Uncertain Times

From the travel industry hit by fewer foreign tourists to retailers facing supply chain disruption, many US businesses are beginning to experience disruption from the coronavirus COVID-19.
In times of uncertainty, a solid relationship with your insurance broker can help you manage even the most difficult adverse events. Whether hit by supply chain disruption from a significant slowdown in foreign exports or concerned about sick employees, American businesses face a challenge in the coronavirus. Your insurance coverage is one area where you rely on outside expertise.
 
With Fidens Insurance Brokerage, we’re not just your insurance broker; we’re your risk management partner. If you’re concerned about how your insurance coverage might respond to this outbreak, contact us info@fidens.com for more information.

Types of Cyber Insurance Coverages

Costs associated with Legal and Regulatory Actions- This refers to covering of all the costs, which are associated with drafting notification, legal advice given to concerned regulatory bodies. It also covers the cost incurred in responding or defending various regulatory investigations.
Costs associated with Incident Response- This refers to the costs incurred in accessing the response team for CFC Cyber Incidents on a 24/7 basis in order to consult with then during any kind of cyber event.
Forensic, IT and Security Costs- This refers to the covering of all the costs, which are associated with hiring a IT security consultant, in order to hire their help in identifying the scope and source of a particular cyber event, take their advice to remedy the situation, removing malware and also for providing expert testimony.
Costs associated with Crisis Communication- These costs refer to costs associated with public relations, which deal with protecting the brand/reputation of the insured.
Costs associated with Privacy Breach Management- This refers to covering all the costs, which are associated with notifying the companies/individuals that the information which they had kept as a non-public asset, and which had been stored by a contracted third-party cloud provider, also known as the insured, has been breached or compromised. This also covers the costs associated with providing credit monitoring to the individuals/companies and to establish a helpline for identity theft for them.
Costs associated with Third-Party Privacy Breach Management- The insured is known to oftentimes store confidential information belonging to the client of their client. In the scenario that there has been a breach in the system of the insured, and when a legal contract binds the insured to do the following, these costs cover the tasks undertaken by the insured to notify on the behalf of the clients that they have.
Costs associated with Post-Breach Remediation- Once a cyber event has taken place, the cyber incident manager of the company helps in analyzing and assessing the breach, helps in developing procedure documents and provides the employees training to avert such situations in the future. The costs incurred in this process are covered within this.
Fraud associated with Funds Transfer- This covers the cost of any electronic funds transfer done by an unauthorized third-party, electronic theft done from the corporate credit card or bank accounts of the insured. This coverage also includes covering for loss, which has resulted from the insured being duped or tricked into parting with his/her funds voluntarily.
Personal Funds Theft- This coverage covers any case of theft of personal funds belonging to an Office in a Senior Executive position (from their own personal accounts), which has resulted because of a breach of security in the network of the insured.
Theft of Escrow Funds- This covers the cost of any kind of electronic theft done by a third party from the escrow funds of the client, which the insured held.
Extortion- This part covers any and all costs related with threatening to put a malware or virus in the network of the insured or a threat to encrypt or shut down their systems completely or partially unless a particular sum of ransom gets paid.
Theft of Corporate Identity- This covers the costs, which are associated with the theft of the electronic corporate identity of the insured, whereby somebody else is entering or communicating in online contracts in a fraudulent manner, trying to deceive and portray that they are the insured.
Telephone Hacking- This coverage is associated with covering for the costs incurred if the insured’s phone system is hacked into, which may include unauthorized bandwidth usage or calls.
Phishing- This includes the coverage, which is designed to cover the costs incurred in responding to electronic websites/communications, which are fraudulent and have been made to impersonate and look like the insured. The costs which are covered as part of this coverage includes reimbursements to clients for any kind of financial loss that they might have suffered as a result of the fraudulent communications, clearing out of press releases that have been released to look like they have been released by the insured, etc.
Costs associated with Rectification and System Damage- This coverage is responsible for covering all costs that have been incurred by the insured in order to restore systems, which might have been damaged during a virus attack or breach by a hacker. It also covers all extra costs that have been invested to lessen the damage that has been caused.
Costs associated with Interruptions caused to the Business’s Systems- This is associated with covering the costs that have been incurred because of loss of profit, caused by a system outage of the business, due to a malicious hacker or virus attack. All extra costs that have been incurred in order to mitigate the said interruption also fall under the purview of this coverage.
Consequential Reputational Harm- This coverage covers the cost incurred by the insured due to the loss of customers because of a malicious virus or hacker attack. The loss of customers might have resulted owing to the bad impression of the insured’s brand created because of the cyber event.
Costs associated with Loss Adjustment- This coverage includes the cost that is incurred in determining the loss that has been suffered because of system damage, consequential reputational harm or network interruption.
Network Security Liability- This coverage provides protection to the insured from claims raised by third parties after an hacking event or a virus attack, which had taken place on or has emanated from the computers of the insured or from the computers of third party cloud provider that works for the insured on a contractual basis. This coverage also covers for any claims that may arise from the computers of the insured being used to carry out an attack of denial of service, from failure in preventing unauthorized access or theft of identity of third parties, employees, etc.
Privacy Liability- This coverage provides protection to the insured from claims raised by third parties regarding failure to protect personally identifiable information, which may include corporate information of a confidential nature or employee information. It also provides covers the insured from failure to notify/warn affected individuals.
Management Liability- This coverage provides protection for D&O claims raised by excess individuals (Side A). This is simply a D&O coverage, which may have been raised owing to a cyber event (i.e. the loss of value of shares). This coverage acts as the primary when the any other coverage does not apply.
Regulatory Fines- This covers the costs of any penalties or fines for violating privacy regulations.
PCI Fines, Assessments and Penalties- This covers the costs incurred in assessment, fines or penalties resulting from non-compliance of Data Security Standards as laid out by PCI.
Media Liability- Media Liability basically refers to the costs that are associated with different claims that allege to liable defamation, slander, violation of intellectual property rights, which may include trademark, copyright, service name, service mark, trade dilution, trade name, trade dress, rights for domain names, rights for design, rights for image, moral rights, licenses concerning intellectual property rights, plagiarism to name a few.
Regulatory Actions and Investigations- This provides coverage for fines, defense and penalties, which are incurred because of violating privacy laws.
Technology Omissions and Errors- This coverage is included for covering incidental cases of E&O of technological exposures. If the exposure is greater than incidental, then the risk is quoted on a separate tech, which includes cyber.
Costs associated with Court Attendance- This covers all costs that are associated with depositions, attending the court, etc. and as a result being out of work.

How Small Businesses Can Be Protected From Cybercrime

Cyber security has always been an important part of any business strategy since the inception of the internet. It is a different reality, however, that very few organizations actually invest in consolidating their cyber security. The stories of a large number of organizations getting scammed by the ‘Nigerian Prince Fraud, are very much news, and a prevalent risk in present internet based business ecosystem. Having undergone numerous modifications since their introduction, the ‘Advance Fee Scam’ is one of the riskiest scams of 2019, rivaled only by Ransomware, which is equally popular a scam.

The risk small companies face

According to a recently conducted study as many as 40%-45% of all cyber-attacks, are targeted on medium to small businesses only. The concept that small businesses are unaffected by cybercrimes is complexly erroneous. The reasons which make small businesses amongst the most vulnerable include:
  • Big companies have ample resources to consolidate their cyber security, a privilege not enjoyed by smaller ones.
  • Small firms pose least resistance to a hacker.
  • Smaller firms and startups at times don’t even have a robust internet security plan or policy, making them easy preys.

Attacks are evolving with time

As developments in the world of coding goes on increasing, so does the sophistication level of modern cyber threats! One of the most popular cyber threats that you would face in 2019 is the Advance Fee Scheme, which is a type of phishing attack, making you think a dubious page to be genuine. You would end up giving up important personal and financial information about yourself to a webpage which is recording such information for nefarious reasons. Malware attacks are another great risk that plague as many as two thousand different cases of banking fraud.
Ransomware is a similarly popular method, which again is a type of malware. The ingenuity of this malware lies in the fact that it downloads itself onto the user’s computer in the form of an embedded file sent with an email, and then proceeds to lock the user’s computer until a certain amount of ransom is paid. Small businesses, if not the large ones,who have major operations based on the internet will be crippled if such a situation takes place.
What precautionary methods can be adopted?
All this being said, it is not a hopeless situation for small businesses; there are still many methods which could be utilized to conceal vulnerabilities and secure your small business. Certain action items along with some general policies need to be adopted by any small business to best lower the chances of a cyber-attack.

General Policies

  • Adopting a strategy for cyber security- Small businesses are no longer alien to taking advantage of the internet in order to conduct their businesses. Therefore, it is important to secure this important platform with the adoption of a robust cyber security strategy and certain important directives that will mitigate major cyber risks to the business need to be ensured.
  • Find an expert to best locate vulnerabilities- A onetime investment that is worth the money. Hiring a professional will best enable you to locate the vulnerabilities that your business faces on the internet. An expert will also guide you to adopt the best security measures to secure those vulnerabilities.
  • Choose diverse security methods- Reiterating the fact that methods of cyber-attacks are evolving with time, adopting various methods to improve the business’ security is the best step to take. A single tool cannot provide you the most effective protection. Adopting a combination of tools like spam filters, firewalls, backup, automatic data encryption etc. equipped to handle various threats is the best approach to solidifying your cyber protection.

Action items that should be implemented regularly

  • Train employees in basic cyber security- A staggering figure of 90% is the recorded as the percentage when a cyber-security breach has occurred because of negligence on the employee’s end, especially those with non-IT training. It is important to train these elements in your staff in basic cyber security measures, how to implement them, and distinguish and identify a cyber-threat.
  • Secure all devices- Many devices are used to conduct business transactions, with even phones and tablets being prevalent in small businesses. All of these devices, which are at times even connected to solitary WiFis can pose to be a loophole and therefore need to be secured adequately to leave no room for errors.
  • Update your applications and operating systems- Outdated software have very little resistance to the constantly evolving types of cyber-threats and therefore it is important that you update them constantly to keep the latest defenses up and running.
  • Back up data that is important at numerous locations- Having a backup never hurts, especially if it is data that is very important to your business. In order to not be forced into a sudden halt and spare your business from suffering irreparable damage, make sure that most important data is always backed up and at numerous locations for easy access during a crisis.
  • Employee access procedures need to be made strict-Certain regulations need to be kept in place as far as employee access is concerned. It is important to implement these so that no breaches are made by hackers. It is important to advice every employee to have unique passwords and user names which should be changed on a regular basis. Various hacking software has made it extremely easy for hackers to guess generic or easy passwords. Downloading software must be limited by employees and authorization coupled with physical access must be ensured.