The RISC eNews Blast is intended to provide relevant and timely news information from a number of sources to member pool staff. If you see articles in the journals, email and sources you subscribe to that may be of interest to the RISC membership, please feel free to forward them to Erin Rian for inclusion in the eNews Blast. In this week's edition of the RISC eNews Blast:
DATA SECURITY & CYBER RISK
2013: The Year of Data Breach Insurance (Gen Re Topics, No. 21, Page 8, 2013): For small organizations, the biggest exposure for a data breach arises from notification and response obligations. For large organizations, which are more likely targets for lucrative class actions, liability and defense is the biggest exposure. The law is still evolving regarding liability for data breaches in the absence of any disclosure or use of the personal information for fraud. This article provides a useful overview of the trends in insurance products that are evolving to address these exposures, which pools may want to consider when developing their own approaches. One interesting comment under the discussion of “ineligible classes” was that “Hospitals, universities and municipalities may be eligible, although if they are, their rating tiers will require a higher price for the greater exposure.” (p. 14, emphasis added)
Mobile Devices and Cybercrime: Is Your Phone the Weakest Link? (Knowledge@Wharton, 6/5/2013): The BYOD environment is adding an extra layer of complexity to employers’ network security efforts. Personally owned devices that leave the premises every day, remain on most of the time, have apps installed by their owners, and often do not use adequate passwords or install virus software pose a threat to the employer’s network if they are connected. Suggestions that pools may want to make to their members include:
• Establish a mobile device permitted use and management policy
• Provide employees with log-in access only as required by their position
• Consider whether employees in some positions should have a more secure company issued device that could be monitored and remote wiped if necessary
Departments Release Final Wellness Regulations Providing Clarification and Increasing Permitted Rewards (Gallagher Benefit Services, Inc., 6/2103): On June 3, 2013, the Departments of Labor, Health and Human Services and Treasury issued final regulations on nondiscriminatory wellness programs. The final regulations largely keep intact the proposed rules issued November 2012 but split health-contingent programs into two types, increase the maximum reward allowed, and provide more detailed guidance in a number of areas. The final rules can be found here and will be effective for plan years beginning on or after January 1, 2014.
Final SHOP Regulations Bring View of Future Exchanges into Focus (Gallagher Benefit Services, Inc., 6/2013): On June 4, 2013, the Department of Health and Human Services (HHS) issued final regulations on the Small Business Health Options Program (SHOP). The final rules address the issue of special enrollment periods and delay the implementation of the employee choice model in SHOPs. The final regulations can be found here.
Fracking fuels water fight in nation’s dry spots (Miami Herald, 6/16/2013): Energy companies using the water-intensive process called fracking to extract gas from shale formations are competing with farmers and homeowners for water, driving up the price and lowering the water table west of the Mississippi. As with other situations involving competing private economic interests and local governments, pools should be alert for potential litigation that might arise from these conflicts and involve a pool’s member.
Thousands of Bridges at Risk of Freak Collapse (Claims Journal, 5/28/2013): Some bridges that are deemed structurally sound are still vulnerable to collapse. Like the bridge that collapsed in Seattle, these “fracture critical” bridges lack redundancy and are at risk of failure if a single vital component is damaged. But many of them score well in sufficiency ratings and thus are not on the radar for replacement or repair because they are not in imminent danger of failure. Pools may want to advise their members of this potential hazard.
New Colorado Law Prohibits Employer Access To Applicant And Employee Personal Social Media Accounts (Mondaq, 5/28/2013): Colorado’s governor has just signed into law a measure that forbids employers from requiring or requesting that prospective or current employees disclose the user name and password for their social media accounts. This latest law provides a private cause of action for aggrieved employees, through which they may obtain compensatory and consequential damages as well as reasonable attorneys’ fees and court costs. The attorneys’ fees provision is likely to stimulate interest among members of the plaintiff’s bar, and may be a matter of concern for pools in other states that are considering similar laws.
OTHER TOPICS OF INTEREST
State photo-ID databases become troves for police (Washington Post, 6/16/2013): Police are increasingly using the searchable photo-ID databases assembled by the states to prevent drivers’ license fraud. In addition to the larger privacy implications, there is the potential for inappropriate use, similar to the recent Minnesota cases under the Drivers’ Privacy Protection Act. Pools in states with facial recognition systems that police are allowed to use may want to evaluate their members’ exposure and investigate to what extent their members’ officers are provided training about the appropriate use of these systems.
Gun-Control Group Sues Nelson, Georgia over New Law Requiring Gun Ownership (Governing, 6/6/2013): The Brady Center to Prevent Gun Violence is suing the city of Nelson, Georgia, challenging the constitutionality of its recent ordinance that requires every “head of household” living in the city to own and maintain a firearm and ammunition. Although broad exemptions apply, the Brady Center argues that the ordinance infringes on citizens’ First, Second and Fourteenth Amendment rights not to have firearms if they so choose. Proponents argue that the ordinance is symbolic and the city plans to defend the lawsuit. This case raises again the issue of to what extent pools may be responsible for the financial consequences of litigation arising from member cities’ political stands.