RISC eNews

May 23, 2014
Image
MAY 23, 2014

NLC-RISC Update

Nominations Being Accepted for 2014 Stutz Awards
John Stutz was the first Director of the American Municipal Association, the predecessor of NLC, from 1924 to 1931. In addition, he served as the first Executive Director of the League of Kansas Municipalities for 35 years. NLC gives the Stutz Award to any league director, pool administrator, and league or pool staff member who has completed a total of 25 years of service with one or more state leagues or pools. RISC member pools with a nomination for the Stutz Award should send the name and biographical information to Jessica Carmona at by Thursday, June 12. When sending this information, please state if the Stutz Award plaque should be presented to the award recipient at the state league convention, the pool's annual meeting, another league function or meeting, the NLC-RISC fall staff conference (October 20-22 in St. Paul, Minnesota), or at NLC’s annual Congress of Cities (November 19 – 22 in Austin, Texas).

Finding NLC-RISC on the Web
Based on feedback from member pools about having difficulty finding NLC-RISC's web page, we have created a much shorter URL to allow you to find our information in a quick and easy manner. You can now find us at www.nlc.org/risc. Please contact any of us on the NLC-RISC team with questions.

NLC-RISC Trustees Conference Overview
Approximately 250 attendees, guests, staff and speakers joined us in beautiful San Diego, California for the 2014 Trustees Conference on May 8-9. The formal and informal feedback we received has been very positive. Some of the sessions offered to trustees included:

  • Appreciating Threats to Pools
  • Enterprise Risk Management
  • Preparing for and Responding to Black Swan Events
  • New Developments in Cyber Security & Data Breaches
  • Strategic Communications and Messaging
  • Workers' Compensation Trends
  • Update on the Affordable Care Act
  • Federal Legislative and Regulatory Update

You may access conference materials here.

NLC-RISC Staff Conference Update
Planning is underway for the NLC-RISC Staff Conference this fall from October 20-22, 2014 in Saint Paul, Minnesota. The beautiful Saint Paul Hotel, located in downtown Saint Paul, will be host to our event.

Hotel reservations are now being accepted. The room rate is $169 per night (plus tax). You may make reservations here. Note: Click on Reservations; Enter your arrival and departure dates. Under Special Rates select Group/Block and enter 141018NATI to receive the group rate. You may also call 800-292-9292 and reference the National League of Cities.

A preliminary agenda will be available soon. Watch for more information at www.nlc.org/risc.



Data Breach & Cyber Security

Symantec Develops New Attack on Cyberhacking
The Wall Street Journal, 5/4/2014

The cyber security industry is refocusing its efforts away from “protection” using antivirus software to “detect and respond” tactics that identify suspicious behavior caused by unidentified viruses. They believe this will be more successful in avoiding damage caused by hackers. Symantec, an industry leader and pioneer in antivirus software, estimates that antivirus software now catches only 45% of cyber attacks, and characterizes antivirus software as “necessary but insufficient”. Pools may want to follow this evolution not only for their own security, but to provide information to their members, who may believe that a firewall and antivirus software are all they need.

Beyond Data Breaches: 7 Aggregations of Cyber Risk
Property Casualty 360, 5/2/2014

Zurich Insurance and the Atlantic Council have issued a report titled “Risk Nexus: Beyond Data Breaches: Global Interconnections of Cyber Risk, which makes recommendations about seven different areas of risk that arise from the intersection of the internet and the real world, such as the electrical grid. The different areas of risk can be summarized (some are combined) as follows:

  • Internal IT resources
  • Dependence upon or interconnection with an outside partner or supplier of goods and services that can affect the organization if its systems, processes, infrastructure or supply chain are disrupted
  • Unidentified risks from emerging technologies, such as the “internet of things”, which could echo through the system
  • Dependence on infrastructure relied upon by the society as a whole, which could cascade into cyber failures
  • Major external shocks, like war and a malware pandemic

A link to the full report and to a government specific report is available here.

4 Ways to Protect Yourself Against CryptoLocker
Property Casualty 360, 5/6/2014

CryptoLocker is a virus that is usually delivered by email. It encrypts the recipient’s computer and possibly the broader network, and criminals then demand ransom to unlock it. Addressing this risk includes:

  • Infected emails are often disguised as FedEx or UPS tracking notices, so be sure employees don’t click on these links before confirming the shipment is legitimate.
  • Consider backing up computers using a “cold system”, which does not continuously back-up, and thus reduces the risk of saving encrypted files in place of the files you want to access. In the alternative, consider using the versioning function of a “hot system”, which will save backups alongside already saved versions, rather than replacing clean documents with those that are encrypted.
  • Design security as part of the system design rather than in response to an event.
  • Plan in advance with your IT personnel to determine whether shutting down a computer immediately would be a good strategy to limit spread of the CryptoLock virus.

Unencrypted Laptops Prove Costly
Mondaq, 4/26/2014

As another reminder of the need to encrypt laptop computers or other devices that include personal information, a health care company has been fined $1.7 million for theft of a laptop from a physical therapy clinic. The penalty may have been more severe because the company at issue had prior similar incidents.

Utilities face growing risk of cyberattack
The Globe and Mail, 5/7/2014

Cyber threats to North American utilities are growing, according to speakers at a Canadian regulatory conference. Technological modernization and decentralization are increasing possible avenues of attack. Potential attacks include state sponsored attacks by China, Russia and Syria, which are targeting the industrial control functions to disable them or extract information. Pools that cover utilities, especially if they offer cyber coverage, either specifically or by lack of exclusion, should consider how a major attack might affect them and their members.



Disasters & Emergencies

The Insurance Implications of Increased, Possibly Fracking-Related Quakes in Oklahoma
Property Casualty 360, 5/16/2014

The recent spate of earthquakes in Oklahoma and other states may be connected to disposal of wastewater used in fracking, but the involvement of human activity does not currently change the insurance implications of those earthquakes. Earthquake insurance should still respond, but there may be other sources of recovery as well, including the drilling operations, against which the insurer might subrogate. Proving causation may be difficult at this time, but as the evidence mounts it may be easier. Pools that write earthquake coverage in states where fracking takes place may want to consider whether their pricing is adequate for the risk in their particular state, and what recovery options they might want to pursue in the event of an earthquake that damages member property. Pools may also want to work with their members on loss prevention and control for the members’ property and on issues relating to third party liability issues arising from its zoning decisions related to fracking and waste water disposal.

U.S. Report: Climate Change Here, Deal With It
Insurance Journal, 5/6/2014

The White House has issued a National Climate Assessment Report. The report addresses how different regions of the US are being affected and suggests changes that can be made to mitigate the effects. Extensive information is included for adaptation strategies, including examples of local government strategies. The full report is available here. To access the sections on Regions and Adaptation, which are likely to be of the most interest to pools and their members, go to “Download the NCA”.

Congressional Primer on Responding to Major Disasters and Emergencies
Recovery Diva, 5/13/2014

The Congressional Research Service has prepared a report on responding to emergencies and disasters. This provides an overview of the structure for emergency and disaster response in the US and might make a good tool to use with pool members.

GAO Issues Dire Report on National Flood Insurance Program
Property Casualty 360, 5/12/2014

The GAO has issued a report finding that NFIP insolvency issues are likely to be endangered by political disagreement in Congress, and in particular by the 2014 roll back of the mandate in Biggert-Waters that actuarial rates be phased in over a five year period. The report also makes the point that there is currently no reliable mechanism for ensuring that homeowners in vulnerable areas buy flood insurance.

Employment Practices

Is Telecommuting as a Reasonable Accommodation Under the ADA the New Norm?
FordHarrison, 4/30/2014

The Sixth Circuit Federal Court of Appeals has held that a four-day per week telecommuting arrangement could be a reasonable accommodation under the Americans with Disabilities Act, even if the employer determined that telecommuting was not an acceptable substitute for on-site work. The employer had in place a telecommuting policy that allowed employees to telecommute up to four days per week. Pools may want to consider their federal circuit court’s position on reasonable accommodation, and help their members develop position descriptions and telecommuting policies that establish their basis for requiring on-site work. An employer’s unsupported assertion that team work requires presence on-site may not be sufficient.

Liability

Insurance company sues Illinois cities for climate damage
ClimateWire, 5/14/2014

An insurance company has filed nine class action lawsuits alleging that Chicago area municipalities are responsible for failing to prevent sewer back-ups resulting from flooding during a two-day rainy period in April. The insurance companies paid damages for property damage, lost income, the cost of evacuation and declining property values. They allege those damages resulted from the municipalities’ failure to manage their storm water systems appropriately in anticipation of the heavy rains. Some analysts believe that the insurance company is trying to position itself to avoid losses from a broader group of claims linked to flood, sea level rise and possibly greenhouse gases released by corporate policyholders. Pools may want to consider what would be the implications if multiples of their members were faced with this kind of action.

Property & Casualty

Liberty Mutual Adds Cyber Coverages to Small Business BOP Policies
Insurance Journal, 5/19/2014

Liberty Mutual Insurance has added to its Business Owners Policy a cyber endorsement that covers first party data breach expenses, data and systems restoration, and third party liability for resulting suits and damages. Policyholders are provided with complimentary access to NetDiligence’s eRisk Hub, which is available for NLC-RISC pools to use with their members under a special pricing arrangement available through NLC-RISC.

Insurers Want More Climate-Change Certainty
Property Casualty 360, 5/19/2014

Standard & Poor’s says that insurers are well prepared for the gradual effects of climate change on extreme weather events, and that there should not be a sudden ratings increase absent an extreme spike. An S&P report titled “Are Insurers Prepared for the Extreme Weather Climate Change May Bring” concludes that insurer systems allow for gradual increases. The report concludes that the industry is managing the exposure through risk diversification, effective underwriting, risk management and risk mitigation. However, industry representatives would like more certainty around the climate change issue. If there is a change in the current industry perception that the impact of climate change will not be felt until 5 to 10 years or more from now, then it may be incorporated into pricing models.

Alternative Capital: Here to Stay, Set to Expand, and a Possible Hard-Market Killer
Property Casualty 360, 4/30/2014

According to experts speaking at the RIMS conference, alternative capital is here to stay in the property-catastrophe markets because the risks are not correlated with those in other asset classes. This may signal an end to hard markets as experienced in the past, placing pools in a more difficult competitive position with the commercial market.



Social Media

Is social media too risky for government?
Archive Social

Three risks are identified:

  • Third party content requires a strategy regarding management of two-way communication, which needs to consider the First Amendment rights of posters and the need to avoid or eliminate offensive material.
  • The public entity must be sure it is in compliance with public records laws and FOIA requests.
  • The government needs to balance the need for centralized control of its message and brand with the benefits of providing better service by empowering a broader group of government representatives.
Among the suggestions for addressing these risks are:
  • A clear and comprehensive social media policy
  • An employee use policy
  • Amending the governments recordkeeping practices to include social media
Accessing the report requires registration.

Workers' Compensation

Police unions push for medical coverage of PTSD
Yahoo News, 5/156/2014

More police unions are supporting legislation that would provide police officers with workers’ compensation coverage for post-traumatic stress disorder, in some cases even if it arises from the general stress of police work rather than significant traumatic events. Some municipal leaders and police chiefs are concerned that the benefits being considered are too broad and would strain budgets and encourage unnecessary claims. Pools may want to keep an eye on any such efforts in their states, and state municipal league advocacy efforts may find they have allies not only in municipal officials but also law enforcement leaders.

Little Reduction in Longer-Term Opioid Use in Most States
PRWeb, 5/16/2014

The Workers’ Compensation Research Institute has issued a report concluding that there was little reduction in long-term opioid use in most of the states it studied. It found a sizeable increase in the use of drug testing during the study’s term, but low use of psychological evaluations. Both are suggested by medical treatment guidelines, and might be tools for pools to consider in the medical care of their workers’ compensation claimants who are at risk of becoming opioid dependent.

Why States Are Fighting the FDA on Painkiller Approval
Governing, 4/28/2014

Massachusetts and other states plan to restrict use of the new pain drug Zohydro despite FDA approval. A U.S. District court judge has ruled that federal approval supersedes state law, but Massachusetts has added additional restrictions to the drug. Vermont has taken similar steps, and Ohio is considering action. Several members of Congress have introduced bills to ban Zohydro. The benefit of Zohydro is believed to be less toxicity to the liver because it does not contain acetaminophen. A major concern is that it does not come in an abuse resistant form.

Guidance on PDMP Best Practices
Brandeis University PDMP Center of Excellence, 1/2014

The Brandeis University PDMP (Prescription Drug Monitoring Program) Center of Excellence has issued a report on the effectiveness of unsolicited reporting as part of a state PDMP program. The full report is accessible by using a link under “Recent Developments” on the left side of the program home page. Unsolicited reporting refers to reports about high-risk patients and prescribers that are pushed to, rather than requested by, the receiving entity. These reports may go to prescribers, dispensers, licensing boards and law enforcement agencies on high-risk patients and prescribers. The report discusses thresholds for unsolicited reporting and barriers that prevent programs from being implemented. It also reviews how unsolicited reporting is used in a number of different states.

Other Topics of Interest

Insurers Intend to Up Investment Portfolio Risk; More CFOs Appear OK with That
Property Casualty 360, 5/7/2014

A recent survey by Goldman Sachs Asset Management finds that insurers are increasingly turning to higher risk investments, with the approval of their CFO’s.

Opinion analysis: Prayers get a new blessing
SCOTUSBlog, 5/5/2014

The Supreme Court of the United States issued a 5-4 decision ruling in Town of Greece v. Galloway that local governments may open their meeting with religious prayers even if those prayers are largely confined to one faith. Those prayers may not actually advocate a particular faith or criticize other faiths. Some key points included:

  • The prayer must be during the ceremonial portion of the meeting, not during official policy actions.
  • The government may invite anyone in the community to conduct the prayer and can even pay a chaplain, but it may not dictate the contents of the prayers.
  • The government may not require attendees to take part or criticize them if they do not.
  • Officials are not required to ensure that all faiths are represented in the prayers.
  • The Court maintains its position that prayers are not allowed at public school events.
  • Courts hearing challenges are required to examine a “pattern of prayers” and look for whether the pattern has the effect of coercing individuals who do not share the faith upon which the prayers are based.

Pools may want to provide their members with guidance as to what this decision does and does not allow them to do. A link to the full decision is provided.

Same-Sex Unions Create ‘New Reality’ for Payers and Carriers
Risk & Insurance, 4/21/2014

Marriage equality is increasingly recognized in the US, and that pose some risks to workers’ compensation carriers, in the form of additional potential recipients of benefits arising from a workers’ injury. For example, the surviving member of a same sex couple may now be entitled to death benefits. This is a very state specific area of the law, and pools that are not mindful of these changes could owe retroactive benefits and associated penalties.

In This Issue


Pools In The Spotlight

The Supreme Court Rules on Legislative Prayer
Local Government Insurance Trust, 5/2014

This close but succinct analysis of the recent U.S. Supreme Court decision in Town of Greece, NY v. Galloway offers a useful guidance about the decision's implications for local government, from which pools can draw to advise their members.

The paper is was prepared by LGIT's Director of Legal Services, John F. Breads, Jr.

Upcoming Events

2014 NLC-RISC Staff Conference
October 20-22, 2014
Saint Paul, Minnesota

2015 NLC-RISC Trustees Conference
May 7-9, 2015
Savannah, Georgia

Employment Opportunities in Pooling

Click on the job title below to be directed to the pool's job posting on their website. Visit NLC's Career Center for additional job opportunities in local government.

Director of Risk Management Services
Rhode Island Interlocal Risk Management Trust

Human Resource Senior Consultant
Citycounty Insurance Services (Oregon)

Law Enforcement-Human Resource Senior Consultant
Citycounty Insurance Services (Oregon)

Visit the NLC-RISC Web Page