All posts by Justin Duffy

Other

Injury Concerns When Working Construction

Did you know that there are approximately 250,000 construction sites in the United States alone? Injury rates among construction workers are also marginally higher than those who choose other professions. Falling from heights, working with heavy machinery, and repetitive motion injuries are just some of the most common risks that construction companies have to account for. Yet, every year almost 20% of all work-related fatalities come from construction workers. 

Here are some of our tips on how to prevent injuries on your construction site:

Fall Protection:

    • Use fall protection such as guardrails, fall arrest systems, safety nets, and restraints to help prevent any sort of on-site injury.
      • Providing your employees with a safe work environment may seem obvious, but many employers think they’re saving money by not abiding by the rules. 

Heavy Equipment:

    • Check all vehicles and equipment for proper operation
    • Use traffic controls any time a vehicle enters a public thoroughfare
    • Place flaggers wearing high-visibility gear at all appropriate locations
    • Ensure that loads do not exceed the capacity of vehicles and equipment
    • Only make repairs once workers are protected from the movement of equipment

Scaffolding: 

    • Encourage your employees to be extra cautious with wet platforms during or after rain
    • Postpone work during extreme weather conditions (strong wind) 
    • Post signs clearly labeling the weight capacity of your scaffolding 
    • Do not move the scaffolding unless it is designed to do so (especially if there are workers on it)

Trench Collapses:

    • Workers should always have access to a ladder, stairway, or ramp to exit the trench 
    • Heavy machinery should never approach trench edges.
    • After a rainstorm or excessive vibrations, a competent person should inspect trenches before workers enter.

Repetitive Motion Injuries:

    • Some of the most common forms of injury in the construction world are repetitive motion injuries.
    • The best way to prevent these types of injuries is to educate your employees 
      • Teach your workers the proper technique for carrying equipment and lifting/moving objects

Personal Protective Equipment:

    • It is required that employers provide employees with the proper protective equipment while on the job, but it is the responsibility of the employee to wear the proper protective gear on all of their shifts
    • If your employees work around heavy machinery, make sure they are equipped with hearing protection, boots, and gloves.
    • The same goes for if your employees are working anywhere where their head is exposed, hard hats must be worn. 

 

Many of the tips provided in this article may seem obvious to a conscientious business owner. But unfortunately, construction worker injury is a problem year after year, and it is a result of bad safety practices. Do not think of implementing extra safety measures as a new expense that your business has to pay. Think of it as an easy way to save money, and not only will you save money in the long run, but your employees will be safer and happier. 

If you still have questions, you can contact a risk advisor today at 914-357-8444. Or, you can visit our website here.

Human Services Practice Group Content, Line of Insurance

COVID Nursing Home Crisis

As COVID-19 continues to spread across the country, those who have serious health problems or are at risk continue to search for ways to avoid coming in contact with the virus. For the over 1.3 million people currently living in nursing homes in the United States, COVID-19 is not something to take lightly. These individuals are more at risk than almost anyone else when it comes to contracting and spreading the virus. Nursing homes are not only full of at-risk individuals, but they’re crowded. Healthcare professionals are doing their best to stop the spread of the virus, but much like almost every other industry, they are struggling to contain the virus
 
The disproportionate death rate to society’s most vulnerable and fragile population has put nursing homes into a precarious financial future as wrongful death lawsuits begin to mount. The liability that nursing homes carry is going to be a huge concern going forward. These professionals are doing their best to contain the spread of the virus. But it is nearly impossible with finite resources in these facilities. Previously in these assisted living facilities patients would share common areas and eating areas. Now with social distancing guidelines, limited space is becoming an issue. It would be almost impossible for these facilities to accommodate every single person. 
 
One of the biggest liabilities for nursing homes is wrongful death lawsuits. The number of wrongful death lawsuits has climbed dramatically since the start of COVID-19. While professional liability insurance normally provides coverage for defense costs and settlements, insurance companies are currently adding COVID-19 exclusions for all new business.

Healthcare Professionals Hard at Work

Front-line health care workers at hospitals have been rightfully hailed as heroes, but don’t forget that these employees are also susceptible to burn out.  While those working in senior living facilities working around the clock to manage their employees and the risk. The large death toll has translated to mean that facilities mismanaged the situation. 
 
If you still have questions, you can contact a risk advisor today at 914-357-8444. Or, you can visit our website here.

 

Cyber Liability Insurance, Loss Control, Risk Management

Capital One Data Breach: Assessment and Prevention

 Last year, after the Capital One Data breach, Capital One agreed to terms with US regulators to pay $80 million dollars in fines because of a data breach. The hacker accessed approximately 100 million credit card applications. Maintaining online security for a small or midsized business can be a hassle. There is a lot that goes into maintaining good security practices, and the truth is, it’s hard to keep up with all the new rules and regulations. The last thing you need while trying to grow your business is for someone to somehow steal your information. In the case of someone hacking into your business, YOU are responsible for the lost data.
The fines are to address the lack of security that allows a breach of this scale to happen. Also to address the issue of the bank not solving the problem on time. This gives the opportunity to steal and distribute credit card information, social security numbers, and the potential for large scale identity theft. Capital One claims to have tightened up its online security system. According to the OCC, the bank will take additional steps to show its computer system has bettered its security.

So what do I do as a business owner to protect myself from a data breach?

Purchase cyber liability insurance. If there is one thing that I have learned from my time working at a risk management firm, it’s that it’s better to be safe than sorry. US regulators have the ability to fine your business into the dirt after a single breach. It is a huge money saver in the long run to buy cyber liability insurance. One of the primary costs of data breaches is notifying affected users of a hacked online resource. The cost of maintaining a data breach notification system can be very high. It has only increased and only will increase since the escalation of hacking in recent years. Without cyber liability insurance, a company is liable for all of the costs associated with creating and maintaining a breach alert system.

 
Hacking is only becoming more prevalent in our society. Soon, cyber liability insurance will become a necessity, and most likely more expensive. Before we know it, all businesses carrying different varieties of data will be required to purchase cyber liability insurance. Don’t end up like Capital One, paying millions of dollars in fines because you skimped on your security system to “save money.” In the long run, the best way to protect your business and save money is to do right by your customers.
If you still have questions, you can contact a risk advisor today at 914-357-8444. Or, you can visit our website here.

 

Other

HIPAA Rules and Regulations

HIPAA violations can cost your practice, bigtime. There are federal fines for noncompliance based on the amount of negligence within your individual organization at the time of the violation. In human terms, fines range from anywhere between $100 and $50,000 depending on how out of line your organization is with HIPAA standards. Staying within compliance with the HIPAA is a smart business decision. It earns you trust from your customers and saves you money in fines.
 
There are only three main rules to follow as a qualifying business under the HIPAA. Stick to the guidelines addressed under the specific subsections of these rules and your healthcare business will be off to a good start.

Rule #1 HIPAA Privacy Rule

 
The Privacy Rule gives individuals rights to their PHI. This includes the right to examine and get a copy of their health records in the form and manner they request. Individuals may also correct their information if it is not correctly marked on their records. The Privacy Rule permits the disclosure of health information needed for patient care.
 

Rule #2  Security Rule

 
Covered entities must develop and put in place reasonable security measures through policies and procedures to protect the security of ePHI. Any ePHI created, transmitted, or maintained must be protected. Analyze the risks of ePHI in your businesses specific environment. Use this analysis to create solutions appropriate for your own situation. What is appropriate completely depends on many factors. Keep in mind the type of business, the amount of customer data stored, and the size of the business.
 

Rule #3  Breach Notification Rule

 
The HIPAA Breach Notification Rule requires entities to notify affected individuals of a breach of unsecured PHI. Generally, a breach is an impermissible use under the Privacy Rule that compromises the security or privacy of PHI. The disclosure of PHI is presumed to be a breach unless you show there is a low probability the PHI has been compromised based on a risk assessment.
 
Provide notifications no later than 60 days following the breach discovery. Submit breaches affecting fewer than 500 individuals to HHS annually. The Breach Notification Rule also requires business associates of covered entities to notify the covered entity of breaches at or by the business associate.
 

Fines & Penalties

 
First Tier- The covered entity did not know and could not have reasonably known about the breach. This would cost your business between $100 and $50,000 per incident up to 1.5 million.
 
Second Tier- The entity knew or should have known of the violation, though they did not act. This would cost your business between $1,000 and $50,000 per incident up to 1.5 million.
 
Third Tier- The company corrected the problem within 30 days of the violation. This would cost your business between 10 and 50 thousand dollars per incident up to 1.5 million.
 
Fourth Tier- The company failed to make a timely correction to the problem. This would cost your business $50,000 per incident up to 1.5 million.
 
Steering clear of any sort of HIPAA violations/fines can save your business countless hours and dollars. If you still have questions, you can contact a risk advisor today at 914-357-8444. 
HR Challenges, Risk Management, Workers Compensation Insurance

Workplace Stress: Recognition and Management

According to the American Institute of Stress, 65% of workers said that workplace stress had affected their lives in one way or another. This number is not a surprise to many, but it should be. When comparing the stress level of work environments around the world, the U.S. takes the cake. U.S. workers have spent more hours on the job than the labor force of any other industrial nation. A 2001 survey concluded nearly 40% of workers described their office environment as “a real-life survivor program”(American Institute of Stress). As the workforce grows increasingly more competitive, and the job market tightens, many believe workplace stress to be on the rise.

Now, let’s compare the average American workweek to that of other industrialized countries. The average American works approximately 44 hours per week. Whereas in Japan and Italy, the largest number of hours an employee allowed to work in a week is 40 hours. And in the UK, Canada, Germany, and France, average work weeks are less than 4o hours.

Why is this information relevant? Because between 60% to 80% of workplace injuries are workplace stress-related. There are a multitude of factors that may contribute to workplace stress. These include understaffed departments, and poor management techniques. Regardless of what causes stress, all these contributors lead to decreased productivity. Whether you run a small business or a Fortune 500 company, decreases in productivity can be detrimental. Especially in the case of small businesses, which typically don’t have the cash reserves necessary to make up for the lost time.

Having management aware of the problem can go a long way in managing workplace stress, but it isn’t enough. Workplace stress affects everyone in the office, decreasing employee morale, and overall productivity. This lack of productivity can diminish the profits of the business, feeding into the flame of a stressful work environment.

 

 

Some Tips on Reducing the Stress Levels in Your Workplace:

1) Engage your frontline supervisors. They should be on the lookout for stressed out, anxiety-ridden employees. You don’t need to be Freud to recognize a stressed employee.

2) Have that front line supervisor engage in a one on one discussion. Oftentimes knowing that the employer recognizes a problem relieves stress. It may even motivate an employee to work through a tough time.

3) Check with HR or your Workers Comp Insurance Carrier, they may have counseling provisions within their policy. Their policy could allow several visits to a therapist to help relieve stress. Even if it’s personal and not work-related, check to see what your Workers Comp policy offers.

4) Rotate staffing, giving days off for completing “x” amount of days without an injury. Try to motivate focus and productivity. By giving your employees achievable goals, they can feel a sense of accomplishment.

Running an efficient and profitable small business is hard enough as it is. As a business owner, you must allocate resources to workplace stress. These dollars spent on increasing the coverage of your Workers Comp Insurance Carrier are far cheaper than if the worker hurts themselves or others because they are not focused on the work at hand.

If your business is suffering from production losses, take some of the steps above. Seek professional help if that still doesn’t work and if you have any further questions, contact Metropolitan Risk Advisory today!

Contact a Risk Advisor or call 914-357-8444 if you have further questions!

Cyber Liability Insurance, HR Challenges, Risk Management

Password Security for Cyber Protection

Implementing Proper Password Security For Better Cyber Protection

Picture this: it’s the end of the month, and you sit down at your computer to check your bank account balance, there’s only one thing, you forgot your password. What is it again? qwertyuiop1? No, qwertyuiop15? Eh, I’m not sure; I’ll just reset it.

Almost 40% of people deal with issues related to forgotten passwords on a monthly basis (Entrepreneur). This doesn’t only include bank accounts, but with social media and email passwords.

I’m not the only person who struggles to remember all his passwords, and I know I can’t be the only one changing my password every week because I can’t remember if I capitalized the first letter or not. Needless to say, my passwords are lacking in complexity in part because I never realized how risky using a common password can be. Cyber criminals have endless ways to use your private information. Opening fraudulent bank accounts, shopping online, applying for loans, and identity theft are only some of the most common uses of your data. The worst part is, I feel secure after changing my password from Football3! to Football4!. This change is almost completely insignificant to a hacker and most definitely isn’t going to prevent a hacker from getting into one of my accounts.

As a result of my new cyber security paranoia, here are some tips for better password management:

  • Make sure your password is at least 12 characters; it’s better to be safe than sorry. When it comes down to it, adding four characters to your password can be the difference between security and losing your account to cyber criminals.
    • An almost random combo of letters, numbers, and symbols is your best bet for creating a password that hackers will struggle to crack. The longer your password is, the better.
  • Stay away from obvious dictionary words and combinations of dictionary words. Any word on its own is bad. Any combination of a few words, especially if they’re obvious, is also bad. For example, “house” is a terrible password. “Red House” is also very bad.
    • In other words, stay away from any passwords you think someone else may be using. Think of something original, and don’t use the passwords “123456” or “password.”
  • Another easy way to keep your passwords secure is to keep them private, as in not sharing them with your coworkers, friends, or relatives.
    • Almost 50% of Americans have shared their passwords with another person. A significant part of these shared passwords occurs on streaming sites like Netflix and Hulu. Why is that important you ask? According to the Ponemon Institute, the average person uses the same password for approximately five accounts. Make sure to remember when you’re giving your boy or girlfriend your Netflix password, you may also be giving him or her access to much more.
  • Change your passwords every month if you want to be safe from cyber-attacks. This effort may sound hard to the average person who changes passwords once a year or not at all. But putting the extra time aside to change your passwords is a great way to ensure your cyber security.
  • Multi-factor authentication is a safety method that grants access to an account after presenting two pieces of evidence to an authentication mechanism. By using two-factor authentication, you can protect yourself against almost all cyber attacks; two-factor authentication is one of the most effective ways to combat cyber criminals.
  • Keep your passwords safe and organized by using a password management application; there are plenty of apps that offer free password help. If you’re old fashioned, write passwords in a notebook and keep them in a secure location. Write dates next to your passwords to help you keep track of when to change them.

Final Thoughts

People as a whole have too many passwords: and what comes of all of them? Serious fatigue, to the point where resetting our passwords, is easier than remembering them. But you have to be careful in resetting your password, though it may make you feel safer to change your password every month or two, this still allows hackers a long period of time to get into your account if they’ve already targeted your account. The most important step to having proper password security is making the password long, with almost random strings of letters, numbers, and symbols.

As a result, people like me do dumb things, creating a few password variations to help an untenable situation. Or we do even dumber things, like use passwords such as “password” or “123456.” Or we create a “base” password and add a variation for each site. We know it’s stupid, but we’re driven to these solutions because we are lazy/our memories can’t remember all those passwords. So do yourself a favor and follow those tips to increase your password security.

 

If you have any further questions, contact a Risk Advisor or call 914-357-8444 today!