password security

Coverage In Action: Cyber Liability

As technology becomes increasingly important for successful business operations, the value of a strong cyber liability insurance policy continues to grow. The continued rise in the amount of information stored and transferred electronically has resulted in a remarkable increase in the potential exposures facing businesses.

In an age where a stolen laptop or data breach can instantly compromise the personal data of thousands of customers, protecting your business from cyber liability is just as important as some of the more traditional exposures businesses account for in their commercial general liability policies.

Claims Scenario: Outsourcing Gone Wrong

The company: A national construction company that outsources some of its cyber security protections

The challenge: A construction firm partnered with a third-party cloud service provider in order to store customer information. While this service helped the company save on server costs, the third-party firm suffered a data breach.

As a result, the construction firm had to notify 10,000 of its customers and was forced to pay nearly $200,000 in incident investigation costs. The incident was made worse by the fact that the firm did not have a document retention procedure, which complicated the incident response process.

Cyber liability insurance in action: Following a data breach or other cyber event, the right policy can help organizations recoup a number of key costs. Specifically, cyber liability policies often cover investigation and forensics expenses—expenses that can easily bankrupt smaller firms who forgo coverage.

What’s more, when third parties are involved, managing litigation concerns can be a challenge. By using cyber liability insurance, organizations have access to legal professionals well-versed in cyber lawsuits and response.

Benefits of Cyber Liability Insurance

  • Data breach coverage—In the event of a breach, organizations are required by law to notify affected parties. This can add to overall data breach costs, particularly as they relate to security fixes, identity theft protection for those impacted by the breach and protection from possible legal action. Cyber liability policies include coverage for these exposures, thus safeguarding your data from cyber criminals.
  • Business interruption loss reimbursement—A cyber attack can lead to an IT failure that disrupts business operations, costing your organization both time and money. Cyber liability policies may cover your loss of income during these interruptions. What’s more, increased costs to your business operations in the aftermath of a cyber attack may also be covered.
  • Cyber extortion defence—Ransomware and similar malicious software are designed to steal and withhold key data from organizations until a steep fee is paid. As these types of attacks increase in frequency and severity, it’s critical that organizations seek cyber liability insurance, which can help recoup losses related to cyber extortion.
  • Legal support—In the wake of a cyber incident, businesses often seek legal assistance. This assistance can be costly. Cyber liability insurance can help businesses afford proper legal work following a cyber attack.

Contact Tooher-Ferraris Insurance Group today to learn more about your unique exposures and options for Cyber Liability Coverage. Using our industry specific cyber exposure scorecards we can customize a plan for your unique needs.

Business |Personal | Risk Management

Phone: 800-899-0093 | www.toofer.com | info@toofer.com

Guide to Directors and Officers Insurance

Director & Officer Liability (D&O) Underwriting Fundamentals

Directors and officers liability (D&O) insurance is a fundamental component of any company’s risk management program. A lack of D&O insurance may dissuade talented individuals from seeking an executive position at your company, as they don’t want to put their personal assets at risk in the event of a lawsuit.

As a savvy business owner looking to protect your bottom line, how do you weigh the cost of insurance to protect your senior leadership with the potential risk of a lawsuit? As regulatory investigations and defense expenses increase, prices for D&O insurance have gone up as well. Corporate indemnification provides the first line of liability protection; but certain circumstances—most notably, if the company goes bankrupt—necessitates that additional protection is offered to directors and officers.

A variety of factors determine the price of a company’s D&O insurance. Some low-risk companies pay pennies on the dollar; others pay a lot more, but they understand it’s a lot less than the expenses they’d incur in a lawsuit. Recognizing the cost drivers of D&O insurance—a company’s exposures, legislation and trends in D&O lawsuits—can help you decide what coverage your company needs to mitigate its unique exposures.

Company Characteristics and Exposures

Public, private and nonprofit corporations with assets of all sizes purchase D&O liability insurance. To determine the cost of premiums and the limits of coverage, insurers review several facets of the company’s structure and price D&O insurance accordingly. Some of these attributes include the following:

  1. Is the company mature or young and developing? Companies with less experience and a shorter history of proven effective management can be a riskier policy to underwrite than well-developed companies that have experienced directors and officers.
  2. What industry is the company involved in?Operating in certain industries, such as investment banking and securities, may expose their executive management to more risks than those for the board members of a small nonprofit.
  3. Is the company financially stable? Insurers consider the amount of debt a company has. Corporate indemnification usually protects directors’ and officers’ personal assets. However, if the company’s finances are unstable, they have an increased chance of becoming insolvent during a lawsuit.
  4. Is the company planning on going public soon? Initial public offerings, the most common way to go public, increases the exposures for a private company. Issues, such as a lack of disclosure or if the company’s performance fails to meet expectations, are significant risks for directors and officers during this process.
  5. Does your company have employees? From nonprofits to large, publicly held companies, employment-related claims are the primary cause of lawsuits against an organization’s directors and officers.
  6. Does the company operate in foreign markets? Conducting business internationally can complicate the D&O insurance needed. For example, in addition to domestic laws, European countries have their own set of regulations to follow.
  7. What is the company’s history of past litigation? Insurers will analyze a company’s history of
What Type of D&O Coverage Do You Need?
Your organization’s unique attributes and risks will determine
the extent of D&O insurance coverage you need. The type of
coverage affects the cost, and it’s important to understand the
different types of D&O insurance to determine what covers your
risks. Policy options include

Side A: This coverage protects directors and officers when indemnification is not available. For example, if the company goes bankrupt during a lawsuit, this coverage would protect directors’ and officers’ personal assets.

Side B: This coverage reimburses a company’s indemnification
obligations.

Side C: This coverage protects the company itself in the case of a
lawsuit.

Employment Practices Liability (EPL): This coverage protects
directors and officers against wrongful termination,
discrimination (age, sex, race, disability, etc.) or sexual harassment suits from current, prospective or former employees.

Fiduciary Liability: This coverage protects the fiduciaries of
employee benefit plans from ERISA lawsuits, previous lawsuits
and any adverse business developments and executive management changes.

Current and New Legislation

Securities Exchange Commission (SEC) regulations continue to impact the cost of D&O insurance. Publicly held companies especially must be cognizant and keep current on SEC disclosure obligations and provisions in the Sarbanes-Oxley (SOX) Act of 2002, which was enacted in response to the corporate scandals of Enron, Tyco, WorldCom and others.

Also, recent changes to the Dodd-Frank Wall Street Reform and Consumer Protection Act have caused a spike in whistleblower reporting, bringing to light many D&O claims and increasing the need for D&O insurance. The new whistleblower provision in the Act now gives whistleblowers a “bounty,” or monetary compensation, if the lawsuit results in more than $1 million in monetary sanctions. Given this new incentive, there has already been an increase in the number of whistleblowers that have emerged since the Act added the provisions in early 2011.

Trends in D&O Lawsuits

Even after a thorough assessment of a company’s risks, D&O insurance continues to be a high-severity product, as carriers are often hit unexpectedly with catastrophic claims. It’s no surprise that as litigation increases, the price of D&O insurance increases as well. In addition, as the litigation process grows lengthier and if multiple lawsuits erupt from a single transaction, a company can quickly exhaust its primary layer of D&O coverage.

Some types of lawsuits occur less often, but result in catastrophic losses. Other types result in smaller payouts, but occur more frequently. Nonetheless, defense expenses can cost millions of dollars, even if the director or officer is not found liable. Some of the types of lawsuits that affect directors and officers include the following:

  • Breach of fiduciary duty lawsuits
  • Employee Retirement Income Security Act (ERISA) lawsuits
  • Employment-related lawsuits
  • Mergers and acquisitions (M&A) and “merger objection” lawsuits
  • Securities class-action lawsuits
  • Shareholder derivative suits

Within the last few years, there has been an increase in M&A lawsuits. In 2014, there were more than 600 lawsuits regarding M&A. Some M&A cases involve multiple lawsuits and a lengthy litigation process, which can deeply cut into a company’s primary D&O policy.

Know What Your Policy Covers

While many companies usually focus on the cost of their D&O policy, understanding the scope of the policy is even more critical. Most D&O policies are renewed yearly, and the terms and conditions can change. Read through your policy carefully. Be aware of the following:

  • Look at the limits of your liability. Are they enough to cover your exposures? Companies with a lot of risk exposures usually find that they need more than just the primary coverage, and purchase excess insurance as well.
  • Be aware of exclusions; most D&O policies do not cover claims that arise from fraudulent or criminal acts.
  • For some insurance carriers, Employment Practices Liability (EPL) insurance and Fiduciary Liability insurance are policies that are purchased separately from primary D&O insurance. Don’t assume they are automatically included in your D&O policy.

Protecting Your Home from Wind Damage

Floods, lightning strikes and other common storms can endanger your home, but you also need to consider the risks of the wind damage that accompanies these weather events. High winds can cause significant damage to your home’s roof, windows, doors and siding. And since wind is usually just one factor of dangerous storms, any wind damage could create openings that would further expose your home.

Here are some ways you can protect your home:

  • Roof—Inspect your roof from the ground to ensure it’s fully covered. If you notice any damage, you should consider having it inspected professionally to ensure it’s up to code and that all of the shingles are secure.
  • Doors—Make sure your doors are made of a strong substance that isn’t heavy enough to present a risk if it’s torn off, such as solid wood or a hollow metal. You can also secure your existing doors by installing additional hinges or deadbolts.
  • Windows—Install impact-resistant shutters on large windows to protect your home from changes in air pressure and flying objects.
  • Yard—Remove any trees or other foliage that could come loose and fall on your home in high winds.

After a storm passes, you should inspect your home for damage as soon as possible. Contact Tooher-Ferraris 203.834.5900 if you need to make a claim or have questions about your insurance coverage for wind damage.

The Story Your Experience Modification Reveals

For many employers, workers’ compensation insurance is all about one number—the premium quoted. Understandably, employers want to pay the lowest amount possible on this mandatory coverage. While some brokers try to compete on a low bid, those who do miss the chance to educate employers on how their mod affects their premium, and how lowering their mod through targeted improvements in safety, hiring, return to work and other areas will ultimately improve both their direct and indirect workers’ compensation costs.

There’s much more to workers’ compensation than price. Let us show you how an analysis of your mod can identify problem areas in your operations and ultimately lead to cost savings.

What does your mod reveal?

While the mod itself is a single number, an analysis of how your payroll and loss data functions in the experience rating formula can provide valuable insight.

Mod calculation varies by state but generally depends on these components:

  1. Actual losses from the three prior policy periods, not including the most recent policy period
  2. Expected losses based on payroll and expected loss rates for the industry
  3. The amount of each loss, i.e., its severity
  4. Whether the loss is medical-only, without temporary or permanent disability
  5. Ballast and weighting values published by the National Council on Compensation Insurance (NCCI)

Generally, the mod is calculated using loss and payroll data from a three-year experience rating period. For example, for a mod factor calculated on Jan. 1, 2015, data would be used for the Jan. 1, 2011-2012, Jan. 1, 2012-2013 and Jan. 1, 2013-2014 policy periods. The data for the previous year (in this case, Jan. 1, 2014-2015) would be excluded.

Most employers realize their mod affects premiums in some way, but they rarely connect the dots and realize what actions they can take to lower their mod and insurance costs. That’s where we come in. We can introduce cost-cutting concepts you may have never heard before and put workers’ compensation insurance in a new light.

How we show our value

The mod is complex, but when you are able to use analytics to show what effect the mod has on your business, you will gain an edge over your competitors and ultimately save a lot of money.

We’ll start the analysis by showing you how low your mod (and associated premium) can be. Your “loss-free” mod—what the mod would be if there were no losses at all—is a number unique to your organization, an attainable goal and something you should be shooting for.

You may wonder what your competitors pay for workers’ compensation coverage. To answer that question, look at the “expected” losses portion on the mod worksheet. This column reflects the average losses for a company with a similar payroll. How do you stack up?

If you have many losses, even if they are minor, those losses will impact the mod more than if there were fewer severe losses. This problem often points to some sort of safety training or cultural issue that needs to be addressed. We’ll show you your frequency ratio—1.0 or higher needs attention.

We’ll also examine whether you have a severity issue, or a problem with not keeping losses medical-only. This almost always points to an opportunity for cost savings and often the need to establish or improve a return to work program. Losing manpower from injuries on the job directly affects your business’ earning power and bottom line.

Mod analysis will reveal problem areas, but fear not—we can deliver solutions. We will outline a clear strategy to help lower the most costly losses or target problem areas, whether they’re associated with a certain type of injury, body part, company location or other data.

What if you were to reduce your losses by 25 percent? Fifty percent? Even more? We can run the numbers to show you real long-term savings and exactly how you can attain them.

We can help tell your story

With the help of analysis, your mod tells a story—about where your business has been and what it can do to improve. With the power of our team, utilizing a leading software tool, we’ll analyze your mod and tell your story. Specifically, we can do the following:

  • Calculate and project costs associated with the mod.
  • Identify opportunities for improvement.
  • Analyze what each specific loss costs you in terms of mod points and premium.
  • Reveal cost drivers and the impact of the mod.
  • Focus on problem areas, such as frequency or severity of injuries.
  • Examine loss trends for types of injuries, departments and more.
  • Isolate areas to target with loss control and risk management strategies.

By partnering with Tooher Ferraris Insurance Group, and experiencing Risk Synergy you can better understand factors contributing to your present experience modification and come up with a strategic plan to mitigate future costs. Call Tooher Ferraris Insurance Group today to learn more and get started!

FMSCA FAQs—National Drug and Alcohol Testing Clearinghouse

On Dec. 5, 2016, the Federal Motor Carrier Safety Administration (FMCSA) issued a final rule that aims to improve roadway safety by establishing a National Drug and Alcohol Testing Clearinghouse.

Under the final rule, motor carriers and other employers of commercial motor vehicle (CMV) drivers must use the Clearinghouse to ensure that current and prospective employees do not have any unresolved drug and alcohol violations that render them ineligible to operate a CMV. Employers will also be required to report information about positive drug test results, alcohol test results greater than 0.04 blood alcohol content, refusals to test and other non-test violations of FMCSA’s drug and alcohol regulations.

These requirements take effect on Jan. 6, 2020, the date that the Clearinghouse is scheduled to become operational. Employers, CMV drivers and other parties will need to register to use the system and may sign up to receive an email notification that registration is open.

FMCSA HIGHLIGHTS

  • Will allow motor carriers and other employers to identify drivers who are ineligible to operate a CMV.
  • Will contain information about violations by employees who are subject to drug and alcohol testing under FMCSA regulations.
  • Employers must use the database to ensure current and prospective employees do not have unresolved violations.

IMPORTANT DATES

  • Jan. 6, 2020—Employers must begin using the Clearinghouse and must also make manual inquiries with former employers.
  • Jan. 6, 2023—Employers will no longer be required to request data from a driver’s previous FMCSA-regulated employers.

Clearinghouse FAQs

What information will the Drug and Alcohol Clearinghouse contain?

The Clearinghouse will contain records of violations of drug and alcohol prohibitions in 49 CFR part 382, subpart B, including positive drug or alcohol test results and test refusals. When a driver with a drug and alcohol program violation completes the required Return-to-Duty (RTD) process, this information will also be recorded in the Clearinghouse.

Who is authorized to use the Clearinghouse?

To access the Clearinghouse (once it is operational), a user must request access from the FMCSA by registering. Authorized users will include:

  • Motor carriers and other employers with drivers operating CMVs that require a commercial driver’s license (CDL) or commercial learner’s permit (CLP);
  • CDL/CLP drivers;
  • Consortium/third-party administrators;
  • Medical review officers;
  • Substance abuse professionals;
  • State driver licensing agencies; and
  • Federal and state enforcement personnel

Will a prospective employee’s drug and alcohol violation history with Department of Transportation (DOT) modes other than the FMCSA be available in the Clearinghouse?

No. The Clearinghouse will contain only drug and alcohol program violation information for employees subject to the testing requirements under the FMCSA regulations in 49 CFR part 382. Employers must continue to request information from previous employers if an employee was subject to DOT drug and alcohol testing required by a DOT modal administration other than FMCSA (as required by §391.23(e)(4)(B)).

May employers report the results of non-DOT drug or alcohol tests to the Clearinghouse?

No. Only results of DOT drug tests, alcohol tests or test refusals may be reported to the Clearinghouse. While employers may conduct drug and alcohol testing that is outside the scope of the DOT testing requirements, positive test results or refusals for such non-DOT testing may not be reported to the Clearinghouse.

What actions will drivers be able to take in the Clearinghouse?

Drivers will need to log into the Clearinghouse in order to electronically consent to requests from prospective and current employers that need to access full details about any drug and alcohol program violations as part of an employment-related background check. This is the only valid method for an employee to respond to this type of employer consent request, and failure to provide timely consent may result in a driver being prohibited from performing safety-sensitive functions for that employer.

Drivers may log in to the Clearinghouse to view their individual driver record at any time. Also, if a driver chooses to engage a Substance Abuse Professional (SAP), he or she must select the SAP through the Clearinghouse to initiate the RTD process.

How are employers and Consortium/Third-Party Administrators required to use the Clearinghouse?

The Clearinghouse offers employers a centralized location to report drug and alcohol program violations and to check whether a current or prospective employee is prohibited from performing safety-sensitive functions, such as operating a CMV, due to an unresolved drug and alcohol program violation—that is, a violation for which the employee has not completed the RTD process. Employers must conduct this test, or query, as part of any pre-employment screening and at least annually after an employee is hired.

Employers may also use the Clearinghouse to designate a consortium/third-party administrator, which is a required step for any employer that employs him- or herself as a driver.

How are Medical Review Officers (MROs) and Substance Abuse Professionals (SAPs) required to use the Clearinghouse?

MROs must use the Clearinghouse to report verified positive drug test results and any driver refusals to take a drug test.

SAPs must use the Clearinghouse to report on the RTD status of drivers who are working to resolve any open drug and alcohol program violations. These reports include the date of completion of the initial assessment and the date the driver becomes eligible for RTD testing.

How will State Driver Licensing Agencies (SDLAs) use the Clearinghouse?

As of Jan. 6, 2020, SDLAs will be able to query the Clearinghouse prior to completing licensing transactions.

How will driver data be protected in the Clearinghouse?

The Clearinghouse will meet all relevant federal security standards, and the FMCSA will verify the effectiveness of the security protections on a regular basis.

Driver information will not be available to the public. Only authorized users will be able to register and access the Clearinghouse for designated purposes. The Clearinghouse will require authentication (username/password) to access records.

Drivers registered in the Clearinghouse will be able to access their Clearinghouse records at any time, and at no cost to them. Drivers will only be able to access their own information, not information about other drivers.

The FMCSA will only share detailed drug and alcohol violation information with prospective or current employers when an employer has requested and received specific consent from the driver. Drivers will be able to see the information that would be released to an employer before consenting to the release.

Driver information will be shared only with the FMCSA and other enforcement agencies as required to enforce drug and alcohol use testing regulations.

Does the final rule change any of the existing drug and alcohol program requirements in part 40?

No, the final rule does not change any existing requirements in the US DOT-wide procedures for transportation workplace drug and alcohol testing.

Source: U.S. Department of Transportation, Federal Motor Carrier Safety Administration

The Importance of Loss Assessment Coverage


At most condo communities, a homeowners association (HOA) is equipped with an insurance policy that provides coverage for incidents that occur outside of a condo owner’s personal unit. This is commonly known as a master policy, and some condo owners wrongfully assume it is adequate enough to account for all incidents that occur in a shared area of the property, like lobbies, stairwells, pools and outdoor spaces.

However, in the event that damages from an incident exceed the limits of the HOA’s master policy, all condo residents may have to pay out of pocket for any losses, even if they were not at fault. To avoid this, loss assessment coverage is a critical add-on all condo owners should consider.

What is Loss Assessment Coverage?

Loss assessment coverage is an add-on to standard condo policies. It provides much-needed protection in instances where owners of a shared property are held responsible for a significant portion of the costs associated with a covered incident. Examples of this may include the following:

  • A major hailstorm occurs and causes $550,000 worth of damage to the condo building. While the HOA has a master policy, it only covers $500,000 worth of damage, leaving all condo residents to pay for the additional $50,000 of uncovered damage out of pocket.
  • A visitor to the condo property injures themselves on the tennis court. Unfortunately, their injury bills exceed the HOA’s liability coverage, creating a major financial burden for condo residents.
  • A fire breaks out and destroys a large portion of the lobby. The HOA’s master policy isn’t adequate enough to cover all of the damages, and condo owners are forced to pay a portion of the repairs.

Simply put, loss assessment coverage provides a safety net for condo owners, ensuring they do not have to pay for incidents that occur to shared property and exceed the limits listed in the HOA’s master policy. What’s more, loss assessment coverage can apply to property damage, liability, injuries that occur on condo property or deductibles.

The amount of coverage you need will depend on the limits listed in your HOA’s master policy. To learn more, and to secure a policy that’s right for you, contact Tooher Ferraris Insurance Group today.

Why Do I Need Employment Practices Liability Insurance?

As a business owner, you strive to hire qualified employees to work for you. Unfortunately, as you are well aware, not every hiring decision goes as planned. Even if an employee is terminated for legitimate reasons— such as poor attendance or unsatisfactory work habits—every termination opens the door for potential lawsuits. Read on to learn from one business owner’s experience and find out how employment practice liability insurance (EPLI) can help protect you and your organization from costly, frivolous lawsuits.

“If you have employees, you will get sued”.

Mary, Virginia Business Owner

When Mary, a Virginia business owner, received a complaint that her sales manager made crude, disparaging remarks to a female employee during a trade show, Mary took the claim seriously and conducted an investigation. During the course of her investigation, Mary spoke with another employee who witnessed the incident firsthand. According to this employee, the sales manager’s actions were offensive and harassing. Ultimately, after much deliberation, Mary fired the sales manager for his behavior.

Weeks later, the employee that witnessed the incident sued Mary for $500,000, claiming that after the incident, Mary had passed her up for promotion and assigned her poor sales territories, all because she came forward with the details of what happened at the trade show.

Although the lawsuit was groundless, Mary racked up hefty legal bills defending herself against the allegation.

Lawsuits like the one Mary faced can come out of left field and are much more common than you’d think. In fact, three out of five employers will be sued by a prospective, current or former employee while they are in business. EPLI can help mitigate these risks by providing the necessary resources to defend your company against a lawsuit or pay a claim.

As costs for litigation and damage awards climb, experts predict that employment liability will only become more complex. Call Tooher Ferraris Insurance Group today to learn more about EPLI and discuss your employment-related risks.

Precautions for Better Cyber Security

Business operations in the technology industry revolve around the functionality of computers, network connections and the Internet. It’s no secret that computer use comes with many risks, including damaging viruses, hackers, the illegal use of your system to attack others, the use of sensitive data to steal identities and other illegal actions. As a result, companies must respond by preventing, detecting and responding to cyber attacks through a well-orchestrated cyber security program.

Get Familiar with Risks

The first step in protecting your business is to take notice of the multitude of cyber risks:

Hackers, attackers and intruders: These people seek to exploit weaknesses in software and computer systems for their personal gain. Although their intentions are sometimes benign, their actions are typically in violation of the intended use of the systems that they are exploiting. The results of this cyber risk can range from minimal mischief (creating a virus with no negative impact) to malicious activity (stealing or altering data).

Malicious code (viruses, worms and Trojan horses):

  • Viruses: This malicious code requires a user to take action to let a virus into the system, such as opening an email attachment, downloading a file or visiting a webpage.
  • Worms: Once released, this code reproduces and spreads through systems on its own. They usually start by exploiting a software flaw; then, once the victim’s computer is infected, the worm will attempt to find and infect other computers through a network.
  • Trojan horses: This disguised code claims to do one thing while actually doing something else. For example, a program that claims to speed up your computer system but is actually sending confidential information to a remote intruder.

Risk Management Planning

To reduce your cyber risks, it is wise to develop an IT risk management plan at your organization. Risk management solutions utilize industry standards and best practices to assess hazards from unauthorized access, use, disclosure, disruption, modification or destruction of your organization’s information systems. Consider the following when implementing risk management strategies at your organization:

  • Create a formal, documented risk management plan that addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyber risk assessments. This plan should include a characterization of all systems used at the organization based on their function, the data stored and processed, and importance to the organization.
  • Review the cyber risk plan on an annual basis and update it whenever there are significant changes to your information systems, the facilities where systems are stored or other conditions that may affect the impact of risk to the organization. 

In addition, your organization should take precautionary measures when selecting your internet service provider (ISP) for use for company business.

ISP Considerations

Almost all ISPs offer Web browsing capabilities with a varying degree of user support and Web hosting capabilities. Your company should determine what ISP to use, along with a plan for backing up emails and files and what firewalls to implement.

To select an ISP that will reduce your cyber risks, consider the following:

  • Security: How concerned with security is the ISP? Does it use encryption and secure sockets layer (SSL) to protect any information that you submit?
  • Privacy: Does the ISP have a published privacy policy? Are you comfortable with who has access to your information, and how it is handled and used?
  • Services: Does your ISP offer the services that you want and do they meet your organization’s needs? Is there adequate support for the services provided?
  • Cost: Are the ISP’s costs affordable and are they reasonable for the number of services that you receive? Are you sacrificing quality and security to get a lower price?

Reliability: Are the services provided by the ISP reliable, or are they frequently unavailable due to maintenance, security problems and a high volume of users? If the ISP knows that their services will be unavailable, does it adequately communicate that information to its customers?

User support: Are there any published methods for contacting customer service, and do you receive prompt and friendly service? Do their hours of availability accommodate your company’s needs?

Speed: How fast is your ISP’s connection, and is it sufficient for your business needs?

Recommendations: What have you heard from industry peers about the ISP? Were they trusted sources? Does the ISP serve your geographic area?

Cybersecurity is a serious concern for your business. Contact Tooher Ferraris Insurance Group to learn about our risk management resources and insurance solutions for emerging technology exposures.

OSHA Form 300A Posting Requirements Begin Feb. 1

#RiskSynergy


OVERVIEW

By Feb. 1 of each year, employers that are subject to the Occupational Safety and Health Administration’s (OSHA) routine recordkeeping requirements must post copies of their completed OSHA Form 300A (“Summary of Work-related Injuries and Illnesses”) from the previous year in visible locations within their employees’ workplaces. The postings must then be kept in place until at least Apr. 30 every year.  These requirements apply to all employers that are not in a partially exempt industry and have more than 10 employees.

ACTION STEPS

On Feb. 1, 2019, employers subject to OSHA recordkeeping requirements must ensure that copies of their completed Forms 300A from 2018 are posted in each of their establishments in a conspicuous place or places where notices to employees are customarily posted. 

Until Apr. 30, 2019, these employers must also ensure that their Form 300A postings remain in place and are not altered, defaced or covered by other material.

IMPORTANT DATES

February 1 to April 30, 2019

Employers must post and keep their completed 2018 Forms 300A posted in their employees’ workplaces.

March 2, 2019

Deadline for certain employers to submit electronic reports to OSHA.

Contact Tooher-Ferraris today to learn more about our integrated insurance and risk management programs at 203-834-5900 or info@toofer.com.

Workers Compensation Audits: An Essential Guide

This guide will help you collect the necessary documentation and statistics required during a payroll audit. Because of the nature of the required information, it is recommended that this guide be completed by the accounting department, unless your organization has someone specifically responsible for these documents and the workers’ compensation policy. 

STEP 1: Collect Necessary Materials

  • Payroll records (employee specific)
  • Unemployment tax returns
  • Form 1040 Schedule C (if sole proprietor)
  • Tax reports (Federal Payroll 940s or 941s)
  • General ledger, subcontractor ledgers and journal (or 1099s)
  • Certificates of insurance for subcontractors
  • Workers’ compensation (WC) insurance policy
  • Employee information (compiled here)
  • Corporate officer information (compiled here)
  • Audit package totals (compiled here)
  • Subcontractor information (compiled here)
  • Certificates of insurance for each subcontractor
  • Additional materials upon auditor request

STEP 2: Employee Information

Record the payroll information and classification of all employees except corporate officers. Class codes generally define the business and not the employees, with the exception of standard class exceptions (e.g., clerical, outside sales, other certain sales). This is a large potential problem area—if your business has a large WC rate, but you can put some of your employees in a standard class exception (like clerical), you can drastically lower premium to pay. In bold or italics, make sure to note that these standard class exceptions vary from state to state. The manual rate can be found on your WC policy.

Note: A portion of overtime can be subtracted from the total gross payroll. For example, if your firm pays time-and-a-half, you can take the total gross overtime amount paid and subtract .33 percent of that number from the total amount paid over a given year. This number counts as an excluded remunerations, which is further instructions in Step 4. 

STEP 3: Corporate Officer Information

In many states, officers have the option to remove themselves from coverage. States also have a maximum coverage, which needs to be located. Certain states, rather than a max, represent corporate officers as all earning the same (i.e. for workers’ compensation purposes they are all compensated $50,000).

STEP 4: Excluded Remunerations

Excluded remunerations vary from state to state so the list below may not be accurate for your location. Determine a complete list for your state by asking your agent, ratings bureau or insurance provider.

  • Tips and other gratuities received by employees
  • Payments by employer to group insurance plans
  • The value of special rewards for individual invention or discovery
  • Severance payments, except for time worked or accrued vacation
  • Payment for active military duty for reservists called to active duty
  • Employee discounts on goods, property, or services purchased from the employer
  • Expense reimbursements to employees for legitimate business expenses (requires some record or receipt)
  • The value of an employer-provided vehicle (e.g., a car or airplane)
  • The value of an incentive vacation (for example, a sales leader might win a vacation)
  • The value of a ticket to an entertainment event that is provided by the employer
  • Supper money for late work
  • Work uniform allowances

“Time-and-a-half” overtime is included as one of the columns under Employee Information. Overtime is therefore not listed above, but you will need to add it if your company determines overtime pay using a different—or multiple—calculation.

If the payroll amounts you entered under Employee Information or Corporate Officer Information include any of the following types of payments, then total such payments by employee and enter these values in the Excluded Remunerations column under Employee Information or Corporate Officer Information, as appropriate.

STEP 5: Audit Package Totals

Review the information you compiled in Steps 2 through 4, checking to make sure all areas have been addressed and all figures are correct. Organize the information in a list arranged by class code. Include payroll information along with any excluded remunerations that apply.

STEP 6: Subcontractor

This is only for subcontractors that do not have workers’ compensation of their own. Be sure to capture only the cost of payroll for the contract—as opposed to total quarterly cost of the contract—in order to prevent overpayment. 

STEP 7: Source Materials Checklist

Use this sheet to ensure that you have completed and compiled all necessary materials. Clip or bind them together and have it on hand to provide to your auditor upon arrival.

A Complimentary Review

Contact Tooher-Ferraris Insurance Group for a review of your classifications and exposures. Our specialized Workers Compensation experts will review up to three years of policy data to ensure your company has been accurately classified and charged. Call today 203-834-5900.