Risk Management Bulletin

According to the U.S. Commerce Department, employee crime costs American businesses as much as $40 billion a year — that’s “billion with a ‘B’.”

To help prevent a fox from getting into your henhouse, a leading risk management group recommends these guidelines:

• Screen job candidates. You might discover that a potential employee was fired from another job for stealing. A thorough background check can give you hard evidence when doing an interview. Look for discrepancies between what the candidate says and what’s on paper; too many differences will point to a problem.
• Reduce the temptation to steal. Be careful when making operational changes. The thief might become quite familiar with the change and believe that they have specialized and private information to use to their advantage. To avoid this danger, let everyone know about new procedures. Also, lock and bar all windows in warehouses or storerooms, create employee sign-ins in these areas, and never leave anything lying around to be picked up easily.
• Protect monetary assets. Thieves sometimes write checks to ghost employees or vendors and use the money for their own finances. Separating accounts payable from accounts receivable will reduce the chances of such a fiasco. Also, if Jim in sales never, ever takes a vacation, something might be amiss; he could be snooping around or doing something besides genuine hard work.
• Schedule periodic audits. If this isn’t possible, have an outside party review accounting and bookkeeping practices.
• Create a zero-tolerance policy. Potential in-house thieves won’t be as inclined to steal if they know they’re risking their job.
• Investigate suspected fraud. The Association of Certified Fraud Examiners (www.acfe.org) offers expertise in this field.

For an in-depth review and analysis of your in-house security systems, please feel fee to contact our risk management specialists.

In the aftermath of storms, flooding, or wildfires , thousands of small-business owners are being hit with the bills for salvaging their building or the business itself, because they didn’t carry enough (or the right type of) coverage. In some cases, the culprit was ignorance; the owners might not have realized that a policy didn’t cover certain hazards. In others, a difficult economic climate created cash flow problems that led businesses to forgo the cost of insurance.

For example, you might not think your business needs insurance against flood damage. However, no matter where you’re located, if a small stream near your business swells up after an unusually long period of rain and water pours in, coverage through the federal National Flood Insurance Program will pick up the tab. For more information, visit the program’s Web site, www.Floodsmart.gov.

Similarly, a standard policy probably won’t cover earthquake damage – and quakes are by no means limited to California. The largest temblor in U.S. history was centered near New Madrid, Missouri in 1812, causing damage in half a dozen states, ringing church bells on the East Coast, and re-routing a section of the Mississippi River.

You buy Property insurance to protect your business against losses from such perils as wind, rain, and hail. But do you have Business Owners Policy (BOP), which combines Property coverage, together with Business Interruption insurance – which will pick up the tab for operating expenses and lost profit if your business is shut down for an extended period. That can include salaries and employee benefits, rent and line-of-credit payments. It doesn’t have to be a natural disaster that shuts down the business; even losses stemming from a power outage can be covered.

Some small companies should carry special policies because of the kind of business they’re in. For example, a heavily damaged bed and breakfast that would need to restore its quaint ambience by purchasing antiques would probably need additional “guaranteed replacement” coverage.

Our risk management professionals would be happy to help you develop a comprehensive program to protect your business. Just call or e-mail us.

Cell phones and navigation devices allow drivers to stay connected and find their destinations, making them indispensable – especially for salespeople, repair personnel, and other employees who drive on the job.

However, using cell phones behind the wheel also creates liabilities – and the toll can be heavy. “Distracted driving” is the fourth most serious vehicle safety issue, according to the Network of Employers for Traffic Safety. With motor vehicle accidents the leading cause of work-related injuries, the use of cell phones and other high-tech devices by employees driving on the job leaves your business wide open to workers compensation exposures, lawsuits for deaths and injuries, and other third-party claims.

To lessen liability and help reduce accidents, it makes sense to adopt a policy on driver use of cell phones that includes these guidelines:

1. Use a headset while driving or pull over to use a hand-held cell phone.
2. Keep the phone where it’s easy to see and easy to reach.
3. Plan any calls you’ll need to make before you begin to drive; enter numbers into your speed-dialing feature.
4. Do manual dialing only when the vehicle is stopped.
5. If possible, make your calls when stopped at a stop sign, red light, or when you are otherwise stationary.
6. If possible, ask a passenger to make the call or at least dial the number for you.
7. Never take notes or look up phone numbers while driving.
8. Suspend a conversation during hazardous circumstances — for example, in heavy traffic, when maneuvering around a hazard, or in severe weather conditions.
9. While talking, keep your head up and your eyes on the road and check the side and rearview mirrors. frequently.
10. Let voice mail pick up your calls when it’s inconvenient or unsafe to answer the cell phone.

Fire … flooding… rainstorms … power outages. If disaster struck your business today, would you be in business tomorrow? Having a comprehensive business continuation plan in place before catastrophe strikes will increase the probability of your firm’s survival, mitigating damages, and restoring normal operations more rapidly.

Developing an effective business continuation process involves five key steps:

1. Assemble all information relevant to your business.
2. Identify important risks to which your operations are exposed.
3. For each of these critical business activities, set minimum acceptable periods of downtime and levels of service degradation.
4. Create a disaster-management team.
5. Have the team draft a plan, with the cooperation of managers from each department.

To help identify the elements of the plan and develop it, use a planning template. Most businesses can draw up effective plans from templates that use word-processing software. Be sure to determine whether the planning package covers every aspect of your business; some focus almost entirely on information technology.

The larger and more complex your operations, the greater your need for professional services. If you have a large data center, complex manufacturing equipment, or hazardous materials, you should definitely bring in a consultant. Although a small business in a service industry might not need a professional to create an effective plan, it should hire one to review it. These reviews are inexpensive and can easily correct serious flaws before disaster strikes.

Once you’ve implemented your business continuation plan, it’s never really “finalized.” Plans will always require periodic reviews and updates. It’s also wise to test at least certain aspects of the program. These checks will often uncover the need for additional details and adjustments.

Our risk management professionals would be happy to share their expertise in helping you develop an “ounce of prevention” business continuation plan you can use to keep your operations up and running. Feel free to call or e-mail us for assistance.

On a summer morning in 2006, in Brooklyn, N.Y., OSHA compliance officer Bob Stewart requested that six construction employees be removed from a deep excavation because of a hazardous 10-ton concrete abutment hanging above it. Fifteen minutes later, the overhang collapsed and fell, landing in the exact spot that the employees had been working. This was an unusually dramatic example of a workplace close call, made rarer still because an OSHA inspector happened to be on hand just moments before. But close calls, or “near misses,” are a part of everyday life.

You probably remind workers of the dangers that can lead to accidents and injuries and provide training on how to avoid them. When a mishap occurs, there’s an immediate response, followed by an investigation to prevent similar incidents in the future.

Failure to take these incidents seriously is begging for trouble. Use every close call as an opportunity for instructive and preventive action. Begin by making it clear that workers are expected to report near misses — not to place blame, but to figure out how to prevent an accident next time. Because the training opportunity will likely be greatest right after the incident, deliver a toolbox or tailgate talk as soon as possible on what happened, what could have happened, and how to make sure it doesn’t happen again.

Conduct a training session on close calls in general. The trainer or safety committee member should start by mentioning examples in your operations, followed by asking workers to add close calls from their own recollection. The session should then focus on causes and, finally, on corrective action. By recognizing the “almost-accidents” as warnings and encouraging safety awareness on everyone’s part, you’ll not only reduce the number of near misses but — far more important — the number of real accidents.

Outbreaks of H1N1 flu might have struck your business this past spring and summer. The Center for Disease Control (CDC) anticipates that more workplaces will be affected by flu — both H1N1 and seasonal— as we head into winter. There’s also the risk that communities and workplaces might be more severely affected, reflecting the wider transmission and possibly greater impact of flu viruses.

The CDC strongly advises businesses to create a flu-control strategy based on these guidelines:

• Protect employees who are at increased risk of flu-related complications from infection.
• Analyze your company’s normal seasonal absenteeism rates, and monitor workers for any unusual increases in absenteeism.
• Contact state and local health departments to confirm channels of communication and methods for disseminating information on local outbreaks.
• Allow sick workers to stay home without fear of losing their jobs.
• Develop flexible leave policies so that workers can stay home to care for sick family members or for children if schools dismiss students or childcare programs close.
• Share your pandemic flu plan with employees, and explain what human resources policies, workplace and leave flexibilities, and pay and benefits will be available to them.
• Share best practices with other local businesses (especially those in your supply chain), Chambers of Commerce, and associations to improve community response efforts.
• Do a focused discussion or exercise using your plan to find out ahead of time whether there are gaps or problems that need correction before flu season.
• Add a “widget” or “button” to your company Web page or employee Web site so that employees can access the latest information on influenza. For suggestions, go to www.cdc.gov/widgets/ and www.cdc.gov/SocialMedia/Campaigns/H1N1/buttons.html.

We’d be happy to work with you in developing a flu control plan that’s tailored to your needs – just give us a call.

Using contests that encourage employees to focus on safety in the workplace offers a great way for you to show your concern for workers while encouraging on-the-job behavior that leads to fewer accidents – and lower insurance rates. However, it can be challenging to “reach” employees who find safety messages dry, and those who already consider themselves safe workers.

One company invited all workers who did not report a job injury or illness to an annual banquet. The firm selected the name of one attendee, who received a check for $10,000! A construction contractor divided a pool of money and divided it among workers who did not report injuries. At other workplaces, incentives deemphasize cash prizes in favor of more symbolic tokens, such as a pizza lunch for team members who work six months without recordable injuries, time off for a safe work record, or award points that can be used in popular stores and restaurants.

Seth Marshall, president of Safety Pays (Cashiers, NC), a workplace safety incentives firm, took an off-the-shelf safety bingo game and kicked it up several notches. The game is played by a relatively small number of people, such as a work group, team, or division. At the start of a round, every player receives a bingo card, and one number is called per day. The jackpot is set at $25 when each new game begins, and grows by $1 a day until there’s a winner. The next game starts with the jackpot at the amount where the last game ended, with the prize increasing up to a limit set by management. However, if there’s a safety “incident” (as defined by the company using the game) the jackpot reverts to $25. “What’s going on here is that every day there’s a reason to think about safety because employees know they’ll be going to the bingo board,” says Marshall. The board, which reveals the day’s number, is located near an attractive display that features safety advisories on selected topics and other information.

The approximately 10,000 companies that have used Safety Pays have seen loss reductions of 50%, according to such metrics as injuries, dollars, and claims frequency.

For more information on implementing safety programs in your workplace, just get in touch with our risk management professionals.

Thousands of businesses are storing terabytes of confidential business and personal information on laptops, PDAs, removable disk drives, flash memory cards, etc. This has led to a spate of highly publicized security breaches involving the loss or theft of equipment containing customer records, Social Security numbers, drivers’ license numbers, and so forth – that have cost companies millions in legal damages – not to mention loss of reputation.

More and more companies have plans to keep these devices secure on the job. But what happens when workers use them away from the office? To help protect the confidentiality of data on portable electronic devices when used off premises, we’d suggest this 10 point program:

1. Install virus, spyware, and firewall software on these devices.
2. Add remote tracking devices (where feasible). For example, when a laptop accesses the Internet, its location can be tracked.
3. Set security standards for devices when being transported. Require laptops to be carried in a discreet bag that’s not easy to spot as containing a computer. Apply stricter standards to travel outside your state or while abroad.
4. Prohibit disabling security. Instruct employees not to disable any security measures used to protect confidential data on devices.
5. Require erasure of confidential data contained on the device.
6. Delete or destroy data on personal devices when they’re discarded and then destroy the device, – overwrite data or erase data.
7. Ban personal recording devices (such as thumb drives, iPods, or camera phones) or portable devices to maintain confidential records.
8. Require confidentiality usage agreements for all employees with access to portable devices.
9. Inventory all devices that contain confidential records, e.g., laptops, wireless devices, removable disk drives, memory cards, or PDAs.
10. Set and enforce disciplinary policies for any violations of the policy.

Our risk management professionals would be happy to help you develop and manage an off-premises data security program – feel free to get in touch with us.

We’ve all slipped, tripped, or fallen at some time. Although many of these accidents are minor, some can be serious – and if they occur on the job, they can cost you a fortune!

Falls account for about 15% of work-related injuries (second only to lower back pain and lifting injuries in the number of Workers Comp claims filed), leading to hundreds of deaths and thousands of disabilities every year. Almost all of these accidents could have been prevented by recognizing and learning to avoid fall hazards.

Falls often occur on the floor because of slippery surfaces caused by grease, water, or ice. Even if you have a sturdy, slip-resistant floor, a slight contamination from dust, water, grease or metal shavings can make the surface slippery. Wearing inappropriate footwear, poor lighting, and obstacles in walkways or on stairs can contribute to slips, trips, and falls, as can the unsafe or incorrect use of ladders. Climbing on chairs, boxes, or shelving to access higher levels often lead to injuries. Even in the supposedly safe environment of an office, falls are the most common type of accident. Tripping over an open desk or file drawer is a frequent hazard. Falls can also occur when an office worker bends down to reach something while seated in an unstable chair or trips over an electrical cord.

To help eliminate slip, trip, and fall hazards, we’d recommend taking these steps:

• Make tripping and fall hazards a major part of your regular safety inspections. Include these items in your daily and weekly inspection checklists. Also encourage workers to report any slip, trip, or fall hazards they identify.
• Review accident reports to determine the causes of slips, trips, and falls. Don’t fall into the trap of just blaming “carelessness.” One supervisor did just that at American Airlines when a cargo handler descending from the cab of a ramp cargo vehicle slipped on a worn tread and broke his ankle. The safety department admonished the department supervisor for writing down “Told to be careful” as the corrective action, when the real cause of the accident was the worn tread that should’ve been reported and replaced.
• Post safety posters warning about slip, trip, and fall hazards all around your facility as a constant reminder.
• Provide slip, trip, and fall training for all workers.

Your level of preparation for emergencies will determine how well your workers and your facility survive these incidents.

Of course, the nature and scale of your emergency planning and compliance effort depend on the kind of business you’re in and the types of workplace emergencies you and your employees are most likely to experience. However, every employer needs a plan that anticipates the worst and prepares employees to survive any possible event — even the most catastrophic.

Your level of preparation will also establish how OSHA views your compliance with emergency action requirements. OSHA standards often refer to workplace emergencies. For example, subparts E, H, K, L, and Z of the general industry standards all mention emergency preparedness and list a number of mandatory rules.

Checklists can enhance your emergency action plan and help keep your workplace and your employees safe and in compliance with OSHA regulations. Here are a few of the critical questions you need to ask:

• Do you have a written emergency action plan that spells out the what, when, how, and who of emergency response?
• Are all your employees familiar with your emergency action plan?
• Do workers have assigned evacuation routes and designated gathering places outside your facility?
• Have you established and tested effective communications systems for use during workplace emergencies?
• Do employees understand how to carry out any emergency duties they’ve been assigned?
• Do they know how and to whom to report workplace emergencies?
• Are your alarm systems in compliance with the requirements of 29 CFR 1910.165 (Employee Alarm Systems)?
• Do you have functioning emergency equipment such as fire extinguishers and sprinkler systems?
• Do you hold regular fire drills, evaluate performance, and retrain as necessary?

For a free consultation on your emergency action plan, please get in touch with our risk management professionals.