How to Prepare for Possible PG&E Power Shutdowns

Business Interruption power outage

PG&E has warned California residents and businesses that it may shut down the power grid for as long as five days for large portions of the state when there are high-wind conditions during the dry fire season.

That’s because PG&E’s infrastructure was found to be the cause of several recent California wildfires.

PG&E has sent letters to residents and business in the Central Valley, Bay Area, Sacramento area, Foothills, Northern counties and beyond informing them that “if extreme fire danger conditions threaten a portion of the electric system serving your community, it will be necessary for us to turn off electricity in the interest of public safety.”

With the specter of multiple-day power outages, all businesses need to be prepared for keeping their operations going and preventing losses that may not be covered by insurance. For almost any business today, a loss of power for an extended period of time could destroy its ability to conduct operations.

Just think how difficult it would be if you lost access to your computers, which are the nervous system of any business today. If you have no power, your operations could be shuttered for all intents and purposes.

There a number of steps you can take to make sure your businesses is resilient and can keep functioning during power outages, especially if they last a few days:

Identify business processes that will be significantly affected

Since you have the luxury of knowing in advance that there could be a long-lasting power outage, you can take steps now to identify business processes that will be greatly inconvenienced by the power outage. These processes will differ from business to business, but once you put them all down on paper, it will be easier for you to make a plan to keep those functions going. 

Create a continuity plan

Once you’ve identified those processes, you should brainstorm on how you can keep them going without your typically reliable power supply.

In order to get back to normal operations swiftly, employees should know how to respond to the power outage.

Create a step-by-step list of things, with proper designation to employees in the event of an outage. Set up emergency numbers in sight for employees to call, including your electricity supplier to get an estimate on when power may be restored.

Set up a back-up power system

To make sure you can continue operating, you should consider investing in a back-up generator. With a generator, you can continue to run critical aspects of a small business during a power outage, but they must be operated safely.

Generators need to be used with adequate ventilation to avoid risk of carbon monoxide poisoning. Never plug generators directly into power outlets, as this can injure utility workers. Never use a generator under wet conditions, and always let them cool off before refueling.

Cloud storage and MiFi

If you have not done so, you should secure a means of paperless document and file storage on the cloud. If there is a power outage and an accompanying surge, you could quickly lose your data. Plan ahead with a cloud server.

You should also prepare a system of personal wireless hotspots, or MiFi devices, so that even when the internet goes down, you can finish important tasks requiring web access, such as setting up an e-mail auto-response.

Make a survival kit

Creating an inventory of supplies for times when the power is out can help protect your employees and operations. Consider having on hand:

  • Cash
  • Medical supplies
  • Extra gas
  • Portable phone batteries for devices
  • Water
  • Canned food
  • Flashlights
  • Rope and other basic items.

The kit should be kept in an easy-to-reach place, and employees should be trained on where it is and how to use it.

And invest in business insurance

The best way to minimize the financial blow is to have the proper insurance in place. A multiple-day power outage could really crimp your income stream and, if you lose money due to your inability to operate, the typical business owner’s policy won’t cover lost revenue.

But, a business interruption policy would. These policies will reimburse you for lost revenues due to a number of events, including “service interruption” due to power outages and other utility services interruptions.

The important caveat is that the interruption was not caused by any of your own faulty equipment or wiring. But if the power company is shutting down power, any losses you incur should be a valid claim.

Business Growth Can Lead to Increased Risk

Business Growth

As the economy continues expanding, companies need to be careful about properly managing their risk, according to a report by Advisen Inc., an insurance research and data firm.

Increased activity typically means proportionally additional losses. For example, more trucks driving more miles will inevitably result in more accidents. However, there are other kinds of risk that can actually increase more than the jump in business activity. We look at three such areas here.

Workplace safety

Workplace injuries can increase as firms hire workers that have less experience. Typically, when employers expand their workforce to meet the growing demand for their products and services, the number of workers’ compensation claims tended to rise disproportionately.

New employees with less experience typically are more likely to sustain a workplace injury. At the same time, experienced staff may look for new job opportunities as compensation begins to take priority over job security.

What you can do: One option is to hire a temporary-staffing firm to fill positions. In these relationships, the client company is not responsible for covering temporary workers.

But you should be aware that OSHA requires what is known as the “dual employer doctrine”, under which temps are considered employees of both the agency and the company using them. And you are also not off the hook for providing them with a safe work environment and safety training specific to their job.

And remember: Check to make sure the temp agency has workers’ comp insurance.

Litigation increases

The risk of being sued rises as employees make mistakes due to pressure on existing staff to increase production, and again when less experienced workers are added to the payroll.

Your workers may be putting in extra hours. But fatigued workers make mistakes. For example, some of the worst industrial disasters have been in part the result of tired workers. Bhopal, Chernobyl and the Exxon Valdez oil spill all involved decisions made late at night or extremely early in the morning by people working long hours.

In addition, inexperienced employees are more like contribute to incidents where outsiders are hurt.

What you can do: Conduct thorough interviews, check references and carry out background investigations when appropriate to avoid hiring people with known problems. You are responsible for the actions of your employees.

Also, make sure that you are not overworking your staff. Provide proper breaks so they can rest, especially in jobs that require attention and strength.

Labor law violations

Trends in litigation and regulation make it more likely that companies will be charged with labor law violations. Employees are braver now about filing complaints, thinking they have a good chance of landing a new job if they are fired.

In addition, the federal and many state governments have cracked down on wage and hour law violations.

As well, some companies may try to add to their worker pool by using more independent contractors, in order to avoid hiring new workers. But the federal government has mounted a serious crackdown on companies that inappropriately classify employees as independent contractors.

What you can do: Pay close attention to your payment systems and audit your systems to make sure you comply with wage and hour laws as well as meal and rest break laws.

The takeaway

The lesson is to increase your vigilance in managing your risk and review your existing risk management strategies for gaps due to business growth.

You can take the following steps to reduce your chances of increased claims:

  • Maintain high standards when hiring new employees, such as conducting thorough interviews, checking references and, where appropriate, investigating backgrounds;
  • Properly train and supervise new employees during a growth phase;
  • Consider your current policies on temporary workers, and weigh the benefits of a flexible workforce against liability issues that temporary workers pose;
  • Revisit your policies about independent contractors, especially in light of the U.S. Department of Labor’s efforts to ferret out misclassification;
  • Pay attention to overtime rules to ensure compliance with the law; and
  • Keep shareholders informed as much as possible about any mergers or acquisitions, including terms of the transaction.

The Risks of Staff Using Personal Devices for Work

Bring your own device

As more employees use their personal mobile devices for work companies are being forced to confront the resulting security implications as well as how the devices are changing behaviors in the workplace.

That’s according to a report by Littler Mendelson, an international law firm specializing in employment and labor law. The report highlights the dangers and benefits of allowing employees to use their personal devices at work.

As more people buy smart phones and tablet computers and bring them to work to use to perform company tasks, businesses have responded by implementing policies that allow employees to use their personal mobile devices to create, store, and transmit work-related data.

This trend is generally referred to as “Bring Your Own Device” or BYOD. Some companies even allow employees to replace their work laptop computer with their own personal PC, which is sometimes referred to as BYOC.

The report highlights two broad categories of risks personal devices in the workplace pose: data risks and behavioral risks.

Data Risks

The report looked at five information security threats posed by BYODs:

Lost or stolen devices – According to study by the Ponemon Institute, 39% of respondents reported that their organizations had sustained a data security breach in 2011 as a result of lost or stolen equipment. Put simply, if your employees use their personal mobile devices for work, your company data is at risk if they lose their gadget.

Malware – In February 2012, Juniper Networks reported a 155% increase from 2010 to 2011 in the volume of malicious software created for mobile devices, and malware targeting the Android platform rose 3,325%.

Friends and family – A report by the U.S. Treasury Department’s Financial Crimes Enforcement Network found that in 27.5% of suspicious activity reports filed by depository institutions between 2003 and 2009, the identity theft victim knew the suspected thief, who was usually a family member, friend, acquaintance, or an employee working in the victim’s home.

Links to the cloud – A number of apps for mobile devices allow users to store their documents and data using cloud-based storage, the report states. Employers must evaluate whether the sites provide sufficient security if the employee plans to store company information using the apps.

Security breach – If you have a breach in security, it could expose your company to government enforcement actions, civil penalties and litigation. There are both federal and state-level statutes and regulations on the books that govern storage of personal information in addition to contractual obligations, which increasingly are including responsibilities to safeguard against data breaches and the consequences for failing to do so.

Behavior issues

There is another downside that has not been much discussed. In the 2011 National Business Ethics Survey, the Ethics Resource Center reported that active social networkers (employees who spend 30% or more of their work day participating on various social network sites) are more likely to believe that certain questionable behaviors are acceptable, such as:

  • “Friending” a client or customer.
  • Blogging or tweeting negatively about your company or colleagues.
  • Keeping a copy of confidential work documents in case they need them in their next jobs.
  • Taking a copy of work software home for use on their personal computers.

In addition:

  • Wage and hour implications can arise from using a mobile device to conduct work while off the clock.
  • Both state and federal laws require employers to reimburse employees for expenses that arise in the course of doing their jobs. Once employees are using their own devices it raises questions of whether the employer is required to reimburse for the cost of the device, the data plan and monthly phone bill.

Littler Mendelson includes in its report a slew of recommendations for employers. When drawing up policies on BYODs, the employer should:

  • Decide which employees should be permitted to participate in a BYOD program. You may want to exclude senior executives whose data is more likely to be relevant in litigation, research and development employees and sales staff, who may store client information on their devices.
  • Create policies that address off-the-clock work.
  • Staff should know that if they BYODs the company must be authorized to access their devices for record retention or litigation holds or investigations.
  • Before allowing employees to use dual-use devices to perform work, companies should obtain their written consent to monitor the device, remotely wipe the device, install security software and copy data if necessary.
  • Follow good security practices.
  • Create policy barring friends or family from using the device.
  • Create a policy limiting the use of cloud-based storage.
  • Address safety issues, including a prohibition using the device while driving.
  • Your policy should include consequences for non-compliance.

Don’t Overlook Equipment Breakdown Insurance

Imagine it’s a typical July day. You own a 30,000-square-foot office building that is 85% occupied. And the air conditioning and ventilation systems stop working. The outside temperature is in the 90’s and the humidity is high. It doesn’t take long before the tenants start to complain.

The contractor you summon determines that an electrical arc fried the circuit board that controls the systems.

The board must be replaced, but it will take up to five business days for it to arrive. In the meantime, the building is unfit for people to work in, and the leases oblige you to credit tenants’ rents for periods when the building in uninhabitable for more than a day. In short, you face thousands of dollars in repairs and much more in lost rents.

While your property insurance policy will cover the resulting property damage from fires or explosions, it will not cover the equipment or lost income from the downtime during repairs.

But equipment breakdown insurance will.

Equipment breakdown insurance

This form of insurance is not a substitute for other property coverage. It will not pay for damage caused by fire, lightning, explosions from sources other than pressure vessels, floods, earthquakes, vandalism, and other causes of loss covered elsewhere.

Equipment breakdown policies are designed to fill in the gaps left by other policies, not to replace them. Also, they do not cover mechanical breakdowns that result from normal wear and tear as a device ages.

A number of events can trigger a claim for equipment, such as:

  • Mechanical breakdown in equipment that generates, transmits or uses energy, including telephone and computer systems.
  • Electrical surges that damage appliances, devices or wiring.
  • Boiler explosions, ruptures or bursts.
  • Events inside steam boilers and pipes or hot water heaters and similar equipment that damages them.

Business owners often overlook equipment breakdown coverage. Bur, virtually all of them have some need for this insurance.

What equipment breakdown insurance covers:

  • The cost of repairing or replacing the equipment.
  • Lost business income from a covered event.
  • Extra expenses you incur due to a covered event.
  • Limited coverage for losses like food spoilage in freezers that break down.

Most businesses rely heavily on machines in their daily operations, from computers to refrigeration equipment and elevators to manufacturing equipment.

For some, the cost of repairs to this equipment and resulting downtime can have a serious impact. Such businesses should seriously consider buying equipment breakdown insurance.
Call us if you would like to discuss this crucial form of coverage.

Commercial Auto Rates Face New Headwinds

Trucks, Route 66, California, USA

More accidents attributed to smartphone use while driving, coupled with much higher costs of repairs, have led to double-digit increases in commercial auto insurance rates over the past few years.

Distracted driving is just one of many factors that have converged on commercial auto insurance claims, resulting in sustained premium increases. Now there are new factors that are coming into play that will ensure that rates continue climbing, at least in the near term.

Commercial auto rates are increasing for companies with large fleets as well as for businesses with just a few vehicles and drivers. Here’s what’s at play and what you need to be aware of in the future.

Continuing factors

Distracted driving – This is the biggie. Starting a few years after the advent of smartphones in 2009, the steady decline in vehicle accidents and claims costs started to reverse when vehicular deaths started increasing for the first time in decades. The culprit, say many transportation safety experts, is distracted driving.

Repair costs – The cost of repairing vehicles has skyrocketed as cars have become more technologically advanced. A 2018 research paper by AAA found that vehicles equipped with advanced driver-assistance systems (ADAS) can cost twice as much to repair following a collision, due to expensive sensors and calibration requirements.

AAA cited the cost of repairing a car with windshield damage if it has an ADAS. The system uses cameras that are installed behind the windshield. These cameras need to be recalibrated after a windshield is replaced. This has increased the cost replacing such windshields to about $1,500, compared to $500 for a standard windshield.

Medical costs – Health insurance premiums and medical costs have been rising at a steady clip. Those increases carry over into the costs auto insurance companies incur when drivers and passengers are injured in an accident.

More miles driven – According to AAA, Americans are spending more time on the road. Driving more miles increases motorists’ likelihood of having an accident.

New and future risks

Weather-related property claims – A recent report in the insurance publication National Underwriter noted that commercial auto insurers say that the increasing frequency of large hurricanes, floods, hailstorms and wildfires are leading to higher auto physical damage claims. The number of property claims has been steadily increasing in the past decade as both the frequency and severity of major weather events grow.

Lack of experienced drivers< – As the economy expands, it’s become more difficult to find experienced drivers. Many experienced commercial drivers are retiring, and there are not enough job candidates with the skills and expertise needed to drive commercial vehicles.
The American Trucking Associations estimates that the industry is understaffed by more than 50,000 drivers, and this could increase more than threefold within eight years if current trends continue.

Security with onboard systems – As more vehicle functions become automated, new risks could surface from system failures that may result in accidents. There are number of technologies that come into play in new vehicles and a highly automated vehicle will rely on array of devices, including radar, light detection and ranging, cameras, graphics-processing units and central processing units.

As Cyber Attacks Rise, Is Your Business Protected?

Complex Circuit Board With Security Message

Cyber attacks on companies’ information systems and data have reached unprecedented proportions, and are growing with each passing year.

The biggest threat to an organization is if there’s been a breach of personally identifiable data or credit card information that it stores. That results in a number of costs, including notification costs, providing those whose data was compromised with credit monitoring, potential fines, legal costs if sued – and even reputational costs. If data is stolen, there are also restoration costs.

The threat is largest for smaller organizations. Because larger companies can afford to hire teams of technicians to thwart attacks, cyber criminals are increasingly targeting small and mid-sized organizations as they may not have the same resources to defend their data. The “2019 Internet Security Threat Report” by Symantec found that:

  • 48% of cyber attacks target small business.
  • Just 14% of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective.
  • 60% of small companies go out of business within six months of a cyber attack.

Ransomware

According to the Symantec report, in 2018, enterprises accounted for 81% of all ransomware infections. While overall ransomware infections were down, enterprise infections were up by 12% from the 2017 level.

With ransomware, hackers gain access to your IT system, lock it down and demand a ransom to release it. The ransom usually has to be paid in bitcoin or other cryptocurrency so that the criminals can avoid detection.

Phishing and malware

One of the most common ways for criminals to compromise an organization’s data is through phishing, a process through which employees are sent e-mails with links, which if they are clicked, gives the hackers entry into the company’s computer systems. Malware is usually the code that is inserted into the computer system to either slow systems down or to access the information.

What you can do

  • Install anti-malware software – This can weed out the latest malware before it does damage.
  • Keep your software up to date – Using up-to-date versions of operating systems, applications, firmware and browser plug-ins helps protect against the latest threats by patching security vulnerabilities.
  • Use strong passwords – Use a password manager tool to generate unique passwords and securely store your log-ins.
  • Lock down your devices – If your staff uses company-owned devices, or you allow them to use their own, require that the devices are locked with a password, fingerprint or other method.
  • Think twice before downloading – Remind staff to be cautious about downloading new software or browser plug-ins.
  • Click carefully – Teach your staff to look for telltale signs of phishing e-mails that prompt them to click on malicious links.

The ultimate protection

Cyber-liability insurance covers losses that result from data breaches and other cyber events.

While cyber-liability policies vary among insurers, there are some common threads:

Loss or damage to data – Many policies cover the costs to restore or recover lost, stolen or corrupted data, and may also cover the cost of outside experts or consultants you hire to preserve or reconstruct your data.

Loss of income or extra expenses – Many policies cover income you lose and extra expenses you incur to avoid or minimize a shutdown of your business after your computer system fails due a covered peril. The perils covered may be the same as those covered under damage to electronic data.

Cyberextortion losses – Cyber-extortion coverage applies when a hacker or a cyber thief breaks into your computer system and demands a ransom to unlock it, or to not damage the data. Extortion coverage typically applies to expenses you incur (with the insurer’s consent) to respond to an extortion demand, as well as the money you pay the extortionist.

Notification costs – Policies may cover the cost of notifying parties affected by the data breach by government statutes or regulations. They may also include the cost of hiring an attorney to assess your firm’s obligations under applicable laws and regulations.

Network security liability – This covers lawsuits that individuals or companies file against your organization alleging negligence on your part for failing to adequately protect data belonging to customers, clients, employees or other parties.

Employee Embezzlement on the Rise – Are You Protected?

A typical organization will lose an estimated 5% of its revenues every year due to fraud, according to a study by the Association of Certified Fraud Examiners.

The median loss among organizations both large and small was $140,000 per occurrence, and more than 20% of embezzlement losses were more than $1 million, the association found.

With those staggering numbers in mind, if you have not already done so, you need to take steps to reduce the possibility of employee theft – and also make sure you are adequately covered if they do steal from you.

Small organizations are especially susceptible to losses from employee embezzlement. These problems are often seen in cash-heavy businesses, or those with large inventories, but employee embezzlement is most frequently experienced in organizations lacking owner oversight of financial processes, usually due to placing far too much trust in employees and having no internal controls.

The new study by the fraud examiners association was released as another study, this one by professional security firm Marquet International, found that arrests and indictments for embezzlements had reached a five-year high in 2012.

Embezzlers are most likely to be a company bookkeeper, accountant or treasurer, who is female, in her 40s, and without a criminal record. The reason it’s more often than not a woman is that they are typically in the three aforementioned jobs.

How do they do it?

Marquet International in its study found that the most common ways of embezzling are:

  • Bogus loan schemes, which include cases in which fraudulent loans are created or authorized by the perpetrator from which funds are taken for their own benefit.
  • Credit card/account fraud cases, which involve the fraudulent or unauthorized creation and/or use of company credit card or credit accounts.
  • Forged/unauthorized check cases, which are those in which company checks are forged or issued without authorization for the benefit of the perpetrator.
  • Fraudulent reimbursement schemes, which include expense report fraud and other cases in which a bogus submission for reimbursement is made by the perpetrator.
  • Inventory/equipment theft schemes, including those cases in which physical corporate assets were stolen and sold or used for the benefit of the employee.
  • Payroll shenanigan cases, including all forms of manipulation of the payroll systems in order for the perpetrator to draw additional income.
  • Theft/conversion of cash receipt cases, which involve the simple taking of cash or checks meant for company receipts and pocketing or converting them for one’s own benefit.
  • Unauthorized electronic funds transfers, including those cases in which wire transfers and other similar transfers of funds are the primary mode of theft.
  • Vendor fraud cases, which include those where either a bogus vendor is created by the perpetrator to misappropriate monies or a real vendor colludes with the perpetrator to siphon funds from the company.

Thwarting embezzlers

Liability insurer Camico suggests that educating employees on the detrimental effects of employee fraud on the organization can reduce the likelihood of embezzlement.

Also, if you implement a regular review of bank and credit card statements, you’ll have a better chance of catching a thief. Company owners should look at the cleared transactions to determine the legitimacy of payees, including examining actual cancelled checks.

Also, it’s easy for transactions to be changed in the accounting system after the fact. An ill-intentioned bookkeeper could use this tactic to cover up their tracks. If you feel you do not have the time or expertise to oversee you finance department, you should contract with a qualified CPA to perform these checks and balances.

There are also inexpensive physical barriers that should be used to deter criminal activity. To protect cash, you can buy a $200 drop-slot safe to securely keep the night’s deposit until it is taken to the bank.

Similarly, security cameras deter misbehavior and can be the source of valuable evidence in case an incident occurs.

Securing coverage

Finally, you should consider taking out a crime insurance policy.

Most business insurance policies either exclude or provide only nominal amounts of coverage for loss of money and securities as well as employee-dishonesty exposures.

But a crime insurance policy protects against loss of money, securities or inventory resulting from crime. Common crime insurance claims include employee dishonesty, embezzlement, forgery, robbery, safe burglary, computer fraud, wire-transfer fraud, and counterfeiting.

Call us to discuss whether a crime policy is right for your company.