Is Your Employee’s COVID-19 Case Work-Related?

Is Your Employee’s COVID-19 Case Work-Related?

Is Your Employee’s COVID-19 Case Work-Related?

The coronavirus (COVID-19) pandemic has created massive change and concern for employers and employees across the world. Even as businesses reopen and employees return to their new normal, the risk of becoming exposed to and ill with COVID-19 is still present. When an employee reports they have COVID-19, employers are faced with the difficult task of determining whether the employee’s illness is work-related. This HR Insights piece will provide an overview of how employers can determine when a COVID-19 case is work-related, OSHA requirements for reporting illness and best practices for responding to an employee’s positive COVID-19 test. As is the case with all inherently legal issues, employers are strongly recommended to seek the guidance of legal counsel when faced with any of the claims discussed herein. This article should not be considered legal advice.

OSHA Requirements

The Occupational Safety and Health Act (the Act) requires employers to report and record work-related injuries and illnesses. OSHA has indicated that COVID-19 infections are recordable injuries if they are work-related and they meet the Act’s recording criteria. Recording requirements apply only to employers with more than 10 employees who are not in an exempt, low-risk industry.

In addition, employers must report incidents that result in an employee’s fatality within eight hours. Incidents that result in inpatient hospitalization, amputation or loss of an eye must be reported within 24 hours.

COVID-19 Case Work-Related

OSHA Guidance on Work-relatedness

An injury or illness is work-related if an event or exposure in the work environment either caused or contributed to the resulting condition or significantly aggravated a preexisting injury or illness. Work-relatedness is presumed for events or exposures in the work environment.

Case-by-Case Evaluation

Unfortunately, because the coronavirus is so widespread, determining whether an employee’s illness is work-related can be difficult and should be evaluated on a case-by-case basis. Employers can conduct the following activities when an employee reports a positive COVID-19 diagnosis:

  • Ask how the employee believes they were exposed to the coronavirus.
  • Ask employees about their work-related activities.
  • Ask employees about their out-of-work activities, while being sure to respect their privacy.
  • Conduct a review of the employee’s work environment to identify potential COVID-19 exposure.
  • Review whether the employee’s co-workers have reported a COVID-19 diagnosis or symptoms.

After conducting a review, employers will hopefully have enough information to determine whether a COVID-19 case is work-related. Employers should consider that certain situations, including the following, make it more likely for a COVID-19 case to be work-related:

  • The employee is frequently and regularly exposed to the public.
  • There are other employees who have tested positive for COVID-19.
  • The employee works closely or has regular contact with someone who has tested positive for COVID-19.

Employers should consult legal counsel when evaluating whether an employee’s COVID-19 case is work-related to ensure compliance with all applicable federal, state and local laws.

COVID-19 Case Work-Related

Recording a Work-related COVID-19 Case

OSHA has clarified that COVID-19 can be a recordable illness if a worker is infected as a result of performing their work-related duties. However, employers are only responsible for recording cases of COVID-19 if all of the following are met:

OSHA’s definition of a recordable illness includes “both acute and chronic illnesses, such as, but not limited to, a skin disease, respiratory disorder or poisoning.” This definition is limited to abnormal conditions or disorders that exclude the common cold and the seasonal flu. This can make it difficult when employees show up to work with coronavirus-like symptoms, such as a high fever or coughing. For this reason, employers may hold off until they have a confirmed COVID-19 diagnosis before starting a recordability analysis. A confirmed case of COVID-19 means an individual with at least one respiratory specimen that tested positive for SARS-CoV-2, the virus that causes COVID-19.

Reporting a Work-related COVID-19 Case

COVID-19 cases must be reported if they are work-related and result in a fatality (within eight hours), inpatient hospitalization, amputation or loss of an eye (within 24 hours). The reporting periods begin as soon as the employer learns about the work-related incident, even if there is a delay between the time the incident takes place and the time the incident is reported to the employer.

If the OSHA area office is closed, employers are expected to report these incidents by phone at 1-800-321-OSHA (6742) or the reporting application located on OSHA’s public website at www.osha.gov.

Recordkeeping Requirements

Employers with more than 10 employees and whose establishments are not classified as a partially exempt industry must prepare and maintain records of serious occupational injuries and illnesses, using OSHA Forms 300, 300A and 301.

  • Form 300 (Log of Work-Related Injuries and Illnesses): Use to classify work-related injuries and illnesses and to note the extent and severity of each case. When an incident occurs, employers must use Form 300 to record specific details about what happened and how it happened.
  • Form 300A (Summary of Work-Related Injuries and Illnesses): Shows the total number of work-related injuries and illnesses for the year in each category. At the end of the year, employers must post the Form 300A in a visible location so that employees are aware of the injuries and illnesses occurring in their workplace. Employers must keep a log for each establishment or site. When an employer has more than one establishment, a separate log and summary must be kept at each physical location that is expected to be in operation for one year or longer.
  • Form 301 (Injury and Illness Incident Report): Must be filled out within seven calendar days after an employer receives information that a recordable work-related injury or illness occurred. This report includes information about the employee and the treating physician, and detailed information about the case. Employers must keep this report on file for five years following the year it pertains to.

The information collected in these records enables OSHA to determine DART rates for employers and industries. DART stands for “days away, restricted and transferred” and is a safety metric that helps determine how many workplace injuries and illnesses caused employees to miss work, perform restricted work or be transferred to another job within a calendar year. OSHA uses data from a three-year sampling period to update the list of partially exempt industries. Industries with a DART rate lower than 75% of the average DART for the sampling period are allowed a partial exemption from recording requirements.

Following these reporting requirements is essential to protecting your organization from potential litigation and OSHA violations. These recordkeeping violations can quickly add up, with first-time violations ranging between $1,000 to $5,000 and willful violations carrying a penalty of $134,937 per violation.

Best Practices for Responding to a COVID-19 Test

When an employee notifies you that he or she is sick with COVID-19, you should respond calmly and empathetically. In these uncertain times, it can be easy to overreact, but you need to ensure that the infected employee is treated with compassion. Reassure the employee that their identity will remain confidential, and be sure to help them coordinate taking leave or paid time off until they’ve recovered.

Without disclosing the identity of the infected employee, directly notify any co-workers or customers with whom the ill employee had been in contact. Be sure to remain calm and let them know that someone they have been in contact with or have been in their physical work area has tested positive for COVID-19. Recommend that they should self-quarantine for the next 14 days and monitor themselves for the symptoms of COVID-19. If feasible, allow eligible employees to work from home during this time.

Be sure to notify the rest of the company by email or letter that an employee has tested positive for COVID-19. Remember to keep the employee’s identity protected and be transparent about your response. The communication should include what steps your company will be taking to protect the health of other employees. If you plan on having employees work from home for the next 14 days or closing the office, this information should be disclosed in the communication.

According to the CDC, COVID-19 can remain on hard surfaces for up to 12 hours, creating a potential risk of transmission. Depending on the size of your organization, you may want to consider closing the office for a few days so that it can be thoroughly cleaned and disinfected. All surfaces that the infected employee may have touched should be disinfected, as well as other high-touch surfaces, which include countertops, cabinets, doorknobs, handles and chairs.

Summary

The COVID-19 pandemic is widespread across the country, and it’s likely that employers may be faced with the difficult situation of responding to an employee’s positive diagnosis and determining whether their illness is work-related. Before making any decisions, employers should consult legal counsel to ensure compliance with all applicable laws. For additional resources on the COVID-19 pandemic, contact GDI Insurance Agency, Inc. today.

California’s Leader in Insurance and Risk Management

As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!

We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.

Contact us today 1-209-634-2929 for your comprehensive workers compensation insurance quote!

Wheelchair Safety for Passenger Vans

Wheelchair Safety for Passenger Vans

Wheelchair Safety for Passenger Vans

Passenger vans—which typically have an occupancy of between nine and 15 people—are used by many organizations to transport a wide range of passengers. Some of those passengers require the use of a wheelchair. Wheelchairs can either be stored as cargo when not in use or used as a seat during transport. There are many safety considerations and best practices to be aware of for those who are in charge of the loading, unloading and securement of wheelchairs and their occupants in passenger vans. Find out how your business can implement wheelchair safety for passenger vans.

These best practices are especially important when a passenger is using a wheelchair as a seat in the vehicle. As such, employees should be trained on working with different types of wheelchairs as seats in the vehicle, securing occupants in those seats and securing the wheelchair as cargo when it is not in use.

Wheelchair Safety

Loading and Unloading A Wheelchair Safely

Employees must be trained on how to use the proper equipment to board wheelchairs in passenger vans. This includes understanding how the lift works, operation of the lift and how to position the wheelchair on the lift. If the vehicle uses a different method—like a ramp for loading and unloading—then employees should be trained in using that particular setup. Your employees should follow these wheelchair safety tips.

Generally, an employee should face the rear of the wheelchair toward the vehicle while operating the lift. However, the best practice is to follow the manufacturer’s guidance regarding lift instructions. Another reason to position the rear of the chair toward the vehicle is to keep the weight of the wheelchair closer to the vehicle, which makes the occupant feel more secure and distributes the weight evenly. This position also reduces the risk of pinching or crushing of the occupant’s feet or the chair’s footrests between the vehicle and the lift.  In addition, if the wheelchair was rear-facing when loaded, the wheelchair can simply be pushed out from the van during unloading. This requires significantly less maneuvering during the unloading process.

When loading or unloading, the wheelchair brakes should be engaged to prevent the chair from rolling off the platform when the lift is in motion. In the case of powered wheelchairs, the power should be turned off to prevent any issues before operating the lift.

Employees should also make sure that the lift gate is level with the ground before loading a wheelchair onto the lift. This will prevent the wheelchair from rolling prior to locking the brakes on the chair. Employees should ensure that any stops are utilized to prevent rolling issues. If a passenger has a motorized wheelchair, they should not be permitted to drive onto the lift. Rather, someone else should position the wheelchair appropriately on the lift.

If wheelchairs are being used as seats in passenger vehicles, voluntary industry standards should be followed to provide the safest environment for occupants. Employers should follow the American National Standards Institute and the Rehabilitation Engineering and Assistive Technology Society of North America (ANSI/RESNA) standard WC 19.

Employee Safety and Wheelchair Safety

Another important safety practice to keep in mind is to make sure employees know how to properly operate the lift to protect themselves from any pinching or crushing injuries. That being said, employers must train their employees on the use of the different lifts for their vehicles. 

Specifically, when operating the lift, employees should make sure the occupant keeps their arms and legs within the area of the lift. This prevents any injuries occurring from any moving parts of the lift.

If a lift is not available for loading wheelchairs, then it is recommended that two people are used to load the chair. Depending on the circumstances, an employer should ensure there are two people available or provide the employee driving the passenger van with a vehicle that has a lift. These practices will help protect employees from injury.

Wheelchair Safety and Securement

Under Department of Transportation (DOT) and Americans with Disability Act (ADA) regulations, all ADA-compliant passenger vans are required to have a two-part securement system to provide to users. The first part of the system should secure the wheelchair (by using the four-point securement method), while the other should provide a seat belt and shoulder harness to secure the wheelchair user. When employees are strapping down the wheelchair, they should always refer to the equipment’s manufacturer instructions to determine whether there are any special requirements for the wheelchair. More often than not, however, the same securement methods can be used for various types of wheelchairs.

Employers should also follow all best practices for securing wheelchairs under ANSI/RESNA. Specifically, ANSI/RESNA WC 18 and WC19 provide employers with standards to follow when wheelchairs are used as seats in motor vehicles, as well as standards to follow regarding wheelchair tie-downs and occupant restraint systems.

Such standards include information on a wide range of wheelchair types and styles. The standard recommends a four-point securement method with strap-type tie-down systems and belt-type occupant restraints. This securement system includes straps to secure the wheelchair and straps to be used for a seat belt and shoulder harness for the wheelchair user. Further, keep in mind that employees should secure the wheelchair by using straps that are directly attached to the floor.

These straps should not be attached to any removable or moving part of the wheelchair. When strapping down a wheelchair with an occupant, employees should make sure the occupant is facing forward in the vehicle, as that is the safest position. According to the ADA, facing wheelchairs to the rear of the vehicle is not permitted in vehicles that weigh under 30,000 pounds, as this can potentially lead to more injuries for the wheelchair occupant. Facing a wheelchair to the side in the vehicle is also not recommended. To secure a wheelchair using the four-point securement method, employees should make sure there are two points in the front that are secured and two in the back. It is very important to properly secure the wheelchair to prevent any risk of the chair moving during a hard stop or an accident.

Straps used to tie down wheelchairs should be rated for securing wheelchairs. They should never be crossed or twisted. Inspections should be completed on the straps prior to each use to ensure they are not frayed and are in good working order.

If a wheelchair is being stored as cargo in a vehicle and not being used as a seat, then it should be stored in a spot within the vehicle where it cannot move during transportation. If that is not the case, then the wheelchair, if possible, should be folded and secured within the vehicle. If the wheelchair cannot be folded, then it should be secured like it would if there were an occupant in it.

Wheelchair Safety

Wheelchair Safety and Occupant Restraints

The occupant must be secured in the wheelchair in case of an accident. A seat belt will prevent the occupant from being ejected from the chair, protecting them from additional injury. In regard to seat belts, employers should train employees on the best practices for using occupant restraints under the ANSI/RESNA standards in section WC 18.

The seat belt should not go over the armrests or any devices on the wheelchair. All restraints should be used properly. If not, the restraints will not help keep the occupant in place during an accident and could also cause further injuries. Employees should recognize that there will be different positions for different occupants due to the occupant’s height and weight, as well as the type of chair. Failure to restrain a wheelchair properly can cause injury to the occupant.

Lastly, ongoing training is important for employees to make sure that proper care is taken while transporting passengers who require wheelchairs. Not only does training reduce the risk of injury to both the employee and chair occupant, but it also prevents employer liabilities stemming from not properly accommodating those with disabilities under the ADA or other relevant regulations.

For more risk management guidance, contact GDI Insurance Agency, Inc. today.

California’s Leader in Insurance and Risk Management

As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!

We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.

Contact us today 1-209-634-2929 for your comprehensive insurance quote!

Portal Opens for Second Round of PPP Loans

Portal Opens for Second Round of PPP Loans

Portal Opens for Second Round of PPP Loans

The U.S. Department of Treasury and the U.S. Small Business Administration (SBA) have announced that beginning Monday, Jan. 11, applications will be accepted for the second round of PPP loans in the SBA’s Payment Protection Program (PPP). This second round includes $284 billion in funding that was allocated for the PPP in the stimulus bill passed on Dec. 27, 2020. This round of funding will run through March 31, 2021.

The second round of PPP loans provides eligibility to new borrowers and certain existing PPP borrowers. As eligibility opens up, small businesses and lenders should prepare to adhere to the new requirements detailed below. 

Second Round of PPP Loans

Second Round of PPP Loans Application Schedule

Monday, Jan. 11, marks the opening of the portal. Initially, the portal will only be open to borrowers applying for their first PPP loan (known as “First Draw PPP Loans”) through “community financial institutions.” These “community financial institutions” are lenders that serve minority, underserved, veteran and women-owned businesses.

On Wednesday, Jan. 13, borrowers applying for a second PPP Loan (known as “Second Draw PPP Loans”) also become eligible. Again, the SBA will only accept applications from lenders designated a “community financial institution.”

The PPP will open to all participating lenders “shortly thereafter,” according to the announcement. The SBA has yet to announce a specific date.

Second Round of PPP Loans

Information About the Second Round of PPP Loans

For the most part, the rules for this round are very similar to the initial round of PPP loans. However, there are updates to the first round of funding. According to the Treasury, key PPP updates include:

  • PPP borrowers can set their PPP loan’s covered period to be any length between eight and 24 weeks to best meet their business needs;
  • PPP loans will cover additional expenses, including operations expenditures, property damage costs, supplier costs and worker protection expenditures;
  • The program’s eligibility is expanded to include 501(c)(6)s, housing cooperatives and direct marketing organizations, among other types of organizations;
  • The PPP provides greater flexibility for seasonal employees;
  • Certain existing PPP borrowers can request to modify their First Draw PPP Loan amount; and
  • Certain existing PPP borrowers are now eligible to apply for a Second Draw PPP Loan.

A borrower is generally eligible for a Second Draw PPP Loan if the borrower:

  • Previously received a First Draw PPP Loan and will or has used the full amount only for authorized uses;
  • Has no more than 300 employees; and
  • Can demonstrate at least a 25% reduction in gross receipts between comparable quarters in 2019 and 2020.

For more specifics about the second round of PPP funding, the SBA has provided additional details.

What’s Next?

Borrowers should review the criteria for this second round of PPP loans. Borrowers considering applying should prepare and have on hand all relevant documentation. Lastly, borrowers should direct any questions regarding PPP loans to their lender.

We will continue to monitor any additional developments regarding the PPP and deliver updates as necessary. For more information about the PPP, contact GDI Insurance Agency, Inc.

California’s Leader in Insurance and Risk Management

As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!

We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.

Contact us today 1-209-634-2929 for your comprehensive business insurance quote!

Terrorism Risk Insurance and What You Need To Know

Terrorism Risk Insurance and What You Need To Know

Terrorism Risk Insurance and What You Need To Know

Terrorism has become an unfortunate fact of life. From the Nashville Christmas bombing, the Pittsburgh synagogue shooting to the Sandy Hook Elementary School tragedy to the Las Vegas Strip concert massacre, the news is filled with headlines related to acts of terrorism or thwarted attempts. These types of tragic events are changing how business owners are protecting their interests. You may want to consider a Terrorism Risk Insurance policy to protect your business.

“Commercial Property Insurance policies often contain exclusions for acts of terrorism,” said Carolyn Reiter, Associate Vice President, Global Excess Partners, New York, New York. “If the FBI determines the Nashville incident is an act of terrorism, those impacted may be denied coverage through their current Commercial Property Insurance policies.”

Terrorism Risk Insurance

Domestic and Foreign Terrorism

Terrorism differs from other catastrophes because it is not an aspect of weather or nature. However, it shares the same problem of insurability with its natural peers. There are two distinct types of terrorism: domestic and foreign. Domestic terrorism involves terrorist acts (or plans) by citizens of the same country where the act is committed. The reason for the act (or planned act) generally involves some domestic political agenda.

Foreign terrorism involves acts of individuals from one (or more countries) who wish to disrupt the lives of another country’s citizens in order to advance a particular cause.

The Real Risk to Your Business

The perpetrators of terrorist attacks and the methods they use continue to shift and relatively unprotected targets are becoming a greater focal point. Property damage and bodily injury are the primary risks associated with terrorism, yet there are liability factors that you should consider to best safeguard your business, including:

  • Business interruption loss
  • Fiduciary liability for corporate directors and officers
  • Pollution loss and liability
  • Privacy and network security liability

At least 45 businesses were da­­maged in the Christmas Day bombing in Nashville, Tennessee that decimated a block of downtown buildings. Local police and the Federal Bureau of Investigation (FBI) are still investigating why a 63-year-old Nashville area information technology consultant set off the explosion in his RV, killing himself and causing widespread destruction.

The bomb was detonated near an AT&T telecommunications hub, temporarily freezing mobile and internet systems in five states. As affected business owners assess the damage to their properties, they are also questioning whether their insurance policies will cover the repairs. If it is classified as terrorism, property owners without appropriate insurance coverage worry they may have to pay out of pocket for the damage.

Terrorism Risk Insurance

Types of Terrorism Risk Insurance Solutions

Domestic terrorism coverage is available in traditional policies and stand-alone terrorism risk insurance. Traditional policies, including commercial general liability and property policies, may provide some coverage for terrorism risk if not expressly excluded.

Workers’ compensation insurance is another traditional policy that may provide some form of terrorism coverage. Unlike property and casualty policies, workers’ compensation policies will not have terrorism (or war) exclusions.

You may also consider purchasing stand-alone terrorism coverage. Stand-alone policies typically exclude:

  • Political risks, including loss resulting from strikes, riots, civil commotion, rebellion, revolution, war and insurrection
  • Cyber-related loss and liability
  • Nuclear, biological, chemical and radiological hazards, like anthrax

Terrorism Insurance coverage is available through a standalone policy or the federally-backed Terrorism Risk Insurance Program (TRIP),1 authorized by the Terrorism Risk Insurance Act of 2002 (TRIA) in the wake of the September 11, 2001 attacks and extended through 2027 by the Terrorism Risk Insurance Program Reauthorization Act of 2019 (TRIPRA). Nevertheless, many business owners have no Terrorism Insurance coverage at all, leaving them vulnerable at a time when terrorism is an escalating concern and businesses are already struggling to survive in a pandemic-induced recession.

Many times people believe that if they aren’t right next to something like an NBA arena or a National Monument that they don’t need it. But in the case of the AT&T building in Turlock, that could have impacted nearly 1/4 – 1/3 of our downtown.

Terrorism Risk Insurance

Stand-alone Terrorism Risk Insurance Coverage

Terrorism Insurance can be purchased as a standalone policy—without a minimum loss requirement. Such policies include broader definitions of acts of terrorism that do not require government certification, Reiter said.

If you opt for stand-alone coverage, selecting the policy with the best terms involves more than just ensuring coverage extends beyond “certified acts of terrorism.” Valuation terms in stand-alone terrorism policies should be carefully reviewed to ensure you are appropriately compensated for loss and damage, even when actual repair or replacement isn’t possible or ideal.

It’s also important that specific terms are well defined, such as what constitutes an “occurrence” and how the number of occurrences associated with a given claim will be determined.

Coverage under a standalone Terrorism Insurance policy can also include loss of business income such as could occur during a forced closure due to property damage or to allow a criminal or forensic investigation to take place. Terrorism Liability Insurance is another important consideration, providing coverage for bodily injuries or deaths that may occur on a business’ premises due to terrorism.

 A standalone Terrorism Insurance policy could mean a faster recovery for business owners in the aftermath of a terror attack, Reiter said. “There is typically a significant lag time to process claims and issue payments under a government-backed program, especially compared to a general insurance claims transaction,” she explained. “Coverage under a standalone Terrorism Insurance policy could help a business start recovering from an attack much sooner.”

Other Policy Terms to Consider

Traditional policies or stand-alone terrorism risk insurance generally will include these terms:

  • Sue and labor. What property is reasonable to protect, recover or save after a general casualty loss may differ from what is appropriate following an act of terrorism. Avoid disputes by tailoring language in “sue and labor” provisions accordingly.
  • Expediting expenses. After an event, you want to be able to return to “business as usual” as quickly as possible. However, the costs incurred to sustain operations or expedite repairs in the wake of a terrorism incident may vary considerably from any other casualty loss. It may be appropriate to expand terms beyond “reasonable and necessary” costs to include security or healthcare-related expenses.
  • Increased construction cost. A terrorism incident may prompt legislative or other practical requirements that may increase the cost of demolition and compliant repair.
  • Pollution exclusion. The “act of terrorism” may prompt the release of hazardous substances — increasing the cost of the claim. Policies should not exclude the cost associated with a release of “pollutants” that is an indirect result of an otherwise covered “act of terrorism.”

For more clarity on how to protect your business from exposure to terrorism risk, reach out to your insurance professional and review the type of insurance coverage and policy terms that are right for your business.

California’s Leader in Insurance and Risk Management

As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!

We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.

Contact us today 1-209-634-2929 for your comprehensive business insurance quote!

Privacy and Cyber Security

Privacy and Cyber Security

Privacy and Cyber Security

With the enormous amount of sensitive information stored digitally, companies need to take the proper measures to ensure this data is never compromised. Ultimately, it is the responsibility of business owners to protect their clients’ data with privacy and cyber security.

Failing to do so can result in a data breach, which costs companies billions of dollars every year. Understanding the risks involved with data security can help you prevent a privacy breach.

Know the Privacy and Cyber Security Risks

The first step in protecting your business is to recognize basic types of risk:

  • Hackers, attackers and intruders—These terms are applied to people who seek to exploit weaknesses in software and computer systems for their personal gain. Although their intentions are sometimes benign, their actions are typically in violation of the intended use of the systems that they are exploiting. The results of this cyber risk can range from minimal mischief (creating a virus with no negative impact) to malicious activity (stealing or altering a client’s information).
  • Malicious code—This is the term used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system.
    • Viruses: This type of code requires that you actually do something before it infects your system, such as open an email attachment or go to a particular Web page.
    • Worms: This code propagates systems without user interventions. They typically start by exploiting a software flaw. Then, once the victim’s computer is infected, the worm will attempt to find and infect other computers.
    • Trojan horses: Trojans hide in otherwise harmless programs on a computer, and much like the Greek story, release themselves when you’re not expecting it and cause a lot of damage. For example, a program that claims to speed up your computer system but actually sends confidential information to a remote intruder is a popular type of Trojan.

IT Risk Management Practices

To reduce your cyber risks, it is wise to develop an IT Risk Management Plan at your organization. Risk management solutions utilize industry standards and best practices to assess hazards from unauthorized access, use, disclosure, disruption, modification or destruction of your organization’s information systems.

Consider the following when implementing risk management strategies at your organization:

  • Create a formal, documented risk management plan that addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyber risk assessments. This plan should include a characterization of all systems used at the organization based on their function, the data stored and processed and importance to the organization.
  • Review the cyber risk plan on an annual basis and update it whenever there are significant changes to your information systems, the facilities where systems are stored or other conditions that may affect the impact of risk to the organization.

Due Diligence When Selecting an ISP

In addition, your organization should take precautionary measures when selecting an internet service provider (ISP) for use for company business.

An ISP provides its customers with Internet access and other Web services. In addition, the company usually maintains Web servers, and most ISPs offer Web hosting capabilities. With this luxury, many companies perform backups of emails and files, and may implement firewalls to block some incoming traffic.

To select an ISP that will reduce your cyber risks, consider the following:

  • Security – Is the ISP concerned with security? Does it use encryption and SSL to protect any information that you submit?
  • Privacy – Does the ISP have a published privacy policy? Are you comfortable with who has access to your information, and how it is handled and used?
  • Services – Does your ISP offer the services that you want and do they meet your organization’s needs? Is there adequate support for the services provided?
  • Cost – Are the ISP’s costs affordable and are they reasonable for the number of services that you receive? Are you sacrificing quality and security to get a lower price?
  • Reliability – Are the services provided by the ISP reliable, or are they frequently unavailable due to maintenance, security problems and a high volume of users? If the ISP knows that their services will be unavailable, does it adequately communicate that information to its customers?
  • User supports – Are there any published methods for contacting customer service, and do you receive prompt and friendly service? Do their hours of availability accommodate your company’s needs?
  • Speed – How fast is your ISP’s connection, and is it sufficient for accessing your email or navigating the Web?
  • Recommendations – What have you heard from industry peers about the ISP? Were they trusted sources? Does the ISP serve your geographic area?

Government Regulation

There aren’t many federal regulations regarding cyber security, but the few that exist cover specific industries. The 1996 Health Insurance Portability and Accountability Act (HIPAA), the 1999 Gramm-Leach-Bliley (GLB) Act and the 2002 Homeland Security Act, which includes the Federal Information Security Management Act (FISMA) mandate that health care organizations, financial institutions and federal agencies, respectively, protect their computer systems and information. Language is often vague in these laws, which is why individual states have attempted to create more specific laws on cyber security.

California led the way in 2003 by mandating that any company that suffers a data breach must notify its customers of the details of the breach. Currently, all 50 states and the District of Columbia have data breach notification laws in place.

Protection is our Business

Your clients expect you to take proper care of their sensitive information. You can never see a data breach coming, but you can always plan for a potential breach. Contact GDI Insurance Agency, Inc. today—we have the tools necessary to ensure you have the proper coverage to protect your company against a data breach.

California’s Leader in Insurance and Risk Management

As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!

We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.

Contact us today 1-209-634-2929 for your comprehensive cyber liability insurance quote!