California Employers received some potentially GOOD news from a California Federal Judge with respects to Liability arising out of a COVID-19 workers comp claim.
During the last week of February 2021; a California Federal Judge dismissed a claim made by a spouse of an employee who allegedly contracted COVID-19 while on the job. The plaintiff alleged that she contracted COVID-19 from her husband who had contracted the virus while at work.
The dismissal was given with leave to amend the claim, so the Plaintiff may elect to revise and refile their claim; but as of now this is a positive indication as to how California courts may elect to view and decide on future claims.
A summary of the complaint and the situation may be found from The National Law Review at the following link:
Workers’ compensation is a no-fault system that provides medical expenses and lost-income replacement for employees who sustain injuries or illnesses that arise out of and in the course and scope of their employment.
Each state has its own workers’ compensation law that governs the process of determining whether an injury or illness is work related and therefore compensable. Under California’s workers’ compensation law, employees typically have the burden of proving that any claimed condition is work related.
On May 6, 2020, however, California’s governor issued Executive Order N-62-20 to reverse that burden for employees who were diagnosed with or tested positive for COVID-19 within 14 days after working at their places of employment between (and including) March 19 and July 5, 2020. On Sept. 17, 2020, the state enacted SB1159 to add the provisions of that order to the state’ workers’ compensation law and to extend the presumption that COVID-19 is work related to certain employees through Jan. 1, 2023.
New Presumptions Under SB1159
SB1159 creates a new presumption that COVID-19 is compensable for the following types of workers, if they test positive for COVID-19 within 14 days after working at a place of employment (not including their own homes), at an employers’ direction, on or after July 6, 2020:
Active firefighting members (including volunteers) of various, local, state and federal fire departments;
Peace officers who primarily engage in active law enforcement activities;
Fire and rescue services coordinators who work for the Office of Emergency Services;
Health facility workers who provide direct patient care to or come into contact with COVID-19 patients;
Certain registered nurses, emergency medical technicians and emergency medical technician-paramedics;
Workers who provide direct patient care for a home health agency; and
Workers who provide in-home supportive services outside their own homes.
In addition, SB1159 extends the presumption to any employee who tests positive for COVID-19 within 14 days after working at a place of employment, at an employers’ direction, on or after July 6, 2020, if:
The employer has five or more employees; and
The employee tests positive during an outbreak at the employee’s specific place of employment.
For this purpose, an “outbreak” exists when:
Four employees at a specific workplace test positive for COVID-19 within a 14-day period, if the employer has 100 employees or fewer at that workplace;
Four percent of the employees who reported to a specific workplace test positive for COVID-19 within a 14-day period, if the employer has more than 100 employees at that workplace; or
A specific workplace is ordered to close by a local or state public health authority due to COVID-19-related risk.
A specific workplace means the building, facility, store, field or other location where an employee performs work at the employer’s direction. It does not include an employee’s home, unless the employee provides home health care services to another individual there.
Disputing COVID-19 Workers Comp Claims
When an employee is presumed to have a compensable claim for COVID-19, the employer may present evidence to rebut the presumption. Types of evidence that may help prove that an employee did not contract COVID-19 on the job include, for example, any measures the employer has in place to reduce potential transmission in the employee’s workplace and any nonoccupational risks of COVID-19 infection the employee may have.
An employer that wishes to dispute an employee’s presumptively compensable claim for COVID-19 must formally reject liability within either 30 days (for claims that do not depend on the existence of an outbreak for the presumption) or 45 days (for claims associated with an outbreak). Otherwise, the employer will be barred from using any already-discovered evidence to dispute the claim.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
OSHA Mitigation and Prevention Guidance for COVID-19
On Jan. 29, 2021, the Occupational Safety and Health Administration (OSHA) issued guidance on mitigating and preventing the spread of COVID-19 in the workplace. The guidance applies to employers and employees in settings outside of the health care industry, and is meant to help them determine appropriate COVID-19 control measures for the workplace. Employers can use this OSHA guidance to plan and evaluate their COVID-19 prevention and mitigation procedures. With this guidance, OSHA strongly recommends that employers implement COVID-19 prevention programs. According to OSHA, the most effective programs engage employees and their union or representatives in the development and planning stages.
COVID-19 Prevention Program
OSHA asserts that the most effective way to mitigate the spread of COVID-19 at work is for employers to implement a workplace prevention program. For this reason, OSHA recommends that employers appoint a workplace coordinator to manage the employer’s COVID-19 response efforts. OSHA’s guidance outlines the following key elements for an effective COVID-19 prevention program and should contain the requirements below.
Hazard Assessments
Employers should complete thorough hazard assessments to identify potential COVID-19 workplace hazards. Employee participation in these assessments will increase the efficiency of this process because employees are the most familiar with the conditions they face. Once hazards are identified, employers should follow the principles of the hierarchy of controls to limit the spread of COVID-19 and implement other safety measures. Acceptable control measures include eliminating the hazard, engineering controls, workplace administrative policies and using personal protective equipment (PPE). Key examples include:
Separating and sending home infected or suspected infected employees from the workplace
Practicing physical distancing in all communal work areas
Installing barriers in areas where physical distancing is not applicable
Requiring the use of face coverings
Improving ventilation, hygiene and sanitation
Policies and Practices
OSHA guidance states that employers must ensure that their employees understand their right to a safe and healthy work environment. Employers should consider the following issues as they develop and implement workplace policies, practices and procedures:
Protecting employees at higher risk: Employers should implement protections for employees who are at a higher risk for severe illness from COVID-19. For example, employees with disabilities may be legally entitled to “reasonable accommodations” that protect them from the risk of contracting COVID-19. In addition, employers should consider reasonable job modifications for employees identified as high-risk, including remote work or working in a less densely occupied, better-ventilated facility.
Communicating effectively with employees: Efficient employer-employee communication systems should be able to track which employees have been informed (and when they were informed) of COVID-19 facts and employer policies, procedures and practices. Employer communications to employees should address:
Basic COVID-19 facts, including how it is spread and the importance of social distancing, use of face coverings and hand hygiene;
A description of workplace policies and procedures implemented to protect employees from COVID-19 hazards; and
The procedure employees must follow and the contact information for the person to address questions or concerns about workplace safety and health issues.
Facilitating employee reporting: Employees should be able to report to their employer, without fear of retaliation, any COVID-19 symptoms, possible exposures or hazards in the workplace. Employers must communicate all policies and procedures implemented for responding to sick and exposed employees in the workplace to employees in a language all employees understand. A best practice is to create and test two-way communication
systems that employees can use to self-report if they are sick or have been exposed and that employers can use to notify employees of exposures and closures.
Training managers and supervisors: Supervisors must be familiar with workplace flexibilities and other human resource policies and procedures.
Isolation or Separation
Employers must instruct employees who have a confirmed case of COVID-19 to stay home, and isolate or quarantine. Similarly, employers should immediately separate employees who appear to have symptoms upon arrival to work or who develop symptoms during their work shift, from other employees, customers and visitors. Employers should also consider sending these employees home and encourage them to seek medical attention.
Employees’ isolation should follow the Centers for Disease Control and Prevention (CDC) isolation and return-to-work guidelines. Please note that some employees may need to stay home and isolate longer than 10 days as recommended by their health care providers.
To the extent possible, employers should make telework or the ability to work in an area isolated from others, available to these employees. If telework or separation options are not possible, employers should allow these employees to use paid sick leave, if available, or consider implementing paid leave policies to reduce the drive for sick employees to report to work, thus lowering the risk of infection for everyone at the workplace. To assist with this decision, the Families First Coronavirus Response Act provides certain employers 100% reimbursement through tax credits if they provide employees with paid sick leave or expanded family and medical leave for specified reasons related to COVID-19 through March 31, 2021.
Sanitation
An area may only be used again once it has been appropriately disinfected. Employers should not allow employees to share objects or tools. However, if sharing is unavoidable, employers should make sure shared equipment, objects and surfaces are cleaned and disinfected between uses. Employers should provide disposable disinfecting supplies so that employees can clean and disinfect commonly used surfaces before each use.
Employers should follow the CDC’s cleaning and disinfection recommendations if someone has been in the facility and is suspected or confirmed to have COVID-19. When cleaning and disinfecting the workplace, employers should consider opening outside doors and windows, as well as blocking off and sanitizing all potentially infected and immediate work areas and equipment. Additional cleaning and disinfection is not necessary if seven or more days have passed since an infected person visited or used the facility. Employees without close contact with a potentially infected person can return to the area immediately after disinfection.
Screening and Testing
Employers should follow state or local guidance and priorities for screening and vital testing at the workplace. Testing in the workplace may be arranged through a company’s occupational health provider or in consultation with the local or state health department.
Employers must inform employees of employer testing requirements and the availability of testing options (if any). The CDC has published strategies for consideration when incorporating viral COVID-19 testing into workplace preparedness, response and control plans.
Please note that screening and performing health checks is not a replacement for other protective measures, such as requiring face coverings and enforcing physical distancing. Asymptomatic individuals or individuals with mild non-specific symptoms may not realize they are infected, and some infections may not be detected during screenings.
Physical Distancing
Employers must implement physical distancing measures in all communal work areas. Physical distancing prevents workers from breathing in airborne particles produced by infected individuals when they stay at least 6 feet away. Employers can strengthen physical distancing measures by reducing the number of people or the density of employees at the workplace. To reduce workplace employee density, employers can implement flexible worksites, work hours, meetings and travel times, or allow employees to work remotely when possible.
In places where physical distancing cannot be practiced, employers should install transparent shields or other solid barriers to separate employees from others. Barriers must block face-to-face pathways between individuals in order to prevent direct transmission of respiratory droplets. When barrier openings are necessary, they should be as small as possible.
Face Coverings
Employers must provide all employees with face coverings. Face coverings must be made of at least two layers of tightly woven breathable fabric, such as cotton, and should not have exhalation valves or vents. However, when an employee’s job tasks require a respirator, employers must follow OSHA’s requirements for respiratory protection.
All individuals must be required to wear a face covering, except for:
Individuals under the age of 2; or
Individuals actively consuming food or beverages on-site.
Hygiene Practices
Employers must promote personal health monitoring and good personal hygiene, including hand-washing and respiratory etiquette. To accomplish this, employers should provide employees with time to wash their hands often or to use hand sanitizer. Posters should be prominently displayed in workplace areas to encourage good hand hygiene and physical distancing.
In addition, employers should ensure that employees, customers and visitors have adequate supplies to frequently clean their hands and cover their coughs and sneezes. Necessary supplies may include, but are not limited to:
Tissues and no-touch trash cans
Soap and warm water at fixed worksites and, if not available, alcohol-based hand sanitizer that’s at least 60% ethanol or 70% isopropanol
Touchless hand sanitizer stations in multiple locations
Ventilation
The CDC has released guidance on ways to improve ventilation and reduce the spread of COVID-19 in buildings. Some of the CDC’s recommendations are based on the American Society of Heating, Refrigerating and Air-Conditioning Engineers (ASHRAE) Guidance for Building Operations During the COVID-19 Pandemic. Some of these recommendations include:
Increasing ventilation rates when possible;
Increasing fresh outdoor air by opening windows and doors;
Using fans to increase effectiveness of open windows;
Checking filters to ensure they are within service life and appropriately installed; and
Considering the use of ultraviolet germicidal irradiation as a supplement to help inactivate SARS-CoV-2, especially if options for increasing room ventilation are limited.
Personal Protective Equipment
When the measures above cannot be implemented or do not protect employees fully, OSHA standards require employers to provide PPE to supplement other engineering or administrative controls.
Employers must determine what PPE is necessary (e.g., respirator, face shield, protective gowns and gloves). When PPE is required, employers must:
Provide necessary PPE at no cost to their employees
Make sure that all PPE is used and provided in accordance with applicable OSHA standards and other industry-specific guidance.
There are times when PPE is not required under OSHA standards or other industry-specific guidance. However, some employees may still have a legal right to PPE as a “reasonable accommodation” under the Americans with Disabilities Act (ADA). In addition, some employees may also want to use PPE if they are concerned about their personal safety.
Recording and Reporting COVID-19
Employers are responsible for recording work-related cases of COVID-19 illness on their OSHA 300 log if the case:
Employers must report a fatality to OSHA if the fatality occurs within 30 days of the work-related incident. For COVID-19 cases, an incident means an exposure to COVID-19 in the workplace. In order for a case of COVID-19 to be reportable, a fatality due to COVID-19 must occur within 30 days of a work-related exposure. The employer must report the fatality within eight hours of knowing both that the employee has died and that the cause of death was a work-related case of COVID-19.
Employers must also report inpatient hospitalizations to OSHA if the hospitalization occurs within 24 hours of the work-related incident. For COVID-19 cases, an incident means an exposure to COVID-19 in the workplace. An inpatient hospitalization due to COVID-19 must occur within 24 hours of a work-related exposure. The employer must report such hospitalization within 24 hours of knowing both that the employee has been hospitalized within 24 hours of a work-related incident and that the cause of the inpatient hospitalization was a work-related case of COVID-19.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
Contact us today 1-209-634-2929 for your comprehensive insurance quote!
Recruiting has never been simple, and the COVID-19 pandemic is complicating matters even more. In this rapidly changing landscape, employers need to adapt if they want to attract and retain quality talent. To better prepare for this task, here are 4 recruiting trends employers should monitor in 2021.
1. Looking Inward for Talent
Recruiting is a challenge at any time, but especially amid the COVID-19 pandemic. During this time, recruiters are suffering from many constraints, chief among them being slim budgets. In fact, 50% of talent professionals expect a smaller budget this year compared to last, according to a LinkedIn survey.
This reality is spurring recruiters to look internally for talent. Year over year, internal mobility has increased 20%, according to LinkedIn. And that’s not a huge surprise, given that upskilling and retraining workers can be more cost efficient than hiring from outside an organization. Employers can expect more recruiters to focus on transferrable skills over task-specific abilities in 2021.
2. Leveraging Technology
The COVID-19 pandemic forced many businesses to work remotely or shut down completely. Even as workplaces reopen, a significant portion will retain remote employees. And recruiters will likely be among them.
In fact, 81% of talent professionals say virtual recruiting will continue even after the pandemic, according to LinkedIn. Notably, 70% of those professionals say virtual recruiting will become the new standard. That’s not entirely shocking, since virtual communication is so commonplace and easily accessible. Employers should expect virtual recruiting to continue in some form and should consider adopting technology that can help expand their efforts.
3. Embracing Diversity
More diverse representation and greater equity were huge issues in 2020, sparking debates across the country. Employers have taken note and many large companies have pledged to do better. Among talent professionals, 77% say diversity will be “very important” to the future of recruiting, according to LinkedIn. That means employers can expect a more concerted effort to diversify workplaces. This may include reducing implicit bias among recruiters and managers and diversifying C-suite positions.
4. Leading by Example
In the same vein as diversification efforts, employers are expected to be more vocal on social issues. Instead of promoting their products on social media, many businesses are discussing how they support their workers and communities, particularly during the COVID-19 pandemic. This helps organizations control how candidates view them, which can affect recruiting efforts. The trend ramped up last year and will likely continue in 2021.
Employers can expect more candidates to look for empathy and clearly defined virtues from their potential workplaces. Promoting these qualities could mean the difference between someone accepting an interview or not. And that fact isn’t lost on employers. Over half of talent professionals (63%) expect employer branding budgets to increase or stay the same, according to LinkedIn. Employers should anticipate more organizations to increase efforts to show—rather than tell—what their companies represent, especially in relation to employee well-being and social issues.
Recruiting Trends in 2021
Recruiting likely won’t get easier in 2021 despite a dramatic increase in unemployment compared to last year. This is due to slim budgets, pandemic constraints and many other reasons. In light of these challenges, employers will need to get creative with their recruiting efforts. Luckily, there are some proven methods for doing just that.
Reach out for more workplace guidance, including attraction and retention tips.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
Contact us today 1-209-634-2929 for your comprehensive insurance quote!
Organizations trust their senior leaders to make important decisions and act with stakeholders’ (e.g., shareholders, customers and employees) best interests in mind. However, in today’s climate of increased corporate accountability, protecting your senior leadership team from directors and officers (D&O) liability exposures can be a significant challenge—making D&O coverage a crucial aspect of your organization’s risk management program. These are the D&O Trends to watch in 2021.
Put simply, D&O insurance can help protect your organization’s senior leaders from the costly consequences of engaging in alleged or actual “wrongful acts” while performing their job duties.
Apart from securing D&O coverage, it’s important to stay up to date on the latest D&O market trends. In doing so, your organization will have the information needed to respond appropriately and make any necessary coverage adjustments. Don’t let your organization fall behind in this evolving risk landscape. Review this guidance to learn more about D&O trends to watch in 2021.
The COVID-19 Pandemicand D&O Trends
The ongoing COVID-19 pandemic has forced many organizations to make serious operational changes—such as conducting office closures, having employees work remotely, halting business travel, conducting furloughs or layoffs, making financial adjustments and altering various workplace procedures to comply with new health and safety standards.
Such changes can carry a wide range of D&O exposures, seeing as there is the potential for organizational stakeholders to allege that your senior leadership team committed wrongful acts in the process of making these workplace changes. On the other hand, a lack of such changes within your organization can also cause D&O liability concerns, as stakeholders could allege that your senior leaders were negligent and failed to respond appropriately to COVID-19. These types of allegations have become increasingly prevalent in the form of class-action lawsuits.
With this in mind, it’s crucial to work closely with senior leadership to identify any organizational risks that may arise from the pandemic and determine a course of action that prioritizes the needs of your stakeholders. In addition, any workplace adjustments related to COVID-19 should be diligently evaluated prior to implementation to ensure regulatory compliance and minimize legal or financial fallout. Further, organizational procedures should be closely monitored and updated as needed to reflect frequently changing federal, state and local COVID-19 requirements.
Insolvency Issues
The global recession caused by the COVID-19 pandemic has led to major financial disruption for many organizations. These economic struggles have resulted in a wide range of employers going bankrupt or experiencing insolvency issues.
Insolvency is a key contributor to D&O claims for both publicly and privately held organizations. Insolvency-related claims can result from stakeholders alleging that senior leaders failed to properly plan for financial disruption or did not respond correctly to prolonged periods of reduced revenue, ultimately putting the senior leadership team at fault for the financial hardship.
That being said, as this economic downturn continues, it’s important for your senior leaders to follow safe and secure financial practices (e.g., timely payments, educated investments, accurate documentation and reasonable reimbursement procedures), as well as be transparent with stakeholders about your organization’s economic state to avoid misrepresentation concerns.
Cybersecurity
As workplace technology continues to advance, so do the tactics of cybercriminals. What’s more, the growing number of employees working remotely due to the COVID-19 pandemic has resulted in additional cyber exposures for organizations.
When cyberattacks occur, costly consequences can often lead to D&O claims. Specifically, stakeholders affected by a cyberattack may allege that your senior leadership team failed to properly address cybersecurity threats or establish a plan for responding to an attack.
To reduce the likelihood of such claims occurring, it’s crucial for your senior leadership team to be actively involved in monitoring your organization’s unique cyber risks, implementing proper cybersecurity practices to help prevent potential attacks (especially in the realm of remote work arrangements), ensuring compliance with all applicable data security standards and establishing an effective cyber incident response plan to minimize any damages in the event of an attack.
ESG Concerns
Various environmental, social and governance (ESG) topics have also impacted the D&O market in recent years. In the realm of environmental concerns, a cultural shift regarding the pressing issue of climate change—evidenced by a continued surge in natural disasters worldwide (e.g., earthquakes, wildfires and hurricanes)—has resulted in an increased demand on organizations across industry lines to “go green,” thus holding senior leaders accountable for ensuring eco-friendly operations. This shift also led to a rise in environmental legislation and enforcement from governing bodies, making it all the more vital for your senior leadership team to take steps to reduce your organization’s carbon footprint.
Several social movements have recently led to an increase in lawsuits and claims against senior leaders as well, including the #MeToo movement and the Black Lives Matter movement.
The #MeToo movement is an anti-sexual harassment campaign that was originally founded in 2006 and has gained significant social media attention since 2017. The movement has contributed to a sharp rise in D&O litigation, as employees and other stakeholders have come forward to allege that organizations’ senior leaders engaged in sexual harassment or acted negligently in their response to other allegations of sexual harassment. Such litigation emphasizes the importance of enforcing a zero-tolerance policy on sexual harassment, taking any reports of such behavior seriously and requiring your senior leadership team to participate in routine sexual harassment awareness training.
The Black Lives Matter movement—which is a racial justice campaign that was originally founded in 2013 and resurged in 2020 in the form of nationwide protests—has also begun making a major impact on the D&O market. Since its resurgence, the movement has caused organizational stakeholders to call out senior leaders on their alleged failures to promote equality and inclusion in the workplace, as well as ask for greater racial diversity among senior leadership teams. This movement makes it increasingly critical for you to work closely with your senior leaders to foster an inclusive workplace and ensure diverse representation within your leadership team.
Derivative Claims
Although D&O claims in general have soared in the past decade, one form of claim in particular—known as a derivative claim—has become increasingly prevalent.
In such a claim, one or more of your shareholders will file a lawsuit on behalf of your organization against a specific individual (or several individuals) on your senior leadership team rather than the whole team or board. Derivative claims are often caused by “event-driven” lawsuits, in which shareholders allege that particular members of your senior leadership team failed to act accordingly in the midst of large-scale disasters or trends—such as the COVID-19 pandemic, cybersecurity breaches, climate change and social movements.
In addition to derivative claim frequency, these lawsuits are also more prone to “mega claim” status, resulting in settlements of $100 million or more. Because derivative claims are often so costly and typically non-indemnifiable, it’s crucial to ensure that your D&O policy contains adequate Side A insurance. This form of coverage can insure individual senior leaders against losses that your organization is not legally or financially able to indemnify, thus protecting the personal assets of your senior leadership team.
The Hard Market
Lastly, several factors—namely, the occurrence of various large-scale disasters accompanied by a subsequent increase in both D&O claim frequency and cost—have contributed to the continued hard insurance market.
In this hard market, employers like you may experience a more difficult renewal process by way of increased D&O insurance premiums, lowered capacity, and more stringent policy requirements or restrictions—especially as it pertains to high-demand coverage elements, such as Side A insurance.
Nevertheless, these market conditions should not discourage you from securing adequate insurance for your organization. After all, keeping your organization (and its senior leaders) properly protected from potential losses is well worth the cost.
We’re Here to Help
You don’t have to respond to this changing risk landscape alone. We’re here to help you navigate these D&O Trends with ease. For additional coverage guidance and solutions, contact us today.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
According to a recent report from the Information Systems Audit and Control Association (ISACA), cyberattacks currently reign as the fastest growing form of crime. In addition to security and reputational repercussions, these attacks can often cause significant financial disruption—with global cybercrime costs estimated to reach a startling $6 trillion during 2021. The Top Cybersecurity Takeaways from 2020 are listed below.
No organizations are immune to cyberattacks. In fact, over half (53%) of respondents from ISACA’s report expect to experience a cyberattack within the coming year. With this in mind, it’s important to review top cyber trends from the last 12 months and respond accordingly to ensure your organization remains safe and secure in 2021. Here are some of the most common cyber concerns from 2020, as well as best practices for avoiding them:
Social engineering—Cybercriminals implement social engineering scams to manipulate their victims into sharing sensitive information. This manipulation usually occurs in the form of impersonating an individual or organization that the victim trusts, thus making the victim feel falsely comfortable with providing their information. While these scams can happen via text, phone call or email, the latter method (also known as phishing) is the most popular. To keep these scams from wreaking havoc on your organization, instruct staff to always verify the identity of the individual or organization they are communicating with and be wary of sharing any sensitive information over the phone or online.
Ransomware—Ransomware is a type of malicious software that cybercriminals use to compromise a device (or multiple devices) and demand a large payment be made before restoring the technology for the victim. Since ransomware often appears in the form of deceptive links or attachments, encourage employees to never click on suspicious links or download attachments from unknown senders.
Software update issues—Although conducting routine software updates may seem like an arbitrary act, it can make all the difference in protecting your organization. Failing to update your software regularly can create major cybersecurity gaps, making it easier for cybercriminals to infiltrate your systems. That being said, keep staff on a strict update schedule, and consider using a patch management system to further assist with updates.
Cybersecurity Takeaways: The Importance of Promoting Strong Passwords
Cyberattack methods continue to grow and evolve over time. One specific tactic that cybercriminals frequently utilize is hacking victims’ accounts or devices by cracking their passwords.
This tactic is often all too easy for cybercriminals when their targets fail to create strong enough passwords to ward off password-cracking technology or—in some cases—simple guesses.
Nevertheless, cybersecurity experts confirm that establishing an effective password can increase the amount of time it would take for a cybercriminal to hack into an account or device from just a few hours to several years.
Taking this into consideration, password strength should be a top priority across your organization. Encourage your employees to create proper passwords with this guidance:
Focus on length—Choose a password that’s eight to 16 characters long.
Make it unique—Use at least two special characters within your password. Don’t use family or pet names, special dates or common phrases as your password.
Switch it up—Remember to change your password every 30-45 days.
Refrain from recycling—Never reuse or repeat a password across devices or accounts.
Cybersecurity Takeaways: How to Prevent a Malware Attack
Malware is a form of malicious software that cybercriminals deploy via unsafe links, downloaded attachments or other virus-ridden programs with the intention of disrupting normal computing operations, collecting sensitive information and controlling your organization’s technology system resources. Malware programs are being produced at an alarming rate and are consistently changing in form and purpose, making detection and prevention increasingly difficult for organizations across industry lines.
According to recent research, nearly 980 million (and counting) malware programs currently exist, while 350,000 new pieces of malware are discovered each day. What’s worse, an estimated four companies are targeted by a malware attack every minute.
Consider the following guidance to help prevent malware attacks:
Secure your systems—Take steps to protect your organizational devices from potential malware exposures. This may entail:
Using a virtual private network (VPN) for all internet-based activities (e.g., browsing and sending emails)
Installing (and regularly updating) antivirus software on all devices
Implementing a firewall to block cybercriminals from accessing your organization’s VPN
Restricting employees’ access to websites that aren’t secure
Limiting which employees receive administrative controls to prevent inexperienced staff from mistakenly downloading a malicious program
Educate your employees—Next, be sure to train your employees on how to prevent and respond to a malware attack. Give your staff these tips:
Avoid opening or responding to emails from individuals or organizations you don’t know. If an email claims to be from a trusted source, be sure to verify their identity by double-checking the address.
Never click on suspicious links or pop-ups—whether they’re in an email or on a website. Similarly, avoid downloading attachments or software programs from unknown sources or locations.
Only browse safe and secure websites on organizational devices. Refrain from using workplace devices for personal browsing.
If you suspect a malware attack, contact your manager or the IT department immediately for further guidance.
Ensure adequate coverage—Lastly, it’s crucial to secure proper insurance coverage to stay protected in the event of a cyberattack. After all, even with proper cybersecurity measures in place, attacks can still occur.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
Encouraging remote work has become a new normal for a variety of reasons. Whether it is to reduce costs of operating a physical place of business, address pandemic reasons or allow employees to have a better work-life balance, more and more workers are working from home. However, many organizations are not aware of how the Occupational Safety and Health Administration (OSHA) oversees injuries that occur at an employee’s home. OSHA has provided guidance on how to deal with remote worker injuries and inspections.
Home Offices vs. Home-based Worksites
To start, it is important to distinguish home offices from home-based worksites for the purposes of OSHA inspections. Home offices are where an employee engages in office work activities. This consists of activities that use office equipment like computers and telephones.
In contrast, a home-based worksite is an area of an employee’s personal residence where the employee performs work of the employer (e.g., home manufacturing operations such as industrial sewing or woodworking).
The difference between the two is that one consists of office work and the other involves using an area of the home for employees to perform the work of the employer. This is important because the difference determines whether OSHA will perform an inspection.
OSHA Inspection Guidance for Remote Workers
OSHA has policies for both home offices and home-based worksites. The policy for home offices is that OSHA will not conduct inspections of an employee’s home office or hold employers liable for employees’ home offices. OSHA has never conducted inspections of home offices, but it will with certain types of home-based worksites that are dangerous or hazardous.
OSHA will only conduct inspections of other home-based worksites if it receives a complaint or referral that indicates one of the following:
There is a violation of a safety or health standard that threatens physical harm.
Imminent danger exists (including reports of a work-related fatality).
The inspection is limited only to the employee’s work activities since OSHA regulations do not apply to an employee’s house. For example, if a cabinet manufacturer sends home wood cutting tools for their employee to use for building cabinetry remotely, the inspection would be limited to the area in which the employee is working and would include the tools that were being used.
It is important for you to note as an employer that, in these situations, you are responsible for any hazards caused by materials, equipment or work processes that you provide or require to be used in the employee’s home.
If an inspection does occur, OSHA regulations will apply as they normally would, and the inspection process will be completed according to the standards—except what has been modified by the OSHA guidance for worksites in employees’ homes.
OSHA Liabilities for Remote Workers: Injury and Illness Tracking
Under OSHA, there are injury and illness recordkeeping requirements. An injury or illness that occurs while the employee is working from home is considered a work-related injury or illness if it directly relates to the activities of the job rather than the activities in the home environment. An injury is recordable if it is a work-related:
Fatality
Injury or illness that results in the loss of consciousness, days away from work, restricted work or transfer to another job
Injury or illness requiring medical treatment beyond first aid
Needlestick or sharps injury, medical removal, hearing loss or tuberculosis
Employers must record work-related injuries that occur at home on the OSHA 300 logs like they would if employees were on-site and injured.
An example of a non-work-related injury is if an employee runs to pick up the work phone during work hours and trips, which results in an injury to the employee. Another example is when an employee hears their child crying, gets up to tend to their child and is injured in the process. Although both injuries occurred during work, they did not directly relate to the performance of the job. They occurred due to the general home environment.
While OSHA is not entering homes for inspections for home office complaints, you will still need to keep a record of those injuries or illnesses that are considered OSHA recordables. This will cause an increase in your incident rate that can be compared to industry standards under the North American Industry Classification System (NAICS). If your incident rate is high for the industry average, your organization can be flagged, alerting OSHA that there is an issue with your safety program. A high incident rate could likely initiate an audit at your facility.
Being Proactive
You can decrease the risk of recordable OSHA injuries by being proactive. Reducing these recordable injuries will lower your incident rate.
You should have a remote worker policy drafted and implemented so there is documentation of your expectations as an employer. The policy should define job tasks for each job description. This provides guidance to those working from home. It also helps provide documentation that may be needed to rebut a complaint from OSHA.
Job descriptions provide detailed information of what an employee should be doing for their job tasks. This is helpful because, if an employee is injured while performing an activity that is not within the job description, it does not have to be documented on the OSHA 300 logs.
You should also provide materials to assist employees in setting up their home office. Assisting employees with the setup of their home office to prevent any ergonomic issues is one way to reduce the risk of a remote office injury. This can be done by providing information to employees on:
How to set up their workstations
Proper posture
How often to take breaks
Stretches they can use during their shift
How exercise can help prevent injuries
A way to monitor the employee’s participation with proper setup of their workstation is to participate in virtual meetings where the employee can show the employer their workstation. This can be done by using a mobile webcam. Another option is to require employees to perform at home office inspections themselves (like a mini audit of their workstations) and have them submit them to you for review.
By providing training and assistance to your employees, it can help reduce the risk of having an OSHA recordable injury. Getting creative to drive safety initiatives without overstepping privacy boundaries of a person’s home can be challenging, but ultimately can be done. It can help prevent OSHA inspections and costly injuries, and reduce incident rates.
For more risk management guidance, contact GDI Insurance Agency, Inc. today.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
We use cookies to optimize our website and our service.
Functional cookies
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
