3D Printing Offers New Risk Challenges
As commercial 3D printing advances from occasional to routine use, the product liability landscape will shift around it. Defective and counterfeit product exposures, among others, will arise for all participants along the manufacturing continuum, industry experts said.
In an adverse incident, said Rob Gaus, product risk leader, Marsh, liability will be apportioned among participants in the manufacturing and distribution stream: product manufacturer, printer manufacturer, software designer, feedstock supplier, distributor (especially if it modifies the product) and retailer (if the manufacturer is not well capitalized). No case law exists yet.
In 3D printing, a computer sends the software containing a product design to one or more printers, which builds the product, layer by layer, from many kinds of materials — plastics, metals, drugs, paints and even human tissue.
David Carlson, U.S. manufacturing and automotive practice leader, Marsh, said 3D-printed products are treated the same as any other new operation that poses new risks.
Underwriters and brokers must first assess the company’s risk management profile and risk appetite. When production, research and development teams look at technology, “they should loop in risk management. Risk management should be part of the continuum, or the company could get into sticky situations.”
The emerging risks include unregulated manufacturing, said Mark Schonfeld, a partner at Burns & Levinson LLP in Boston specializing in business and intellectual property law.
If 3D printing enables production of, say, just 100 hip implants or 100 hearing aids, such work will generally take place outside of a traditional mass-production factory, which is subject to government regulation and inspection.
“Insurance companies like FDA oversight of manufacturing because it makes products safer and helps identify responsibility when things go wrong,” Schonfeld said.
To protect themselves and their clients, Schonfeld advises insurers to keep abreast of technological developments, consult with a creative and knowledgeable attorney about how to address liability exposure, and adjust existing policies to be fair to consumers and prevent injury to the insurance company.
3D printing also raises the risk of counterfeit products, said Peter Dion, line of business director-product liability, Zurich Insurance. The digital “recipe” in the software design, and is vulnerable to capture, he said.
Although there is no encryption mechanism for the software, one solution might be to transfer the digital file in pieces only as they are needed by the printer to prevent capture of the entire design signature, Dion said.
Manufacturers have always struggled with counterfeit products, but 3D printing magnifies the risks because it can slash the time from product development to market-ready product to a matter of hours and requires no molds or prototypes. “Hackers can take the proprietary blueprint or software, send it to a third-world country, and have the product ready for market tomorrow,” said Carlson. “That’s a business disruption issue. Counterfeiters can put a company out of business.”
Drug manufacturers may subvert counterfeiters by adding tracer elements and watermarks to their formulations, which protects their reputations, profits and public health. “If the counterfeiters get the recipe wrong, they might not produce high-quality drugs for public consumption,” Carlson said.
Other manufacturers can also use watermarks and digital rights management (DRM) software to prevent file sharing. Still, Carlson said, counterfeiting is an old problem. “Bad guys have always exploited new technologies for their personal gain.”
The materials used by manufacturers present a greater potential loss exposure than the 3D printer itself, said Dion, noting that it is just another piece of equipment, like a pencil or a lathe.
For example, if a 3D printer is used to replicate a cupcake, the manufacturer should be as careful of contaminants in the mix as traditional bakers need to be. “When 3D printer manufacturers purchase materials from suppliers, they need to perform due diligence on their supplier’s products also.”
Out of Control in the Driver’s Seat
You’re tooling down the highway when suddenly your car’s A/C turns on to full blast. Then the radio fires up and switches to a Hip-Hop station.
You’re startled when the wipers turn on, wiper fluid obscuring your view of the road for a moment.
You’re frantically trying to turn it all off when your car loses power completely, leaving you stranded on a busy stretch of road with no shoulder, a semi closing in fast from behind you.
That sounds a little a scene from a spy thriller or maybe even the “X-Files,” but it happened to the driver of a 2014 Jeep Cherokee as researchers Charlie Miller and Chris Valasek hacked into and took control of it.
The duo found a way to hack in wirelessly, exploiting a widely used onboard entertainment system to take over a vehicle’s dashboard functions, brakes, steering and transmission.
Miller and Valasek first made headlines in 2013, when they publicized their success hacking into Ford and Toyota models. At that time, they only managed to accomplish the attacks while their PC was plugged into the vehicles’ diagnostic ports.
Only two years later, the duo found a way to hack in wirelessly, exploiting a widely used onboard entertainment system to take over a vehicle’s dashboard functions, brakes, steering and transmission.
They found they could do it from absolutely anywhere, so long as they had an internet connection. Most disturbing of all, they identified a loophole that could be used to attack multiple cars at once — creating a wirelessly controlled automotive botnet encompassing hundreds of thousands of vehicles.
The team published part of the project online and later demonstrated their “progress” at the 2015 Black Hat conference.
Without question, the more technologically sophisticated and connected vehicles become, the more vulnerable they get.
After Miller and Valasek published their results, Fiat Chrysler issued a recall for 1.4 million vehicles affected by the vulnerability exploited by the team. The automotive industry has been on high alert ever since, even while they simultaneously boast about models equipped with more and better technology.
Without question, the more technologically sophisticated and connected vehicles become, the more vulnerable they get. The push toward autonomous vehicles will only increase those vulnerabilities.
“We are a long way from securing the non-autonomous vehicles, let alone the autonomous ones,” said Stefan Savage, a computer science professor at the University of California, San Diego, during an Enigma security conference early this year.
Autonomous isn’t necessarily synonymous with “connected,” however, even for early entrants to the commercial autonomous vehicle space.
Daimler’s Freightliner Inspiration, the world’s first road-ready self-driving truck, “doesn’t rely on ‘connectivity’ or wireless communication to/from the outside world to drive itself,” said Dan Holden, manager of corporate risk and insurance for Daimler Trucks North America.
“Rather, the system is self-contained, meaning it uses production cameras and radars as inputs to determine the vehicle position and keep it centered in its lane. Therefore the Inspiration truck is as secure from a cyber perspective as production vehicles today.”
More Frightening Than Fiction
Until cyber vulnerabilities can be addressed, it doesn’t take a broad stretch of the imagination to see what the future implications could be for this type of attack. Consider a few scenarios:
- The vehicle of a courier transporting sensitive documents is disabled in a remote location, where armed thieves are waiting to steal the documents.
- A high-level executive receives a message alerting him that ransomers have control of his teen daughter’s car — with her in it — and will drive it off of a bridge if he doesn’t pay $10 million in Bitcoin.
- A ring of thieves finds a way into the systems of a trucking fleet’s rigs through its onboard camera system, enabling it to stop the trucks remotely so teams can hijack the cargo.
- An extreme hactivist group decides to “brick” every car in Los Angeles, disrupting businesses and lives until its demands are met.
- An attacker hacking into a commercial truck’s system disables the brakes, sending the truck careening into a school bus in the middle of an intersection.
Keep in mind that even less extreme types of hacking could create vulnerabilities for both individuals and businesses.
Miller and Valasek proved their ability to wirelessly hack a vehicle for surveillance, tracking GPS coordinates, measuring speed, and tracing routes. When a vehicle’s onboard systems are connected to the driver’s smartphone, the smartphone is also at risk for attack, and any data stored in it is fair game, including passwords and credit card information.
Government and Industry Respond
Miller and Valasek’s work is part of what inspired the drafting of an automotive security bill introduced last year. The Security and Privacy In Your Car Act (the SPY Car Act) would require cars sold in the U.S. to meet certain standards of protection against digital attacks and privacy.
The bill’s creators surveyed 20 carmakers and discovered that only seven used independent security testing to check their vehicles’ security, and only two had tools in place to stop a hacker intrusion.
Several Japanese companies are working on automotive cyber security technology.
In March, the FBI, along with the Department of Transportation and the National Highway Traffic and Safety Administration, published an advisory on the realities of hackable vehicles and making recommendations to increase security.
Several Japanese companies are working on automotive cyber security technology. Panasonic is developing a device that can detect unauthorized network signals and cancel them out. Fujitsu Laboratories and a researcher from Yokohama National University are developing technology that detect an attack, notify the driver, and encrypt signals to allow the vehicle to be stopped safely.
However these technologies are still five years away from commercial availability, as are fully encrypted next-generation automotive networks.
Transportation companies, their clients and every organization with a fleet of its own should be asking questions about the security of the vehicles that are used in the course of their daily operations — and whether they have cover that will respond if their vehicles fall prey to cyber tampering.
“Having insurance coverage in place that would address bodily injury and property damage is something companies should seriously consider as this risk matures,” said William A. Boeck, senior vice president. and insurance and claims counsel for Lockton’s cyber risk practice.
To Better Control Total Workers Comp Costs, Manage Physical Medicine
Soaring drug prices get all the attention in the workers comp space. Meanwhile, another threat has flown under the radar.
More than 50 percent of lost time workers compensation claims involve physical medicine — an umbrella term encompassing physical therapy, occupational therapy, work conditioning, work hardening and functional capacity evaluation.
Spending on physical medicine accounts for 20 to 30 percent of total workers compensation medical costs, a percentage set only to increase in the coming years. Despite the rapid growth of this expense, very few employers are engaged in discussions around how best to manage it.
“Now is the time to take a look at physical medicine and think about how it impacts total cost of risk,” said Frank Radack, Vice President & Manager, Liberty Mutual Insurance, Commercial Insurance – Claims Managed Care. “Employers should investigate comprehensive solutions to keep costs manageable and to deliver quality, evidence-based care to injured employees.”
Liberty Mutual’s Frank Radack defines physical medicine and why it is so important in managing total workers compensation costs.
Upswings in both pure cost and utilization of physical medicine are driving the spending surge. State fee schedule changes are largely responsible for increases in cost. California, for example, has increased the cost of physical medicine services by 38 percent over the past two years, and will increase it a total of 64 percent by the end of 2017. North Carolina changed its approach to its fee schedule effective June 1, 2015, resulting in an almost 45 percent increase in the cost of the average physical therapy visit.
Increased utilization compounds rising prices. Low severity claims like soft tissue injuries typically involve physical therapy, especially when co-morbid conditions threaten to slow down recovery.
“When co-morbids are present, like obesity, more conditioning is necessary for recovery from injury,” Radack said. “With people staying in the workforce longer, we see these claims more often because these types of injuries and co-morbid conditions become more common as people age.”
De-emphasis on surgery also bolsters physical therapy prescribing as patients seek less invasive treatments that might enable a faster return to work, even in a light or transitional duty role. Sometimes, patients with a minor injury might seek out physical therapy on their own as a precaution after an injury or under the mistaken belief it will hasten recovery, even if evidence-based guidelines don’t call for it in every treatment plan.
“Now is the time to take a look at physical medicine and think about how it impacts total cost of risk. Employers should investigate comprehensive solutions to keep costs manageable and to deliver quality, evidence-based care to injured employees.”
–Frank Radack, Vice President & Manager, Liberty Mutual Insurance, Commercial Insurance – Claims Managed Care
“Without proper claims management procedures, some physicians might be inclined to prescribe physical therapy as a palliative measure, even when it doesn’t provide much benefit to the patient,” Radack said.
Brokers and buyers may not be able to do much about fee schedule changes, but they can partner with an insurer that better manages utilization through a multi-faceted claims system, qualified network vendors, data analytics, and peer interventions.
The keys to better managing the soaring cost of physical medicine.
“There is an opportunity to move physical medicine spending into network solutions and partnerships,” Radack said. A strong, collaborative network is key to maintaining direction over treatment decisions.
Liberty Mutual uses a proprietary data analytics program to study its providers’ prescribing and referral patterns and their outcomes. It then builds a network of point-of-entry general practitioners with a proven track record of optimal outcomes.
“The treating physician is a gatekeeper to other services, so it’s important to start there in terms of establishing a plan and making sure evidence based guidelines are followed,” Radack said.
Radack and his team use similar data analysis and partnerships to deploy networks pertaining only to physical medicine, so it can identify physical therapists who understand the occupational space and are focused on effective Return-to-Work (RTW). A provider who doesn’t understand RTW, or even know that the employer of an injured worker has a modified RTW program, may over-utilize PT. Getting employees with soft tissue injuries back into the work place is critical for delivering the best possible medical outcome and a timely recovery.
These therapists know the value of adjusting a treatment plan based on a patient’s progress, which often cuts unnecessary appointments and therapies.
“Our data analytics program is built internally by people who are aligned with the claims organization,” Radack said. “These insights drive our ability to shape networks and direct injured workers to providers with proven outcomes.”
Peer-to-peer interventions also play a big role in adjusting provider behavior and ensuring adherence to evidence-based guidelines. Liberty Mutual’s in house regional medical directors can bring their expertise to bear on challenging claims and discuss how to redirect treatment to meet these guidelines. Liberty Mutual also partners with experts to build networks of physical medicine and physical therapy providers who deliver quality outcomes cost-effectively and to asses a patient’s progress, working with providers to identify and resolve treatment issues.
Sharing information and measuring performance in these settings helps to change the environment around physical medical care. For example, interventions that steer physical therapists back to established, evidence-based medical treatment guidelines often reduce the use of passive therapy treatments, like hot and cold packs, which are not as effective and can slow down recovery.
“Active therapies that get people moving often help them get them back to work faster and at a lower cost,” Radack said. Utilization review also helps to identify unnecessary treatments and signals the insurer to communicate evidenced-based expectations with the therapist or prescribing physician.
Solutions in Action
Physical therapy offers great value in spite of rising prices — but only if it’s managed carefully.
An example of the benefits of managing physical medicine.
Take for example the case of a worker with a shoulder injury. In an unmanaged situation, a physical therapist may prescribe 12 appointments, and the injured worker will go through all 12 sessions with no pre-approval of the treatment plan and no interim checkup.
In a managed situation, the physical therapist may only prescribe eight sessions, because she understands the benefits of a faster return to work and sees that guidelines don’t dictate a full 12 sessions for this injury. Halfway through the eight sessions, she checks in on the patient’s progress and determines that only two more sessions are necessary given the recovery and the medical guidelines; and so adjusts the treatment plan to a total of six sessions.
In this scenario, managed care saves the cost of six sessions over the unmanaged situation, and the employee gets back to work faster with a healthy shoulder.
Ultimately, workers comp buyers can achieve cost savings by making treatment decisions that optimize patient outcomes, rather than cut pure cost. To achieve that, every player — point-of-entry physicians, physical therapists, medical directors, claims managers and patients — need to shoot for the common goal of shortening recovery time by following evidence-based medical guidelines.
“When medical experts and network vendors work in concert with each other, along with data analytics and research to back them up, we can drive down utilization while improving outcomes,” Radack said. “All of these working parts together are the solution to managing physical medicine costs.”
To learn more about Liberty Mutual’s Workers Compensation solutions, visit https://www.libertymutualgroup.com/business-insurance/business-insurance-coverages/workers-compensation
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Liberty Mutual Insurance. The editorial staff of Risk & Insurance had no role in its preparation.