The best articles from around the web and R&I, handpicked by R&I editors.
Workers' Comp news and insights as well as columns and features from R&I.
Update on new scenarios as well as upcoming Risk Scenarios Live! events.

Katie Kuehner-Hebert

Katie Kuehner-Hebert is a freelance writer based in California. She has more than two decades of journalism experience and expertise in financial writing. She can be reached at

2014 Risk All Star: David Hershey

Standing up for Insureds

In 2009, commercial property insurers collectively decided that they were no longer obligated to notify certificate holders or other designated insured third parties that policies naming them as insureds had been cancelled or not renewed.

That did not sit well with David Hershey, risk manager at Sprague Operating Resources in Portsmouth, N.H., who needed to know the insurance status of hundreds of vendors, partners and suppliers coming onto the premises of the company’s busy oil and gas terminals and other facilities that are open around the clock.

David Hershey, risk manager, Sprague Operating Resources

David Hershey, risk manager, Sprague Operating Resources

First, Hershey and his team reminded Sprague’s vendors, suppliers and customers of their contractual obligations to have their insurer notify Sprague of any cancellation of a policy on which it was a named insured or certificate holder, or else they wouldn’t be allowed to enter Sprague’s facilities.

But simply putting the onus on those business partners and customers was not enough. Hershey created another full-time position, a risk management compliance coordinator, to help vendors and suppliers obtain policy endorsements from their carriers, restoring the insurers’ obligation to provide notice of cancellation within 30 days.

Doing so also required extensive work with insurance agents, brokers and underwriters.

Since then, Sprague has received roughly 80 sample endorsements from various insurance companies reinstating the insurer’s notice obligation.


“This allows us to either maintain or raise our self-insured retentions in the absence of knowing whether or not individual firms that come on our property have current compliant insurance,” Hershey said.

“We would have to have lower deductibles or self-insure retentions in order to compensate for that deficiency.”

Hershey said that many insurance agents try to negotiate the notice of cancellation provision out of contracts, but “that’s easier said than done.” He reviews roughly 35 contacts a week, and the vast majority contain such notices.

“Commerce is not in business to justify the insurance industry, insurers, agents and brokers,” Hershey said.

“They are there to facilitate commerce, not to manage it to suit their own perceived business risks.”

Hershey’s “insistence” on the notice of cancellation certainly brought more focus and attention to this issue, and now brokers and carriers know that they must insure their clients’ policies are properly endorsed “to meet a very necessary and important requirement of our contracts,” said Jaime Michaud, who was hired as Sprague’s risk management compliance coordinator.

Moreover, Hershey has been helpful in pointing out common exclusions to some insurers’ existing notice of cancellation endorsements, such as notice of cancellation for non-payment, she said.


“Making sure that the notice of cancellation requirement is enforced has afforded a higher percentage of security for our company should a loss occur,” Michaud said.

Ronnie Mordan, director of marketing at Anderson Kill P.C. in New York City, said that Hershey “employs a practical approach to problem-solving.”

“His experience in risk and insurance is particularly evident in his ‘plain English’ approach to presenting on the sometimes complex topics of environmental insurance, policy language, and risk management,” Mordan said.

Responsibility Leader

David is also being recognized as a 2014 Responsibility Leader.

Making a Difference

David Hershey is a prolific speaker and writer on risk management topics. The list of industry awards he has won and industry leadership positions he occupies runs longer than most restaurant menus.

He has also volunteered his creativity and passion about risk management by serving on the External Affairs Committee and Standards & Practices Committee of the national RIMS organization.He serves as a board member, president, vice president, and committee member — both now and in the past — for the New Hampshire chapter of the CPCU, the Massachusetts and Delaware Valley chapters of RIMS, the Philadelphia Area Risk Managers Association, the Governor’s Council on Insurance Fraud, and the Association of Certified Fraud Examiners.

Sharing his knowledge with others, Hershey taught classes for the Insurance Society of Philadelphia and the Independent Insurance Agents & Brokers of New Hampshire.

In challenging insurance carriers to restore their obligation to inform named insureds when a policy is cancelled — and establishing a process to make sure his company was protected — Hershey made a difference to countless others in the risk management community, not just himself or his company.

“Notification is one of the core concepts of risk management,” he rightly noted.


350px_allstarRisk All Stars stand out from their peers by overcoming challenges through exceptional problem solving, creativity, perseverance and/or passion.

See the complete list of 2014 Risk All Stars.

Responsibility Leaders overcome obstacles by doing the right thing over the easy thing to find  practical solutions that benefit their co-workers and community.

Read more about the 2014 Responsibility Leaders.

Share this article:

2014 Risk All Star: Thomas Dunbar

Protecting His Company

Few, if any, risk managers actually want to simulate a distributed denial of service or persistent attack on their computer systems, but Thomas Dunbar at XL Group plc in Stamford, Conn., wanted to see how his internal staff and outside vendors would react.

After all, the cyber risk insurer has to set an example of online security best practices.

Thomas Dunbar, chief information risk  management, XL Group

Thomas Dunbar, chief information risk officer, XL Group

Dunbar, XL’s chief information risk officer, contracted with Secure Network Technologies in Syracuse, N.Y., to conduct a DDoS attack against the firm’s externally facing websites, unbeknownst to XL’s internal security team and service provider.

Dunbar also had Secure simulate an advanced persistent attack, in which it entered and quietly remained within XL’s systems to conduct a “reconnaissance” on any vulnerabilities that could be exploited to gain access to customer information or proprietary data.

“It’s good to run these tests for a longer period of time, because infrastructure might change when we deploy a new business application or launch a new line of business,” Dunbar said. “We can see how our network and colleagues react to the changes and determine the prolonged strength of the program.”


Secure’s Chief Executive Officer Steve Stasiukonis said that Dunbar doesn’t just want to protect the company, he also wants to understand “the enemy to the Nth degree.”

“In all of the years that I’ve worked with companies, nobody ever really wants to simulate a DDoS attack to understand their weaknesses, but him,” Stasiukonis said. “Tom is a pioneer — he wants to see how his people will really react.”

Dunbar leads a six-person cyber risk team that works with XL’s business units and information technology department to identify and remediate cyber risks.

To combat identified threats and vulnerabilities, they have built a strong technological structure that monitors, prevents, detects and responds to security events.

They have deployed an advanced data loss protection infrastructure to ensure that XL’s data — particularly confidential customer information — are contained within the XL network.

“These tools have really resonated with our colleagues and have clearly raised the level of XL’s cyber security awareness and preparedness.” — Jacob D. Rosengarten, executive vice president and chief enterprise risk officer, XL Group

Overall, Dunbar has taken “a very holistic approach” toward minimizing cyber attacks, said Jacob D. Rosengarten, XL’s executive vice president and chief enterprise risk officer.

For example, Dunbar and his team have taken a leadership role in educating XL’s employees about cyber security “by harnessing innovative and creative communications media that capture the imagination” — whether through posters in lunchrooms, short webinars or contests that test password security, Rosengarten said.


“These tools have really resonated with our colleagues and have clearly raised the level of XL’s cyber security awareness and preparedness,” he said.

Dunbar said his team focuses on education to drive behavioral change, as employees are often “the weakest link.”

“We encourage people to use the ‘see something, say something’ philosophy,” Dunbar said. “We want them to speak up if they see something strange in their email inbox, or if they see something unusual going on in the system, and to also give feedback to make security stronger.”

“We want to make our colleagues one of the strongest links,” Dunbar said.


350px_allstarRisk All Stars stand out from their peers by overcoming challenges through exceptional problem solving, creativity, perseverance and/or passion.

See the complete list of 2014 Risk All Stars.

Share this article:

2014 Risk All Star: Tim Davidson

No Injured Worker Left Behind

Tim Davidson thought his employer’s manual return-to-work program could be administered much better, as scores of injured workers “just got lost in the paper trail,” never returning to full duty.


Tim Davidson, assistant vice president of loss prevention, corporate safety and security officer, IASIS Healthcare

Davidson, assistant vice president of loss prevention, corporate safety and security officer at IASIS Healthcare in Franklin, Tenn., worked to create IASIS’ “Back@Work Program.”

The program automates workflow processes within IASIS’ return-to-work program to ensure injured employees don’t fall through the cracks.

The new program is intended to reduce leakage — “the dollar value you lose between different touchpoints in the return-to-work world,” Davidson said.

There can be significant gaps between when an employee first reports an injury to when adjusters are notified, and a physician sees an employee and reports back to the company on employee’s limitations.

“By streamlining this process and creating an electronic platform, the gap time between steps has been reduced,” he said.

The program was customized from the platform of Riskonnect, an enterprise risk management software provider in Kennesaw, Ga.


In November 2013, Davidson and his team piloted the new program for IASIS’ Texas operations. Since then, the average cost per claim in Texas dropped from $9,700 in 2010, to $350 in 2014.

One of the most efficient new tools is the use of electronic signature technology, now allowed under the Affordable Care Act, to enable each participant in the process to quickly sign off, Davidson said.

Managers can now track overall program efficacy in employee retention and other performance metrics using the software’s dashboards. Moreover, a light duty task bank system electronically matches employees with the appropriate tasks to minimize re-injury.

Other improvements that Davidson implemented included adding Corvel claims handling, a third-party administrator with a medical case management approach, and the installation of proper lift equipment in each of IASIS’ facilities, combined with a training program in lifting techniques and equipment operation.

Lelan Daines, IASIS’s vice president of risk and insurance, said that before Davidson implemented the new program, managers didn’t really know how the return-to-work program was supposed to work.

“It often depended on how dedicated the manager was, whether they had time or whether they even understood what the expectation was,” Daines said. “Tim improved the program to give them step-by-step instructions with electronic forms, tools and timelines. He also developed better ways for us to measure the effect of the program. We found that there was a significant reduction in costs and the length of time injured employees were away from their jobs.”


Marsh Risk Consulting worked closely with Davidson to conduct a needs analysis and train staff, said Elizabeth Reynolds, senior vice president. Different IASIS locations had different ideas that were incorporated into the final program.

“Tim really was a visionary in putting this together — really systemizing it and institutionalizing it within IASIS,” Reynolds said. “It’s a pleasure working with Tim and seeing this come to fruition.”


350px_allstarRisk All Stars stand out from their peers by overcoming challenges through exceptional problem solving, creativity, perseverance and/or passion.

See the complete list of 2014 Risk All Stars.

Share this article: