Michelle Kerr

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at mkerr@lrp.com

Crisis Management

Plan to Survive

Employers are still slow to take the necessary steps to ensure that their organizations are prepared for violence.
By: | January 25, 2016 • 11 min read
active shooter 700x525

You’re at your desk, engrossed in a report. From somewhere on the other side of the building, you hear a loud muffled noise. Furniture-moving mishap? Backfiring car? It barely registers in your mind until you hear it again.


Then you hear screams. The icy grip of fear tightens your chest. There’s a shooter in the building.

Your vision blurs for a moment as you try to decide in that split second what to do next. Fifteen minutes from now, you will either be a survivor, or you will be a statistic.

Armed killing sprees have long been a troubling fact of life in the U.S. and elsewhere. As far back as August 1966, Charles Whitman opened fire from the clock tower of the University of Texas at Austin, killing 16 people and wounding 31.

The massacre shocked and horrified the world in 1966. But in 2016, our capacity for shock has been dulled by the increasing frequency of the type of violence we now commonly refer to as active shooter incidents.

In 2015, there were 330 incidents in the U.S. in which four or more people were shot or killed using firearms, resulting in 367 deaths and 1,317 injuries. Incidents at schools, universities and public spaces took up most of the media attention until December, when an employee of the Inland Regional Center in San Bernardino, Calif., left work and returned with his wife and a small arsenal of firearms. Fourteen people were killed, and 22 were wounded. Suddenly employers that gave workplace violence only a passing thought began asking “What if it had happened here?”

The question is long overdue. The FBI reports that 45 percent of active shooter incidents occur at places of business, making them the most common target for these attacks.

Be Proactive

There are multiple categories of active shooter or other workplace violence situations. The San Bernardino shooters are alleged to have had ties to terrorist factions, but acts of political terrorism in the workplace are rare. Acts perpetrated by unstable individuals are far more common, as are domestic violence incidents.

active shooter chartWithout question, there are situations where a target is chosen at random, and there is absolutely no way an employer could have seen it coming. But more often there are signs or signals along the way — red flags, both subtle and obvious, that were brushed off or even deliberately ignored out of a reluctance to create conflict. That is a mindset that desperately needs to change, say experts.

“Many of the incidents that we see could have been avoided because there were clear precursors,” said Sean Ahrens, Aon Global Risk Consulting’s Security Consulting practice leader. He adds that “incidents where there’s a straw that broke the camel’s back are happening more and more.”

The culture of silence happens for a variety of reasons. Coworkers don’t speak up for fear they’ll be branded as troublemakers. Employers worry they will be accused of defamation or discrimination if they take a hasty action against an employee.

In the well-intentioned quest to create a solid, documented case for taking action, sometimes employers wait too long. The results can be tragic.


Experts agreed that risk managers must work to cultivate a “see something, say something” culture. To increase the chance of being able to identify a burgeoning threat, experts strongly advise employers to have a means in place for employees to report concerns anonymously.

Sean Ahrens, security consulting practice leader, Aon Global Risk Consulting

Sean Ahrens, security consulting practice leader, Aon Global Risk Consulting

“Employers should afford as many ways as possible to communicate this information,” said Ahrens. That could an online email form, an anonymous hotline, a third-party hotline, or whatever methods make the most sense for the organization.

From there, an internal threat assessment team can gather further intelligence and decide how to proceed or attempt to de-escalate the situation. Simply terminating an at-risk employee isn’t necessarily the smart play, and could actually make things worse. Crisis management experts can be a useful resource for employers working to avoid a misstep.

The Survival Plan

The bottom line for risk management is that there is no iron-clad means to eliminate the risk that your workplace will experience an active shooter event. Even the best preventative measures have to be backed up by a solid emergency plan paired with response protocols spelling out what needs to happen during an event.

Communication is the first line of defense. A clear warning can give everyone out of the line of fire a better chance of evacuating safely. The simplest method is using overhead audio such as a P.A. system.

“Don’t use codes, just plain English,” said Ahrens. Be straightforward: “There’s an aggressor in the building near the Northwest stairwell. We’ll provide updates when available. Evacuate now if you can, or shelter in place.” Then provide continuous updates, he said.

Other environments may require additional measures. A noisy manufacturing floor or warehouse, for example, may need to use a strobe light to alert workers to turn off machines so that they can hear the emergency message.

What happens after the warning is broadcast will likely make the difference between life or death, which is why failure to train employees is not a valid option.

Michelle Colosimo, director, Black Swan Solutions

Michelle Colosimo, director, Black Swan Solutions

“Yes, you have to call 911,” said Michelle Colosimo, director of Black Swan Solutions, “but look how quickly these events can [unfold]. You now need to leverage your own employees to make sure that they’re doing the right things to help keep themselves safe.”

In 2012, the City of Houston produced a 6-minute video called “Run. Hide. Fight.,” funded by the Department of Homeland Security. The video has become the standard training model endorsed by the FBI and DHS for teaching civilians how to protect themselves and others around them.

Other training models have gained traction, such as “Avoid, Deny, Defend,” but most have same underlying message at their core:

    * Escape if you can do so safely
    * If not, then get to a location that can be locked or barricaded, if possible
    * Fight back as a last resort, using any improvised weapon within reach

“You don’t have a means in place to be able to take down that gunman,” said Colosimo, “nor do you want to be encouraging employees to try to take down that

gunman. So what are you doing to help educate and train them? Because it’s really up to the employee to make the right decisions.”

Some risk managers may find upper management squeamish about the phrase “active shooter training,” because their perceptions have been shaped by stories in the news about unannounced active shooter drills that traumatized employees.

The goal of drills is not fear, it’s understanding, said Mike Payne, organizational resilience manager at iJET International.

“You want to walk everybody through and talk everybody through what the expectations are, where the decision points are, and how to effectively respond.”

Jay Hart, director, Force Training Institute

Jay Hart, director, Force Training Institute

“This kind of training is very easy to get wrong. It’s very easy for it to be fear-based,” said Jay Hart, director of Force Training Institute. “I’ve noticed that’s what a lot of executives struggle with.”

Those same misperceptions may tempt some to provide training without drills, but that strategy is ill-advised, experts said, because in an emergency, there’s no accounting for how people might respond without a frame of reference.

Most will revert to habit – perhaps attempting to exit the building via their normal exit route, even though that route might be in the line of fire. Others may simply freeze in place.

“When chaos strikes and fear takes over, we’re typically not thinking clearly,” said John Stevens, senior vice president at Keenan.

“I think you’d be amazed by how many people would just sit at their desk and process that information.” agreed Ahrens. Drills help people move past that paralysis by ingraining the right behaviors and turning them into reflex or “muscle memory.”

“[They have to] go through the motions, pretend something is happening — make sure they actually have to take those steps necessary to protect themselves, kind of like a dry run,” said Colosimo.

“Give them all of the tools and the means necessary.”

Drills are important not only to help employees refine their instincts, she added, but also to identify potential flaws in the emergency response plan.


“It may look great on paper,” she said, but when you actually test it, you may find that some escape routes are obstructed or that a particular route didn’t lead where you thought it would.

Keep in mind that there’s always the potential for some employees to react negatively to whatever training you provide. But Ahrens suggested putting it in perspective.

“You have people saying, ‘I can’t believe you showed us that, that training was over the top.’ But if they remember it during an incident, I think it’s worth the couple of people who don’t like it.”

Far-Reaching Repercussions

While employers are no longer burying their heads in the sand about workplace shooter risks, most are still a long way from being truly prepared.

“People are putting plans in place,” said Colosimo, “and maybe [some are] training

Mike Payne, iJET International

Mike Payne, organizational resilience manager, iJET International

people. But when you get to the drill level, specific to active shooters, those numbers are still low. And that’s what needs to change.”

Risk managers may still be struggling to get the buy-in they need, and the problem doesn’t necessarily revolve around the bottom line. Taking steps toward active shooter preparedness can involve some uncomfortable decision making, explained Payne, so “by not having a background in handling those types of risk decisions, it creates a level of denial. And while that is a response, it’s not the preferred one.”

To help the C-suite move past reluctance, experts recommend framing the language in terms of safety as well as presenting the bigger picture and the potential impact to the business.

To help the C-suite move past reluctance, experts recommend framing the language in terms of safety as well as presenting the bigger picture and the potential impact to the business.

While the frequency of an active shooter incident may be less than any other risk that a business faces, stressed Stevens, “the severity and the magnitude of the circumstance become greater than anything else they face because you’re dealing with human lives.”

In the aftermath, the fallout would likely be a tangle of workers’ comp and liability claims related to fatalities and potentially catastrophic injuries. Property damage could be extensive in some situations, and many organizations could face significant business interruption expenses. In addition, questionable security procedures or a failure to respond to threats made prior to an incident may expose employers to a Pandora’s box of employment liability actions.

“In the world we live in now,” said Ahrens, “courts aren’t going to recognize ‘We didn’t see it as a risk.’ ”

As if that wasn’t enough, some businesses could find themselves in violation of workplace violence prevention laws, which are on the books in several states. And many companies may not even be aware of their obligations under OSHA.

While there is no federal workplace violence standard, OSHA asserts that it has the authority to cite employers for failing to take steps to prevent workplace violence under the General Duty Clause, which requires employers to keep workplaces “free from recognized hazards likely to cause death or physical harm.” Courts have generally agreed.

In addition, some say, there are multiple OSHA standards related to emergency action plans and job hazard training that can be interpreted to apply to active shooter training. Those claims have not yet been legally tested. But if the frequency of incidents continues to climb, it may only be a matter of time.

Reputational harm is also a very real possibility — not just among customers, but among vendors. Some companies may choose not to do business with a company it perceives as having lax security measures. Not least of all is the company’s reputation among both existing and prospective employees.

“If you have a workplace where people don’t feel safe, they’re not going to come to work,” said Colosimo. “If they don’t come to work, your productivity is gone.”

Insurance recovery may not be as straightforward as some assume. In the wake of a workplace shooting, business interruption losses may or may not be covered depending upon policy wording.

Workers’ compensation typically will cover costs related to injuries or fatalities that occur at work. However, a targeted, personal attack on an employee with a clear motive that is unrelated to the workplace — such as an attack by a jilted spouse — could negate some workers’ comp claims because it falls outside of the “scope of employment.”

Workers’ comp costs can wreak havoc on employers and insurers. The California death benefit of $250,000 for a single dependent survivor was multiplied many times over for those that died in the San Bernardino attack. But those that survive such an event with catastrophic injuries can potentially cost 10 times that amount over the long-term.


Until recently, there were no insurance products designed specifically for the risk of gun violence. But Willis Towers Watson now offers active shooter insurance. The coverage was intended for universities, but the company is now fielding inquiries from hotels, hospitals, and other institutions.

The policies, underwritten by Beazley, an affiliate of Lloyd’s, can cover up to $5 million of liability against claims that the company didn’t take the necessary precautions to prevent a mass shooting. It also covers the “on the scene” costs of a shooting incident, as well as any counseling or consulting expenses needed after the event.

What companies need to guard against is being lulled into false assumptions about the scope of the problem. After 911, there was a similar spike in interest in protecting workplaces from violence, noted Colosimo.

But eventually the interest waned, as the media moved on to fresher territory. Her hope is that it won’t require more incidents like San Bernardino to keep risk managers focused on what needs to be done.

“We’ve got to keep the momentum going because this isn’t stopping,” she said. “People have to be prepared.”

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at mkerr@lrp.com
Share this article:

Health Care Risk

Health Technology’s Deadly Risks

The top health care technology risks facing health care facilities are preventable.
By: | December 11, 2015 • 5 min read
Topics: Health Care | Safety
Person receiving a vaccine

In the hazard-rich world of health care, risk management professionals are working to direct their resources where they can have the most impact on patient and employee safety. To support their efforts, the ECRI Institute created its annual Top 10 Technology Hazards list.

The ECRI Institute is a nonprofit dedicated to patient care research based in Plymouth Meeting, Pa. The publication of the ECRI list is now in its ninth year.

A team of 70 ECRI engineers, scientists, clinicians and patient safety analysts votes on the final list. Hazards are nominated for the list based on adverse event reports, equipment testing, accident investigations, consulting work and input from clinicians and manufacturers.


Rob Schluth, senior project officer, ECRI Institute

“We want this to be a practical tool, not just setting people’s hair on fire worrying about things,” said Rob Schluth, senior project officer at ECRI Institute and the lead project manager for the Top 10 list project.

Topping this year’s list — an issue that has been frequently in the news over the past year — is bacteria spread through contaminated endoscopic devices. After contact with reusable devices called duodenoscopes between late 2014 and early 2015, two patients died and five more were infected by a drug-resistant “superbug” bacteria at UCLA Ronald Reagan Medical Center.

At a media briefing at ECRI’s Pennsylvania headquarters, a hands-on demonstration of the way such scopes work made it plain how easily such bacteria could survive the cleaning and disinfecting process.

The problem, explained Chris Lavanchy, engineering director of ECRI’s Health Devices Group, is not necessarily a failure in the disinfection/sterilization phase, as most would assume. The manual cleaning prior to sterilization can be inadequate.

This is partly due to the level of difficulty in cleaning small holes and crevices thoroughly, and also because “it’s a blind process — you can’t see inside the scope,” Lavanchy explained.

Exacerbating the problem, the scopes are expensive, so facilities may have only a few to go around. That leaves technicians under pressure to clean and sterilize the scopes quickly so they can be used for the next procedure.

“The [manual] for cleaning these things is 100 pages long,” he said. And yet the manual cleaning phase is often done in as little as 15 minutes.

Deadly Injections

Surprisingly, ECRI’s list included one technology that is decidedly low-tech, although the risks it poses are high. Unsafe injection practices remain a persistent problem in health care settings nationwide.

Some practitioners, while diligent about disposing used needles, will simply snap new needles on syringes that have been used, if the syringe will be used again for the same substance.

The problem with that, explained ECRI’s Senior Infection Prevention Analyst Sharon Bradley, is that there may be a microscopic amount of blood that has been transferred to the syringe. That blood will then be transferred to the new clean needle that gets attached, and then to the next vial of medication that needle is injected into.

Bradley referenced a massive outbreak of Hepatitis C in Fremont, Nebraska, in 2001, when 99 chemotherapy patients were infected when nurses repeatedly failed to change syringes while cleaning cancer patients’ ports using a community saline bag.

Time has not done much to temper the risk. This past October, 67 people were exposed to potentially contaminated blood when a visiting nurse reused a syringe to administer shots during an employer-sponsored flu clinic in West Windsor, N.J.

“Thousands of people are getting hepatitis that way,” said Bradley.

Some practitioners may be taking shortcuts with syringes or IV bags because of a lack of education about how contaminated blood may be present even when invisible to the naked eye. In other cases, those administering injections may have been instructed to reuse supplies in a misguided attempt to cut costs.

Fixing the problem, said Bradley, will be a matter of helping the industry understand that “the risk of negative outcomes outweigh the cost or inconvenience of doing it right.”

While ECRI does not have exact figure on the frequency of contamination incidents, “it happens more often than you think,” said Bradley. It’s worth noting that approximately 90 percent of contamination incidents originate in outpatient clinics.

Training Shortfalls

ECRI estimates that approximately 70 percent of accidents involving a medical device can be attributed to user error, which isn’t all that surprising. One key to the problem is a disconnect between health care facilities and health equipment manufacturers, particularly in the area of operating room technologies.

Competitive practices among manufacturers often create fundamental differences in the operation of machines that serve the same purpose. Identical functions typically are labeled with different words or phrases, or control switches or buttons may be vastly different.

Similar issues face clinical practitioners that operate intensive care ventilators, potentially leading to lung injury or death for vulnerable patients.

Marc Schlessinger, senior associate at ECRI, likened it to the way most mobile phone users felt lost when the switch from flip phones to smartphones first occurred. The difference is that pressing the wrong button on your phone isn’t likely to put a patient’s life at risk.

Comprehensive training would seem one obvious solution, but that’s not always happening, Schlessinger explained. While manufacturers typically offer training, facilities don’t necessarily require clinicians to complete training, or they train one “super user” and rely on trickle-down training practices that aren’t always formalized or followed up on.

Another risk on ECRI’s list this year is the persistent problem of missed clinical alarms — a hazard that has topped the list every year it’s been published. Other hazards highlighted include the accidental misuse of USB ports on medical devices as well as crushing risks from defects or damage to heavy gamma cameras used in certain types of scans.ECRI_sidebar

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at mkerr@lrp.com
Share this article:

2015 NWCDC

Shaping the Future of Workers’ Comp

Boeing is innovating to improve both its workers’ comp outcomes and the quality of health care delivered to its workers.
By: | November 13, 2015 • 2 min read

The reforms of the Affordable Care Act continue to transform models of health care delivery, and it’s only a matter of time before that transformation impacts workers’ comp medical management as well.

Chicago-based Boeing is trying to get ahead of the curve, embracing the reform tenets of accountable care, value-based pricing, and patient engagement.

Boeing’s Senior Workers’ Compensation Manager Lisa Kelly discussed the company’s efforts during a November 12 session at the National Workers’ Compensation and Disability Conference® and Expo in Las Vegas.

Boeing has since been able to realize significantly improved outcomes and lower costs by working to direct injured employees to five-star ranked doctors.

She was joined by Greg Moore, founder of Harbor Health Systems and senior vice president of innovation with One Call Care Management, as well as Sedgwick’s Kimberly George, SVP, and senior healthcare advisor.

In 2010, Boeing partnered with Harbor Health and Sedgwick to get a better handle on the quality of care delivered to injured employees. They developed a scorecard to measure their doctors by factors including total costs, claim duration, litigation rate, TTD and recidivism.

Doctors were given rankings from one to five stars. The disparity across the scorecard was sobering.

Boeing has since been able to realize significantly improved outcomes and lower costs by working to direct injured employees to five-star ranked doctors.

Additionally, Boeing recognized how the overall health of employees impacted its workers’ comp costs and overall productivity, and created partnerships to form two accountable care organizations to provide quality care and truly affordable coverage.

The relationship between comp and health care is changing, the presenters said, and it’s important for the workers’ comp world to play an active role in shaping the future direction of medical-care delivery.

“This change is going to happen, whether we bury our heads in the sand or not,” said Moore.

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at mkerr@lrp.com
Share this article: