Risk Insider: Jack Hampton

Cyber Risk: It’s Like Living on Mount Etna

By: | May 3, 2016 • 2 min read
Jack Hampton is a Professor of Business at St. Peter’s University in New Jersey and a former Executive Director of the Risk and Insurance Management Society (RIMS). He was named a Risk Innovator in 2008 by Risk and Insurance®. He can be reached at [email protected]

Everybody should have a favorite volcano and mine is Mount Etna in Sicily. A long time ago I became intrigued with the risk it poses for its neighbors.

Five distinct, active craters. A major eruption every two years throughout recorded history. Occasional destruction of entire villages.

Advertisement




A Risk & Insurance® webinar on April 27, Maximizing ROI in Mitigating Cyber Risk conjured up a question. Is modern cyber risk the electronic equivalent of an active volcano? If yes, what do we do about living on it?

The webinar examined how organizations can maximize the return on investment from cyber risk mitigation. That is, how can we invest capital to achieve a specific financial goal?

The situation is straightforward. If we operate on Mount Etna, we will never control the volcano. We either get off or prepare for the year 1669 when an eruption wiped out parts of Catania and lava streams reached the Mediterranean Sea.

The sponsor was the Society of Actuaries. Thus, we could expect quantitative solutions to cyber problems. That was not what happened.

For starters, the speakers separated the information technology viewpoint from enterprise risk management. Organizations invest in computers and networks to earn a return on capital.

Time value of money paints the picture of the wisdom of the investment. This does not happen with cyber security decisions. The takeaway from the webinar was that quantitative tools are not at the level we need in an ERM context. In my view, they never will be.

The situation is straightforward. If we operate on Mount Etna, we will never control the volcano. We either get off or prepare for the year 1669 when an eruption wiped out parts of Catania and lava streams reached the Mediterranean Sea.

With cyber risk we are stuck about halfway up the mountain. We will be ducking lava flows for many years.

Where can we take refuge?

Business analytics can help understand the costs and opportunities of cyber risk mitigation. The webinar recommended The National Institute of Standards and Technology (NIST) framework to help with cyber security decisions:

Identify. What are the things that are at risk? Include assets, data, computer systems and capabilities.

Protect. How do we safeguard those things? Include “hard” techniques like firewalls, encryption, and segregation. Do not forget “soft” approaches to reduce intentional or careless behaviors of employees, customers, vendors and authorized users.

Detect and Respond. Spend big money to hire people who could otherwise be wealthy beyond their wildest dreams if they took up hacking and avoided jail. Turn them loose to spot system weaknesses and block cyber security losses.

Recover. This may be the most important item on the NIST list. Assume the unexpected. Develop a contingency plan. Create a crisis team. Simulate an event. Assess your ability to restore assets, data, and capabilities. Spend the money to fix that which needs to be fixed.

Advertisement




Now we go back to the return on investment. Measure it partly in financial terms with discounted cash flow techniques. Extend the analysis to incorporate the negative consequences of loss of markets, damage to reputation, and downgrading of stock value.

The common lesson of Mount Etna and cyber risk is that we cannot control the “mountain.” We should focus on our ability to survive an “eruption.”

This means we do not pursue the maximum return on investment. Instead, we should seek the maximum return on creating resilience after a cyber event.

Share this article:

Vermont Report 2016

The Future Is Now

Mid-size employers transitioning from fully insured health care plans are intrigued by stop-loss captives.
By: | April 4, 2016 • 6 min read
R4-16TipInpA11-A13_10StopLoss.indd

The relationship between captive insurance and health care is decades old. And it is very robust in the captive domicile of Vermont, which added seven health care captives in 2015 and now houses 96 health care captives overall.

Advertisement




Now the domicile is poised to take advantage of its regulatory expertise to house medical stop-loss captives, for which some insurance professionals see a bright future.

One of them is Mark Tabler, executive director of Genesis Re, a segregated cell medical stop-loss captive, which redomesticated from Arizona to Vermont in 2015.
(Tabler also launched a separate medical professional liability risk retention group, Innovative Physician Solutions, of which he is COO.)

Tabler, the former president of the Arizona Captive Insurance Association, said he has found his calling.

“Once I got into the captive industry through this organization, it was just exciting,” he said. “I wouldn’t want to be in anything else.”

Stop-loss captives are, in essence, a type of reinsurance that kicks in to cover employee health care costs above a certain limit. And they have a number of advantages, according to Tabler.

Steve Gransbury, president, Accident & Health, QBE North America

Steve Gransbury, president, Accident & Health, QBE North America

That’s especially true of the one he operates, he said.

Genesis Re is owned by TPA and benefits company SIHO Insurance Services, which has its own book of business, as well as managing a large number of administrative services only (ASO) contracts, so the company has a good understanding of how to manage the health of large populations of people, Tabler said.

By setting up its own captive, it is able to apply that expertise to finance and control its exposures — and recoup any savings gained from loss control.

Steve Gransbury, president, accident and health for QBE North America, is another supporter of the captive stop-loss option.

The benefits of stop-loss captives are manifold, he said, but the primary ones are control and transparency.

“For a group captive, there is control in how to approach risk with economies of scale not available to mid-sized employers who don’t participate in a group captive,” he said.

“For a single-parent captive, there is control over financing or predictable risk internally versus the commercial market.”

Because captive premiums are treated as ordinary business expenses, he continued, there are incentives for “greater risk, claim and reserving control,” not to mention to keep underwriting profit and maintain stable prices.

Not Loved by All

Medical stop-loss captives aren’t without opposition though.

Some regulators perceive stop-loss captives as instruments for side-stepping the provisions of the Affordable Care Act.

State legislators in Minnesota and Rhode Island, for instance, considered putting floors on deductibles or increasing the attachment points for stop-loss captives — the dollar limit amount at which stop-loss would kick in above primary health insurance.

California passed a law that limited stop-loss captives to employers with 100 or more workers.

In July 2013, the captive regulator in Washington, D.C. took an even stronger stand. Dana Sheppard, associate commissioner of the district’s Department of Insurance, Securities and Banking, declared:

“Washington, D.C. is not in favor of allowing small employers located in D.C. to self-insure their health care risks, including the establishment of medical stop-loss captives, if their motivation for doing so would result in removing young and healthy persons from the exchange, leaving older and less healthy employees in the exchange.”

Tabler’s captive avoids these concerns by having a high attachment point at $500,000, too rich for small employers.

“A few years ago, groups who were exploring and ‘tire kicking’ are now doing business. Our large group/single parent captive business continues to be very robust.” — Steve Gransbury, president, accident and health for QBE North America.

Another obstacle to stop-loss captive success, however, is how many employers, whether big or small, are actually interested in participating in them.

Advertisement




The experience of one captive, the Central Coast Community Mutual Insurance Co., is cautionary.

Formed in 2011 by the Community Hospital of the Monterey Peninsula (CHMP), the group stop-loss captive has since been trying to recruit members — unsuccessfully.

As hospital CFO Laura Zehm admitted, the parent company is at a do-or-die point in 2016; if they still haven’t brought on additional employers (it currently just involves the hospital’s and one other employer’s employee populations), they will consider giving it up.

“We had interest, for sure,” she said of other employers’ attitudes to the stop-loss captive over the past few years. “We do get calls.”

But eventually employers are dissuaded by brokers who promise to find them cheaper coverage elsewhere. It does not help the captive’s case that the commercial stop-loss insurance market is “really soft.”

The CHMP captive has so much to offer beyond just its coverages though. As part of the captive’s offering, members can tap into the hospital’s physician networks.

Laura Zehm, CFO, Community Hospital of the Monterey Peninsula

Laura Zehm, CFO, Community Hospital of the Monterey Peninsula

Zehm’s captive has its own TPA, which collects data from claims and then analyzes the information and applies it for better patient care.

For instance, through data, they can spot when a patient would benefit from six months of physical therapy before having to get his back or neck operated on. Or maybe never have that surgery.

For its all-in effort this year, Zehm said, the captive also made improvements. It partnered with the brokerage Alliant to gain the broker’s buy-side understanding. Zehm asked Alliant: If we don’t have anything worth selling, let us know.

Alliant didn’t reject them but instead offered ways to better the captives’ offerings.

Since then, the captive lowered costs within its physician network and incentivized physicians to keep member employees healthy.

“We continue to learn how to do this,” Zehm said. “We’re fixing everything that might be a barrier.”

High Interest in Stop-Loss Captives

While Zehm and Tabler provide an on-the-ground perspective of the benefits and challenges of stop-loss captives, the 30,000-foot perspective is one of optimism.

“While interest still remains very high, we’re actually seeing more deals get done over the last couple of years. In particular, with mid-sized employers that are looking at transitioning to self-insurance from fully insured health plans,” said QBE’s Gransbury.

“A few years ago, groups who were exploring and ‘tire kicking’ are now doing business. Our large group/single parent captive business continues to be very robust.”

Gransbury said that post-ACA and the removal of annual and lifetime benefit maximums, large employers are buying stop-loss coverage with unlimited reimbursement benefits and using existing single-parent captives to finance certain layers.

“A few years ago, groups who were exploring and ‘tire kicking’ are now doing business. Our large group/single parent captive business continues to be very robust.” — Steve Gransbury, president, Accident & Health, QBE North America

Then again, with every Republican presidential candidate since the beginning of the 2016 election season declaring that he or she would repeal the ACA if elected, perhaps the issue of how employers can best finance their employee health care benefits is far from moot.

It’s going on eight years that we have heard about uncertainty around health care, but Tabler said people are still waiting to see what will happen to the ACA before they feel totally settled and comfortable in their health care benefits arrangement.

Advertisement




Whatever happens this November, employers can rest assured that Vermont will continue to be a home for health-care-related captives.

On the whole, captive insurance will continue to serve as an alternative and extremely innovative approach, whether it’s for professional liability, stop-loss coverage or another health care-related exposure. &

The R&I Editorial Team may be reached at [email protected]
Share this article:

Sponsored Content by CorVel

Advocacy: The Impact of Continuous Triage

Claims management is never stagnant. Utilizing a continuous triage model keeps injured employees on track to recovery.
By: | May 4, 2016 • 6 min read

SponsoredContent_CorVel

Introduction

In the world of workers’ compensation, timing is everything. Many studies have shown that the earlier a workplace incident or injury is acted upon, the more successful the results*. However, there is further evidence indicating there is even more of an impact seen when a claim is not only filed promptly, but also effective triage is conducted and management of the claim takes place consistently through closure.

Typically, every program incorporates a form of early intervention. But then what? While it is common knowledge that early claims reporting and medical treatment are the most critical parts of a claim, if left alone after management, an injured worker could – and often does – fall through the cracks.

All Claims Paths are Not Created Equal

Even with early intervention and the best intentions of the adjuster, things can still go wrong. What if we could follow one injury down two paths, resulting in two entirely different outcomes? This case study illustrates the difference between two claims management processes – one of proactive, continuous claims triage and one of inactivity after initial intervention – and the impact, or lack thereof, it can have on the outcome of a claim. By addressing all indicators, effective triage can drastically change the trajectory of a claim.

The Injury

While working at a factory, David, a 40-year-old employee, experienced sudden shoulder pain while lifting a heavy box. He reported the incident to his supervisor, who contacted their 24/7 triage call center to report the incident. After speaking with a triage nurse, the nurse recommended he go to an occupational medicine clinic for further evaluation, based on his self-reported symptoms of significant swelling, a lack of range of motion and a pain level described as greater than “8.”

The physician diagnosed David with a shoulder sprain and prescribed two weeks of rest, ice and prescription strength ibuprofen. He restricted David from any lifting over his head.

By all accounts, early intervention was working. Utilizing 24/7 nurse triage, there was no lag time between the incident and care. David received timely medical attention and had a treatment plan in place within one day.

But Wait…

A critical factor in any program is a return to work date, yet David was not given a return to work date from the physician at the occupational medicine clinic; therefore, no date was entered in the system.

One small, crucial detail needs just as much attention as when an incident is initially reported. What happens the third week of a claim is just as important as what happens on the day the injury occurs. Involvement with a claim must take place through claim closure and not just at initial triage.

The Same Old Story

After three weeks of physical therapy, no further medical interventions and a lack of communication from his adjuster, David returned to his physician complaining of continued pain. The physician encouraged him to continue physical therapy to improve his mobility and added an opioid prescription to help with his pain.

At home, with no return to work in sight, David became depressed and continued to experience pain in his shoulder. He scheduled an appointment with the physician months later, stating physical therapy was not helping. Since David’s pain had not subsided, the physician ordered an MRI, which came back negative, and wrote David a prescription for medication to manage his depression. The physician referred him to an orthopedic specialist and wrote him a new prescription for additional opioids to address his pain…

Costly medical interventions continued to accrue for the employer and the surmounting risk of the claim continued to go unmanaged. His claim was much more severe than anyone knew.

What if his injury had been managed?

A Model Example

Using a claims system that incorporated a predictive modeling rules engine, the adjuster was immediately prompted to retrieve a return to work date from the physician. Therefore, David’s file was flagged and submitted for a further level of nurse triage intervention and validation. A nurse contacted the physician and verified that there was no return to work date listed on the medical file because the physician’s initial assessment restricted David to no lifting.

As a result of these triage validations, further interventions were needed and a telephonic case manager was assigned to help coordinate care and pursue a proactive return to work plan. Working with the physical therapist and treating physician resulted in a change in David’s medication and a modified physical therapy regimen.

After a few weeks, David reported an improvement in his mobility and his pain level was a “3,” thus prompting the case manager’s request for a re-evaluation. After his assessment, the physician lifted the restriction, allowing David to lift 10 pounds overhead. With this revision, David was able to return to work at modified duty right away. Within six weeks he returned to full duty.

With access to all of the David’s data and a rules engine to keep adjusters on top of the claim, the medical interventions that were needed for his recovery were validated, therefore effectively managing his recovery by continuing to triage his claim. By coordinating care plans with the physician and the physical therapist, and involving a case manager early on, the active management of David’s claim enabled him to remain engaged in his recovery. There was no lapse in communication, treatment or activity.

CorVel’s Model

After 24/7 nurse triage is conducted and an injured worker receives initial care, CorVel’s claims system, CareMC, conducts continuous triage of all data points collected at claim inception and throughout the life of a claim utilizing its integrated rules engine. Predictive indicators send alerts to prompt the adjuster to take action when needed until the claim is closed ­– not just at the beginning of the claim.

This predictive modeling tool flags potentially complex claims with the risk for high exposure, marking claims that need intervention so that CorVel can assign appropriate resources to mitigate risk.

Claims triage is constant – that is the necessary model. Even on an adjuster’s best day, humans aren’t perfect. A rules engine helps flag things that people can miss. A combination of predictive systems and human intervention ensures claims management is never stagnant – that there is no lapse in communication, activity or treatment. With an advocacy team in the form of an adjuster empowered by a powerful rules engine and a case manager looking out for the best care, injured employees remain engaged in their recovery. By perpetuating patient advocacy, continuous triage reduces claim severity and improves claim outcomes, returning injured workers to the workforce and reducing payors’ risk.

*WCRI.

This article was produced by CorVel Corporation and not the Risk & Insurance® editorial team.



CorVel is a national provider of risk management solutions for employers, third party administrators, insurance companies and government agencies seeking to control costs and promote positive outcomes.
Share this article: