Buying Cyber – Consider Carefully
The threat arising from cyber security is real. If it is not already, I suspect this threat will shortly be one of the most significant risks that companies face.
Given its significance, the cyber threat needs a comprehensive integrated response with risk transfer being just one element.
As a risk manager I cringed when I heard another risk manager declare at a RIMS annual conference session, “Yep, I bought cyber risk insurance last year. I did so because everybody else is doing it and also because my director thought it was a good idea. To be honest, I must admit that I am not really sure exactly what I bought.”
That risk manager may have done the right thing but definitely for the wrong reasons.
Some risk managers adopt a “risk flavor of the month” approach when considering, indeed purchasing new insurance products.
When you purchase an insurance product you are, as we all know, actually engaged in the practice, or should I say, sometimes the art form of transferring risk to the marketplace. This seems pretty clear, or is it? You should only engage in the practice of risk transfer after you have:
1. Carried out a thorough investigation of your business in order to identify all relevant original or “raw” risk(s).
2 Identified the controls that exist within your business to mitigate the risks identified. In doing so, you also need to assess the effectiveness of the controls in place to treat the identified risks.
3. Considered what other new or augmented existing controls could be established to deal with the risks on a cost effective basis.
4. Assessed the residual risks arising after applying steps 1 – 3 above and determined whether they are within your risk appetite or not.
Some risk managers adopt a “risk flavor of the month” approach when considering, indeed purchasing new insurance products. Cyber risk insurance is one such product that has been flavor of the month for quite some time.
The social/peer pressure to buy “cyber” is unrelenting. It is egged on by the myriad of studies that for example state, x percent of entities now buy cyber insurance and that this will grow to y percent within 12 months.
Do you want to be the brave insurance manager who bucks this trend? I am not suggesting that you be that person; what I do suggest is that you go about the process of evaluating whether or not this risk in your company needs to be insured against in a very disciplined, dispassionate manner.
The advantage of adopting the above is that you will end up with:
1) A very detailed description of the risks you face.
2) A comprehensive assessment of your suite of controls.
3) Absolute clarity as to which element of your risk you will seek to transfer to the insurance marketplace because by doing so, and if you do buy you will end up with a product that precisely fits your needs.
When you make that decision to buy cyber you will feel better as a risk management professional for having done so after following the above.
Indemnity Claims Up for Calif. Private Self-Insured Employers
In 2013, private self-insured companies registered the biggest increase in indemnity claim frequency in the past 10 years, according to a new report. At the same time, the incidence of medical-only claims declined.
Otherwise, the latest reports show “virtually no change in claim frequency in 2013.” Also flat was the average paid and incurred amounts per claim noted in the first reports for 2013 compared to the previous year.
The summary by the California Workers’ Compensation Institute is based on data compiled by the Office of Self-Insurance Plans. It reflects the experience of private self-insured employers who covered nearly 2.09 million California employees last year — down from 2.12 million employees in the 2012 initial report.
“The number of workers’ compensation claims reported by California’s private self-insured employers was down about 2 percent in 2013,” the summary says, “but for the fifth year in a row, private self-insured claim frequency was flat, as a marginal decline in the medical-only claims rate was offset by a slight uptick in the indemnity claims rate.”
There were 76,015 private self-insured claims last year — 1,542 fewer claims than in the 2012 initial report. However, “with the number of covered employees down, the private self-insured claim frequency rate held steady,” the report explains, “coming in at 3.64 claims (2.22 medical only and 1.42 indemnity) per 100 employees — almost identical to the 2012 rate of 3.65 claims (2.33 medical only plus 1.32 indemnity) per 100 employees.”
Looking at aggregate claim frequency rates from 2004-13 shows most of the decline in frequency occurred after the 2002-04 legislative reforms. For the last nine years the frequency rate has remained below 4 claims per 100 covered employees, the report says. Most of the fluctuation reflects changes in medical-only claim frequency even though “in 2013, indemnity claim frequency registered the biggest increase in the past 10 years while the incidence of medical-only claims declined.”
The OSIP data shows the number of indemnity cases reported in 2013 was 29,573 — up from the 28,065 cases in 2012 and higher than the 29,026 cases reported in 2011.
In terms of loss payments, the total as of the end of last year for private self-insureds was $180.9 million, or 2.8 percent less than in 2012. The total incurred — paid losses plus reserves for future payments — was 580.5 million for 2013, about 14.1 million or 2.4 percent lower than the initial incurred amount reported for 2012 claims.
CWCI’s analysis of more developed data confirms that reductions in average loss per claim combined with lower claim volume to push losses to a post-reform low in 2005. “By 2006, however, both average paid and average incurred losses began to trend up sharply, driving up private self-insured’s total losses even as claim volume continued to fall,” the report explains.
Achieving More Fluid Case Management
Risk management practitioners point to a number of factors that influence the outcome of workers’ compensation claims. But readily identifiable factors shouldn’t necessarily be managed in a box.
To identify and discuss the changing issues influencing workers’ compensation claim outcomes, Risk & Insurance®, in partnership with Duluth, Ga.-based Healthcare Solutions, convened an April roundtable discussion in Philadelphia.
The discussion, moderated by Dan Reynolds, editor-in-chief of Risk & Insurance®, featured participation from four tenured claims management professionals.
This roundtable was ruled by a pragmatic tone, characterized by declarations on solutions that are finding traction on many current workers’ compensation challenges.
The advantages of face-to-face case management visits with injured workers got some of the strongest support at the roundtable.
“What you can assess from somebody’s home environment, their motivation, their attitude, their desire to get well or not get well is easy to do when you are looking at somebody and sitting in their home,” participant Barb Ritz said, a workers’ compensation manager in the office of risk services at the Temple University Health System in Philadelphia.
Telephonic case management gradually replaced face-to-face visits in many organizations, but participants said the pendulum has swung back and face-to-face visits are again more widely valued.
In person visits are beneficial not only in assessing the claimant’s condition and attitude, but also in providing an objective ear to annotate the dialogue between doctors and patients.
“Oftentimes, injured workers who go to physician appointments only retain about 20 percent of what the doctor is telling them,” said Jean Chambers, a Lakeland, Fla.-based vice president of clinical services for Bunch CareSolutions. “When you have a nurse accompanying the claimant, the nurse can help educate the injured worker following the appointment and also provide an objective update to the employer on the injured worker’s condition related to the claim.”
“The relationship that the nurse develops with the claimant is very important,” added Christine Curtis, a manager of medical services in the workers’ compensation division of New Cumberland, Pa.-based School Claims Services.
“It’s also great for fraud detection. During a visit the nurse can see symptoms that don’t necessarily match actions, and oftentimes claimants will tell nurses things they shouldn’t if they want their claim to be accepted,” Curtis said.
For these reasons and others, Curtis said that she uses onsite nursing.
Roundtable participant Susan LaBar, a Yardley, Pa.-based risk manager for transportation company Coach USA, said when she first started her job there, she insisted that nurses be placed on all lost-time cases. But that didn’t happen until she convinced management that it would work.
“We did it and the indemnity dollars went down and it more than paid for the nurses,” she said. “That became our model. You have to prove that it works and that takes time, but it does come out at the end of the day,” she said.
The ultimate outcome
Reducing costs is reason enough for implementing nurse case management, but many say safe return-to-work is the ultimate measure of a good outcome. An aging, heavier worker population plagued by diabetes, hypertension, and orthopedic problems and, in many cases, painkiller abuse is changing the very definition of safe return-to-work.
Roundtable members were unanimous in their belief that offering even the most undemanding forms of modified duty is preferable to having workers at home for extended periods of time.
“Return-to-work is the only way to control the workers’ comp cost. It’s the only way,” said Coach USA’s Susan LaBar.
Unhealthy households, family cultures in which workers’ compensation fraud can be a way of life and physical and mental atrophy are just some of the pitfalls that modified duty and return-to-work in general can help stave off.
“I take employees back in any capacity. So long as they can stand or sit or do something,” Ritz said. “The longer you’re sitting at home, the longer you’re disconnected. The next thing you know you’re isolated and angry with your employer.”
“Return-to-work is the only way to control the workers’ comp cost. It’s the only way,” said Coach USA’s Susan LaBar.
Whose story is it?
Managing return-to-work and nurse supervision of workers’ compensation cases also play important roles in controlling communication around the case. Return-to-work and modified duty can more quickly break that negative communication chain, roundtable participants said.
There was some disagreement among participants in the area of fraud. Some felt that workers’ compensation fraud is not as prevalent as commonly believed.
On the other hand, Coach USA’s Susan LaBar said that many cases start out with a legitimate injury but become fraudulent through extension.
“I’m talking about a process where claimants drag out the claim, treatment continues and they never come back to work,” she said.
Social media, as in all aspects of insurance fraud, is also playing an important role. Roundtable participants said Facebook is the first place they visit when they get a claim. Unbridled posts of personal information have become a rich library for case managers looking for indications of fraud.
“What you can assess from somebody’s home environment, their motivation, their attitude, their desire to get well or not get well is easy to do when you are looking at somebody and sitting in their home,” said participant Barb Ritz.
As daunting as co-morbidities have become, roundtable participants said that data has become a useful tool. Information about tobacco use, weight, diabetes and other complicating factors is now being used by physicians and managed care vendors to educate patients and better manage treatment.
“Education is important after an injury occurs,” said Rich Leonardo, chief sales officer for Healthcare Solutions, who also sat in on the roundtable. “The nurse is not always delivering news the patient wants to hear, so providing education on how the process is going to work is helpful.”
“We’re trying to get people to ‘Know your number’, such as to know what your blood pressure and glucose levels are,” said SCS’s Christine Curtis. “If you have somebody who’s diabetic, hypertensive and overweight, that nurse can talk directly to the injured worker and say, ‘Look, I know this is a sensitive issue, but we want you to get better and we’ll work with you because improving your overall health is important to helping you recover.”
The costs of co-morbidities are pushing case managers to be more frank in patient dialogue. Information about smoking cessation programs and weight loss approaches is now more freely offered.
Managing constant change
Anyone responsible for workers’ compensation knows that medical costs have been rising for years. But medical cost is not the only factor in the case management equation that is in motion.
The pendulum swing between technology and the human touch in treating injured workers is ever in flux. Even within a single program, the decision on when it is best to apply nurse case management varies.
“It used to be that every claim went to a nurse and now the industry is more selective,” said Bunch CareSolutions’ Jean Chambers. “However, you have to be careful because sometimes it’s the ones that seem to be a simple injury that can end up being a million dollar claim.”
“Predictive analytics can be used to help organizations flag claims for case management, but the human element will never be replaced,” Leonardo concluded.