Posted by Andy Gregory on Mon, Feb 22, 2010 @ 09:20 AM
OK, so we're officially seven days away from 201 CMR 17.00 Even the name of it sounds scary. 201 CMR 17.00 is the official name of the new Massachusetts data privacy laws that are now regarded as the most stringent privacy laws in the country. The State of California had previously been the standard for such laws, and were considered over-the-top when they came out several years back. Leave it to the Commonwealth to break the barriers.
Here at TGA, we have completed the audit of our own data privacy exposures and have implemented our written information security plan (WISP) as of today. It has been somewhat of a tedious task, but not quite as brutal as we feared when the regulations first came to light. All in all, it was somewhat of a "Nike" situation - Just Do It. So now we can all sit back and rest soundly knowing that these new regulations will stop the data breaches, right? We'll see.
As you sit back to admire your new WISP, keep in mind that cyber liability insurance is available for those businesses that have high exposure to data breaches, or those who simply like to cover all the angles. Complying with the regulations is simply a risk management tool to mitigate the risk of data breaches; it doesn't mean that you won't have a data breach. Cyber criminals are crafty and motivated people that find ways around barriers to get what they want. Several insurers offer cyber liability coverage, each with their own proprietary form. The premium will depend on the nature of your business and the overall scope of exposure, i.e. how much sensitive data your business collects and maintains.
On the flip side, don't think that you can simply buy the insurance coverage and forgo compliance with the law. There are holes in the coverage that could leave you with some hefty fines if your data breach caused financial loss to a third party. And hey, who knows if the state is going to actually send inspectors out to check on us? That's a similar question to - who knows if the state is going to create their own data security laws?
Posted by Andy Gregory on Wed, Jan 20, 2010 @ 10:44 AM
Yes, it is. But not this blog, of course! Seriously, blogging can get an individual or a company in a whole lot of trouble fast. Blogging is a spirited stallion that is dragging the world around while we try to figure out the ground rules as we eat dust. Read my Blogging is a Liability Risk white paper to get an idea of what lurks in cyberspace for those itching to lauch an opinion online.
Posted by Andy Gregory on Thu, Jan 14, 2010 @ 11:21 AM
There's nothing like a surprise when the auditor from your general liability or workers compensation carrier informs you that you owe a hefty additional premium because the subs you hired are technically your employees. Read Chris Hawthorne's
white paper to get a better handle on the Massachusetts law that dictates who is an employee and who is not.
Posted by Andy Gregory on Wed, Jan 13, 2010 @ 02:12 PM
The current BCBSMA Premium Account Agreement requires that
all charges be paid by the due date indicated on the invoice. Amounts that are
past due are subject to an interest charge of 1.5% per month, as described in
the account agreement. Beginning in 2010, BCBSMA intends to assess a reduced
interest charge of .75% per month on amounts past due. To assist accounts
in making prompt payments, they offer an electronic billing option. Interested plan sponsors should contact their Blue Cross and Blue Shield of
Massachusetts Billing Representative to help set up e-Billing, or the billing
hotline at (617) 246-5841 with other billing-related questions.
Posted by Andy Gregory on Wed, Jan 13, 2010 @ 01:51 PM
The Department of Labor's Employee Benefits Security Administration COBRA page now has available model notices updated for the extension provisions of the 2010 Department of Defense Appropriations Act. They are available at
http://www.dol.gov/ebsa/COBRAmodelnotice.html
Posted by Andy Gregory on Wed, Dec 23, 2009 @ 10:00 AM
As a property & casualty insurance broker, I have sat across the desk from hundreds of insurance buyers. Often, I encounter a Risk Manager, CFO, or VP of Finance that understands the overall concept of risk management and the nuances that can make or break a company. Just as often, however, I encounter some that treat insurance like a toll booth that they simply toss some money into once a year and drive away. When competing brokers come in to meet with them, they give them copies of their policies, updated sales and payroll figures, and send them off to ferret out the best deals available in the insurance market. Often, this insurance-as-a-commodity exercise is done simply to "keep their current broker honest", and other times, whoever has the cheapest program wins. This complacency is an assumption that the coverage that they have in place is correct and adequate, which many times is simply not the case.
Risk management is a process that is riddled with subjectivity and interpretation. Risk exposures can be downright blatant and obvious, but can also be subtle and appear benign. When encountering a prospective client that takes the insurance-as-a-commodity approach, I explain that we conduct our own risk analysis and present options based on our findings. If the buyer is not amenable to that, I respectfully decline to offer our services. The last thing that I would want to do is inherit someone else's mistake and perpetuate an existing problem.
Planning a risk management and insurance program is a three way street between the buyer, the broker, and the insurer. I understand that cost is a huge factor, and I'm not saying that everyone should break the bank to buy insurance. My point is that insurance buyers need to continually monitor the risks that threaten their businesses and make sound decisions to address them. Summarily, this is what your insurance broker is for. If your broker isn't giving you a clear picture of what threatens your company, you have no idea what that pile of insurance policies will do for you. I am continually amazed at how much confidence people place on a stack of paper!
Posted by Andy Gregory on Wed, Dec 23, 2009 @ 08:47 AM
The moving target that is the U.S economy has given cause to President Obama to extend the COBRA subsidy from nine months to fifteen months. For a breakdown of the implications,
read the summary here in our vault.
Posted by Andy Gregory on Thu, Oct 29, 2009 @ 01:09 PM
Workers compensation is a disaster for some businesses, and is a mild migraine for most. Understanding the mechanics behind workers comp will at least give you some perspective on why you pay what you pay, and how you can make it a little less painful. In this
white paper on workers compensation essentials, Chris Hawthorne sheds light on the history of the coverage, the nuts and bolts of what makes it tick, and strategies for lowering your premiums.
Posted by Andy Gregory on Wed, Oct 07, 2009 @ 02:46 PM
Visit our TGA Resource Vault for the latest in healthcare news. The Healthcare Update for October 2009 focuses on Early Intervention State-Mandated Changes,
2010 Minimum Creditable Coverage Plan
Compliance, Michelle's Law,
and Medicare Creditable Coverage.
Posted by Andy Gregory on Wed, Sep 16, 2009 @ 11:32 AM
Last October, the House passed the Mental Health Parity & Addiction Equity Act of 2008. It requires group health and self-insured plans that cover more than 50 employees to provide coverage for treatment of mental illness that is comparable to what they provide for physical illness. This law goes into effect on October 3, 2009.
In general, here is what the new law requires:
- Insurance plans can no longer establish higher deductibles, co-pays, co-insurance, and out of pocket expenses for mental health services if the same plan has does not have the same limits on physical illnesses.
- Cost sharing requirements for mental health or substance abuse disorder cannot be separate.
- Treatment limitations, such as number of visits, days of coverage, or frequency of treatment may not be more restrictive that those for physical illnesses.
- Insurers cannot differentiate between mental health conditions.
There are a few details left to be determined, but the final regulations will be issued by the Secretaries of Treasury, Labor, and Health & Human Services by October 3, 2009. We will continue to monitor this issue and will keep you informed.