P.O. Box 1750, Cockysville, MD, 21030
Print PDF version
410-337-9755 Website

The Importance of a Data Security Plan

Bookmark and Share 2

Probably less than you think.

Three in four U.S. companies don't have Cyber Risk or Network Security insurance, according to a study by Towers Watson & Co. What's more, many small and midsized businesses that do carry these policies have left themselves vulnerable to costly losses by failing to develop proactive data security and crisis response plans.

A data security plan begins with the human element. Training employees - particularly those who regularly deal with proprietary information in-house or stored on portable electronic devices - offers a cost-effective approach. A study by NetDiligence found that more than one in four liability data breach claims were due to lost equipment and other staff errors.

To help keep confidential information safe, managers should:

  1. Identify those employees who could create the largest exposures for the company in case of lost or misplaced data and make sure that they're diligent in protecting this data.
  2. Make compliance with data security procedures a part of worker performance review.

If you should suffer a data security breach, you'll need a crisis response plan, with responsibilities assigned ahead of time. The risk management and legal departments will deal with coverage-related issues such as cross-policy response and claims processing, while IT managers and auditors investigate the source and extent of the breach. Planning should also include guidelines for contacting law enforcement, and forensic investigators, as well as communicating with providers and business partners to address continuity issues.

The plan should designate personnel to handle media inquiries and public statements, interact with providers, and notify affected customers, using dedicated and updated contact lists.

We can help you create comprehensive, cost-effective protection for your confidential information by combining insurance coverage with risk management techniques.

 

Preventative Measures for Your Maintenance Workers

Bookmark and Share 3A lack of maintenance or poor quality maintenance causes thousands of on-the-job accidents every year. What's more, maintenance workers face significant risks associated with their jobs.

According to the most recent Bureau of Labor Statistics job fatality report, deaths due to poor maintenance rose 14%, year to year, in 2011, the highest level since 2006. Accidents from maintenance have a variety of causes: everything from falls caused by working heights, confined spaces or harsh environments associated with accessing equipment, and shocks and burns if power is not properly isolated, to injuries from moving machine parts, musculoskeletal problems caused by working in awkward spaces and exposure to asbestos and dangerous chemicals.


There are three types of maintenance:

  1. Routine or preventive maintenance keeps equipment working - such as a scheduled overhaul or replacement.
  2. Corrective maintenance gets broken equipment up and running again.
  3. Predictive maintenance uses tests for maintenance that is or will soon be needed.

To make your maintenance activities safer and more productive, follow these guidelines:

  • Emphasize planning and scheduling on every maintenance task.
  • Invest in affordable technology such as a thermographic camera (around $1,000) to detect variations of temperature that can reveal when a machine motor is not running properly.
  • Make sure that supervisors convey the right message consistently. Employees need to be told that accidents happen as a result of short cuts, such as failing to lock out a piece of equipment before performing maintenance.
  • Teach workers to intervene. If an employee walks by a piece of equipment that's making an unusual noise and doesn't tell their supervisor, it's the same as ignoring a co-worker who is working unsafely.
  • Get employees engaged and accountable. This can lead to culture change which makes safety the responsibility of everyone - not just of the safety and maintenance department.

For more information on maintaining your safety maintenance program, just get in touch with us.

 

The Surprise Risk Management Tool: Social Media

Bookmark and Share 3

Given the dramatic impact of social media on the speed and delivery of news and information, it makes sense to make this fast-growing technology part of your risk management program.


More and more reputational crises — such as the recent stranding of the Carnival Triumph cruise ship — are born on social networking platforms and can grow exponentially if mishandled. Consider how Apple Inc. responded to consumer displeasure with the iPhone 4 shortly after its 2010 introduction. Negative comments about the product spread quickly over social media channels, but were largely ignored by Apple executives until mainstream news outlets began reporting on its flaws.


Failing to actively engage social media users in conversations about crisis or business practice of your company means losing an invaluable opportunity to protect your reputation. Otherwise, you risk having other people tell your story.


Social media participation gives you a way to enhance this reputation through regular interaction with customers, business partners and the public. Using this tool to develop relationships and help people, rather than just sell products and services, can create some valuable allies.


Encouraging your employees to participate in social media offers a great way to use them as advocates for your company. A 2012 poll of more than 1,000 registered voters by Hill+Knowlton Strategies found that a corporation's employees are the second-most trusted source of information about its business practices, second only to friends and family members.

 

Minimize Damage of a Scorned Employee

Bookmark and Share 3

It's always difficult to terminate an employee - especially in this age of employment litigation and privacy concerns. Even if a worker leaves voluntarily, you need to make sure that he or she no longer has access to confidential information


The key to making sure that you've covered all bases of your bases is to follow a Departure Checklist:


  • When an employee leaves, whether voluntarily or involuntarily, notify all staff immediately to help reduce rumors, hurt feelings, and concerns. Keep the announcement positive.
  • Remove the employee from your facility soon as possible. Offering to have the person stay is nice, but might not always be helpful. If you decide to let the employee stay for the customary two weeks, assign him or her specific tasks to complete. Collect keys immediately and assign someone to work with the departing employee for the duration of their stay.
  • Once the decision has been made, restrict the employee's access to sensitive company information at once; be sure that this restriction includes any VPN or private access.
  • Have the employee review all items on which he or she is working and write a synopsis of what's needed to complete each item. Then review these items to create a specific workload transition plan, and assign them to other employees. The sooner you do this, the better.

The more you think through this process before a problem arises, the more effectively you'll be able to deal with it. We stand ready at any time to help you develop and implement an effective plan that can go a long way to help you protect your business from this risk.