The opioid epidemic is a moral hazard of existential proportions. A test of the moral health of the insurance industry in which the question is, Will insurers acknowledge the severity of this threat by subsidizing better ways to treat this threat? Will insurers accept what patients concede and even cynics confess, that specific treatments for opioid addiction outside the U.S. are more effective than the many but mostly unsuccessful treatment options in the U.S.? Will insurers admit that it is more expensive to cover what does not work than it is to underwrite what returns people—healthy and strong—to the workforce? To ask these questions is to know that it is smarter to insure domestic tranquility by experiencing it abroad, that it is easier to promote the general welfare by supporting programs that lessen dependency on welfare, not because these programs are wrong, but because it is wrong to abandon tens of millions of people—including mothers and military veterans—to short, nasty and brutish lives of addiction. The answers to these questions are available to all. See also: Alternatives to Opioids for Pain Management   The answers, thanks to my correspondence with staffers at Clear Sky Recovery, raise the ultimate question of whether we will exist half-slave or half-free, whether we will succumb to the ravages of opioid addiction or avoid this descent altogether, whether we will cause our health to worsen or rally to the cause of health and wellness. What I ask of insurers is no different than what insurers should ask of themselves: help. Let us be unafraid to seek help. Let us also be aware that help is achievable, that help is available, that help is accessible. Let us free ourselves from the false promises of what is a racket rather than a legitimate means of rehabilitation, what with the bombardment of ads and commercials, what with the inundation of junk mail and junk science—an audiovisual overdose of empty words and meaningless slogans. Let us wake up to the reality of this situation, that we face a do-or-die decision; a dire choice, indeed. Either we do what is necessary, either we do what is right, or we plead guilty to the fast death of minds and the slow loss of bodies: a sight too painful to witness but too profound to ignore, a sight too traumatic to forget but sometimes too awful to recall. Either we unite against opioid addiction, or we allow our divisions to destroy us. Either we encourage patients to get treatment abroad, or we stop demanding that insurers pay for treatment whose efficacy is questionable and whose rate of failure is so high as to be unquestionable. We must choose what is just, in lieu of what is popular or convenient. See also: Is There an Answer to Opioid Crisis?   That standard should determine not only treatment for opioid addiction but how insurers treat all matters of health and wellness. With truth as our guide, we can stop the advance of opioid addiction. With insurers on our side, we can win this war.

In today’s insurance marketplace, the benefits of technology cannot be overstated; however, the dark side of technology—namely ransomware attacks—is now infiltrating self-insured municipalities. Ransomware attacks occur when criminals find a way into the organization, encrypt as much data as possible and then extort money from you to get your own data back. If the ransom is not paid, the criminals may delete your data altogether. There have been more than 170 ransomware attacks on U.S. state and local governments since November 2013, notes the technology security company Recorded Future. The costs to remedy these attacks are growing, and the belief that “it won’t happen to us” needs to be discarded. In March 2018, the city of Atlanta had more than a third of its systems paralyzed by a ransomware attack. Recovery took more than a year, with costs estimated at $17 million. Baltimore, after refusing to pay an $80,000 ransom at the advice of law enforcement, recently approved $10 million in emergency funding to recover from a similar attack that immobilized some of the city’s systems, and services such as water billing are still offline, according to reports. Smaller cities, such as Lake City, FL, are also not immune: Recently, city administrators paid hackers a ransom of 42 bitcoins, or roughly $426,000. See also: The Growing Problem of Ransomware   Self-insured groups and public entities such as municipalities are among groups that particularly vulnerable, because they:

• Operate within a significant regulatory environment;
• Have data that others could steal and monetize (personally identifiable information such as Social Security numbers, HIPAA-related information and credit card numbers;
• Have data that is critical and necessary to conduct business.

For captive insurers, property and casualty and workers’ comp carriers, lapses in cybersecurity can even affect mergers and acquisitions. According to security firm Forescout Technologies Inc., 53% of more than 2,700 global businesses surveyed report a critical cybersecurity issue putting an M&A deal in jeopardy. “Unfortunately, it happens again and again to municipal systems that don’t have all the latest software, the latest protections or the highest-paid IT staffs,” Lee McKnight, an associate professor at Syracuse University’s School of Information Studies and an expert on cybersecurity, told USA Today. I believe McKnight’s comment minimizes the essence of how self-insured groups and public entities such as municipalities actually work, because it’s not all about the latest software or highest-paid IT staffers. And protecting your organization from a ransomware attack does not necessarily require expensive next-generation firewalls, intrusion prevention systems or “security as a service” systems. What it does require is common-sense due diligence, a clear line of responsibility for technology systems, a plan that holds all partners and vendors to the same security requirements, a secure cloud platform and, should the worst possible case occur, an incident response system. Even with those elements in place, it’s still important to assess your actual risk against a ransomware attack. Actual risk includes more than just data housed on a server; it includes reputational/brand risk and the impact of losing trust from partners/vendors and members/customers as a result of an attack. To assess your relative risk to a ransomware attack, consider your organization’s size, the number of cities and counties with which you do business and the cybersecurity measures your currently employ. Assess your own risk tolerance—the potential damage to your organization that hackers could inflict… and assess the cybersecurity countermeasures you currently have in place. When viewing your organization’s vulnerabilities in this way, it becomes clear that inaction is no longer an adequate response. See also: Ransomware Threat Growing for Phones   By creating a culture of alert self-monitoring, a plan that makes employee safety training and security safeguards a priority and a strategy that involves all stakeholders, including technology solution providers, you diminish your chances of being vulnerable to a ransomware attack.

We are all aware of numerous, infamous attempts to defraud galleries with forged paintings. We attend conferences and pay attention to this sort of a story because it is remarkable to think that anyone could trust, and breach trust, to that magnitude. Sadly, it happens every day. Every day, there is a crate of an artwork that is sold and not reviewed for condition first. Every day, there is reliance on condition of an artwork by review of the crate alone. Every day, there is a consignment that takes place without written confirmation and transparency. This is the nature of the beast. See also: The Globalization of Risk Management   If you have provided insurance services to the art community for a long enough time, you will receive what is loosely referred to as a “Friday phone call.” These are the time-pressured, high-valued, too-good-to-be-true risks that absolutely, positively have to be placed by the end of the week. This is a more practical example of something that an insurance broker should be aware of as something that can affect their day-to-day life. For example, who could forget the Caravaggio in the crate that could not move until it was insured? Or the ever popular Michelangelo that came with tons of gold star stickers on the non-USPAP-compliant appraisal. With every incoming risk, regardless of demanding time constraints, there is the need to review provided information and follow a process. It is important for brokers to take their time to examine the integrity of the information to uncover anything suspect in the submission. Some guidelines to consider when it comes to risk and art fraud related to fine art insurance submissions, include:

• Respond logically and practically in an unemotional manner to “pressure placements”
• Require proof that the artwork exists
• Require proof that the artwork is authentic
• Require proof of the value of the artwork from a credible source
• Follow required compliance rules related to disclosure of the named insured
• Review the credentials of the experts involved in the process as well as the credibility of the parties insured

See also: Natural Disasters and Risk Management   Do not be dazzled or blinded by the majesty of the incoming opportunity. Our role as professionals is to pre-qualify risks for the underwriting insurance company partners with which we work. Our role as brokers is to represent the interests of an insured, and the careful selection of those parties is integral to the success of your firm. This article is provided for general informational purposes only and is not intended to provide individualized business, risk management or legal advice

In January 1993, I began preaching the Gospel of Change – its management and architecture. One of my first presentations was to a very successful community bank’s senior management team. I said, “Today, General Motors, Sears and IBM are kings of their respective jungles. I believe in my lifetime (I was 46 at the time) one of these companies will go bankrupt!” The audience rolled their collective eyes! In 16 years, I was vindicated. GM filed for Chapter 11 reorganization in the Manhattan New York federal bankruptcy court on June 1, 2009. The filing reported $82.29 billion in assets and $172.81 billion in debt. Then, Sears filed for Chapter 11 bankruptcy protection on Oct. 15, 2018, with $6.9 billion of assets and $11.3 billion of debts, after a decade-plus as a train wreck in slow motion. See also: How to Earn Consumers’ Trust   Today, I’m not going to scare you into change – I’ll merely shine a spot light on the changes that are already occurring in the world and you decide if these innovations are friends or foes. Don’t ask what threats these changes mean for you. Ask instead what these changes mean to the marketplace – to each of us as consumers. The consumer is king, and now consumers shop in a global marketplace – when, where and how they want. Below are five transformational changes that are affecting the world for your clients and you--and a word of hope. Generational Change: Many of us grew up in a "Father Knows Best" world. Today, the universe is more similar to a “Modern Family.” Look at the demographics. The youngest members of the Greatest or Silent generation are nearing 75. The youngest members of the Baby Boomers are in their mid-50s. The youngest Gen Xers are in their mid-30s. And the youngest millennials are already 15. As Paul Harvey said often, “We’re not one world.” He was so right. In terms of marketing reality – One size does not fit all. Big Data and Artificial Intelligence: Yesterday, I opened an e-mail offering me a “deal” on a new Toyota. Within an hour, I had received similar e-mails from most other brands that I might be interested in. Big Brother (or Big Sister) is watching everything we do. Now, sophisticated sellers can anticipate your needs and be first to market with a solution for each need. Can you do this? Global Marketplace/Virtual Marketplace: As a consumer, you can buy anything you want, wherever you want. As a seller, your competitors are not down the street – they are everywhere. Language/Diversity: Robert Young as Jim Anderson in "Father Knows Best" was an insurance agent and also an OWGIC (Old White Guy in Charge). Today, ours is a much more diverse and multilingual world. Everyone can be in charge of their own world. Do you speak enough languages to serve this marketplace? Who is/will be your marketplace (Hispanic, Laotian, Muslim, etc.)? Remember that many "youn-'uns" communicate very differently. If you don’t believe me, call a teen and see she answers. Text, and she will. Innovation of Products/Services/Competitors: What, where and how you sell has no meaning. What, where and how people buy is all that matters. Remember social media, robotic surgery, driverless cars, Amazon, Expedia, Uber, Google, AirBnB: Innovations change options and in some cases bankrupt organizations and industries that are fat, dumb and happy. See also: Why More Don’t Go Direct-to-Consumer   Your Hope/Opportunity: John Naisbitt developed the concept of high tech, high touch in his 1982 bestseller "Megatrends." He theorized that, in a world of technology, people long for personal, human contact. He was so right. Become client-defined and client-driven. Develop client intimacy. Be engaged with the people and markets you serve. Don’t sell them; facilitate their buying. Be a concierge, a friend, a shoulder to cry on and voice of encouragement. Build intimacy - be a professional, expert, trusted resource.

This is the fourth article in a four-part series. You can find the first part of this series here, the second here and the third here.  I've worked in the insurance industry for more than 35 years, and I’ve never been more energized about the possibilities before us than right now. Working in both personal and commercial lines, including excess property, I’ve seen how technology has enabled the practices of exposure management, underwriting and claims to evolve from manual processes and “pins on a map” to complex, computer-driven workflows that enhance an insurer’s ability to provide superior products and services to their customers. At SpatialKey, we’ve been working diligently with several of our insurance clients to develop an automated event response solution that addresses key challenges:

1. Meeting growing customer demands in a highly competitive insurance landscape.
2. Driving cost-savings and increased profitability through more efficient event response and claims processes.
3. Anticipating and preparing for more frequent and extreme peril events, particularly in parts of the U.S. that are more susceptible to climate change.

Some of the event response challenges I’ve heard directly from insurers, brokers and MGAs include:

• “I need to know what happened when I was sleeping, traveling or working on something else—without having to jump through hoops to find out.”
• “We’re dealing with time-sensitive situations, but the manual nature of exposure data collection, event monitoring, as well as data research and procurement, delays our ability to respond to events expeditiously.”
• “I need a solution that not only focuses on events that I need to be concerned about but also allows me to filter out the noise from events that I don’t care about.”

These comments point to the pressing challenges insurers face during catastrophes—specifically around speed, efficiency, accuracy and how an automated solution can help to solve them. See also: Moving Toward Prevention, With IoT   Insurers are in a squeeze play to find places where they can drive operational efficiency and reduce expenses. Event response and claims automation is a great place to start. It doesn’t require large financial commitments or heavy investments in time and IT resources, and, better yet, the impact is immediate. I know first-hand that event response automation is on the “transformation radar” for many of the organizations I work with. They simply have to make it a priority to automate pieces of the event response process to meet growing business and customer demands. So, the question isn’t whether you should automate your event response operations. But rather...What are the key requirements of an automated solution? And, can a solution meet my specific business needs by delivering on criteria that will set my team up for success? 7 key questions an automated event response solution should answer for you, include:

1. What are my current exposures? You can’t have an accurate understanding of an event’s impact without the most recent exposure data. A data import API ensures your data is updated regularly, and that you’ll always have a current snapshot of exposures to work from.
2. What expert data is available? Streamlined and centralized access to trusted third-party hazard data as it becomes available is imperative. You shouldn’t have to procure and process expert data yourself. Likewise, you should be readily informed of new data sources as they become available.
3. What happened? You should be the first-to-know about an event and its impact to your portfolio—so, when management looks to you for answers, you can be confident in your preliminary assessment. To achieve this, you need an automated system pushing you results so you don’t have to pull reports and analytics yourself. By clicking a single link in an email, you should be informed of the geography and severity of an event. This means analyses are executed automatically based on your latest exposure, as well as your predetermined financial and peril-specific thresholds.
4. Do I need to care? Relevance is a critical asset because it prevents information overload during a time-sensitive process like event response. A custom approach to event notifications enables you to operationalize peril and exposure specific thresholds based on your company’s exposure knowledge and claims experience (e.g. $10 million in limit affected by hail that is two inches or greater). This filters out the noise by enabling you to define what’s important and then act expediently.
5. What’s my financial impact? Instead of scrambling to manually pull information together for stakeholders, a pre-packaged report should be automatically generated for you. The ability to quickly assess financial impact, provide input on capital expectations and manage stakeholder expectations are all critical to your company’s preparedness and requires a financial modeling engine that delivers results that matter most.
6. Where do I need to focus my outreach and service to affected insureds? To differentiate your business, customer outreach is imperative. By quickly pinpointing exact locations and accounts affected, you can serve your insureds—whether that means picking up the phone or putting boots on the ground. An event response solution should provide you with actionable information along with advanced analytics that enable you to further plan and communicate your strategic claims response.
7. How can I dive deeper into the event? Because automation has saved you so much time answering the last six questions, now you can dig even deeper into the event. This requires an advanced analytics solution like SpatialKey that enables you to ask more questions of your data, analyze the event progression, pull in claims history and rate/premium information and average annual losses, etc.

You can think of the seven questions I’ve answered here as requirements for success in the new competitive landscape of P&C. Insurance organizations are facing greater scrutiny as catastrophic events become increasingly volatile. As such, how effectively you prepare for and respond to these events can either be an asset to your business or a detriment. It’s time to move from “react and respond” to “prepare and serve” A company’s ability to follow through on its commitments and service is a competitive differentiator. If your event response processes run more smoothly—if they're built for performance—this translates to a more satisfactory customer experience. As one of my clients recently noted, “We’re not the cheapest coverage out there. So when it comes to shopping for insurance at renewal time, our service is what makes the decision to renew a no-brainer.” See also: Natural Disasters and Risk Management A solution like SpatialKey can modernize your event response operations without disruption or heavy investment, creating both operational efficiency and customer satisfaction. By moving from "react and respond" to "prepare and serve," you are modernizing your processes to meet the growing demands and expectations of your customers and shareholders. Technology will always be a moving target, and you may feel like you’ll never get ahead of the curve. But when you're pursuing transformation initiatives, it's important to consider your total investment. Automating your data and analytic operations shouldn't require major service disruptions or heavy hardware spending.

“The workplace is the last crucible of sustained human contact for many of the 30,000 people who kill themselves each year in the United States. A co-worker’s suicide has a deep, disturbing impact on work mates. For managers, such tragedies pose challenges no one covered in management school.”  ~Sue Shellenbarger (2001), Impact of Colleague’s Suicide Is Strongly Felt in Workplace, Wall Street Journal Overview The majority of people who die by suicide are of working age, and almost all of them are employed, previously employed or a family member of someone employed at the time of death; however, workplaces are often ill-equipped to provide grief and trauma support after such a tragedy. Many workplaces, if they provide grief support at all, do not usually take into account the complexities or duration often needed to cope in the aftermath of suicide. “Postvention” is psychological first aid after a suicide crisis. In the workplace, like many other systems in communities, this response is about both providing hope and community and mitigating the impact of suicide grief and trauma. For this article, 13 people were interviewed about how their employers handled their suicide loss experiences. Here is a case study to demonstrate what happens when postvention is inadequate. Case Study Going through the motions - when suicide postvention is superficial   A federal agency of almost 1,000 people experienced a suicide of a high-level, well-liked, well-known and visible leader. Close to the time of his death, he was seen escorted out of the building among gossip of scandal and failed management. In the absence of information from the executive staff, speculation about contributing factors ensued, and rumors ran rampant. Employees looked to senior management to provide direction during the crisis; the leaders appeared guarded and unwilling to talk about the fact that it was a suicide. In the days that followed, the response seemed like “giving lip service” to the confused and grieving employees. As one said, “We went through the motions but didn’t do the work. People didn’t want to face the fact that a suicide could happen. Shame prevented us from talking about it at all.” The organization attempted to move back to business-as-usual quickly. No plan was created on how to manage roles the deceased person played; the vacuum created led to more speculation, distrust, anger and a lack of closure.  Trauma and Grief after Suicide at Work Given that the majority of people who die by suicide are working-age adults, most of whom are employed, hundreds of thousands of workplaces around the globe are affected by the suicide death of an employee each year (World Health Organization, 2014; Lytle, 2015; Milner et al, 2014; Paul & Spencer-Thomas, 2012; Spencer-Thomas, 2012). Furthermore, knowing that job loss can be a contributing factor, suicide deaths of recently terminated employees can still have a profound effect on their previous places of employment (Milner et al, 2014; Spencer-Thomas, 2014). When leaders within an organization take their lives, the chaos and trauma resulting from this loss can be immense (Spencer-Thomas, 2011). In addition, suicide deaths of family members of employees, vendors, clients and associates all can take a toll on employees; the number of workplaces affected is very high. Suicide grief support in the workplace often involves two scenarios: suicide of a work colleague or a suicide death outside the work environment.   Unfortunately, most workplaces do not anticipate needing to respond to suicide. Many find themselves reacting in crisis mode, often making decisions that do more harm than good. Models and protocols of how to understand grief, trauma and the impact of exposure to suicide are integral to understanding the way workplaces respond to suicide death. This article creates a framework for understanding and providing effective suicide postvention, provides insight into the way that grief and loss affect workplaces and offers concrete strategies for an effective postvention response at work. [For a full chapter on this topic, please read Spencer-Thomas, S. & Stohlmann-Rainey, J. (2017). Workplaces and the aftermath of suicide. In Andriessen, K., Krysinska, K. & Grad, O. (Eds). Postvention in Action. Hogrefe: Boston, MA.] See also: 15 Top Apps for Mental Health   Trauma reactions and grief are often at odds with each other. According to the American Psychological Association, “trauma is an emotional response to a terrible event…. Immediately after the event, shock and denial are typical. Longer-term reactions include unpredictable emotions, flashbacks, strained relationships and even physical symptoms like headaches or nausea.” (APA, n.d.). On one hand, the trauma can often result in survivors of loss constantly replaying the events surrounding the suicide in their minds. That is, survivors of suicide loss can’t stop thinking about the death scene (even when they are dreaming), and disturbing images may flash before the mind’s eye when they least expect it. The horror can be overwhelming, and the natural impulse is to stay away from anything that reminds them of the trauma. Sometimes, survivors of suicide loss develop post-traumatic stress disorder (PTSD) in the aftermath of a violent or unexpected death (Young, et al, 2012).   By contrast, the grief journey for survivors of suicide loss is often a “moving toward” experience. As they come to accept the reality of the loss, the tendency is to move toward things that remind them of the deceased, holding close memories, places and mementos that help preserve and honor the life lived. Thus, for coworkers left behind there is often simultaneously a desire to mourn and openly embrace the memory of the deceased and a desire to suppress the thoughts about the deceased because they are too disturbing, such as the often horrifying notion that someone they cared about died in isolation and despair, often in a violent manner. Organizations are often ill-equipped and ill-informed to handle grieving employees; this is particularly true for the suicide-bereaved, who experience the double silencing of workplaces ill-equipped to cope with grieving employees and stigma related to the type of loss.  One of the people interviewed for this article was a mother whose son died by suicide the day after he was discharged from his military service. She shared, “I had only been at my present position for 90 days, my probation period. I was given some money, they had collected. Other than that, nothing. I was hurting very much. When the holidays came, I put a candy cane and a note asking for prayers in everyone's mailbox. Nothing. No words, no notes, no nothing. One day I was walking down some steps, and I just wanted to let go of the railing [and fall to my death]. I talked to my supervisor and asked if I could just come in a little later on the Saturday mornings. I said I would stay late and be the last one to leave. She said to me, ‘I thought you were already over that.’ I wanted to ask her which one of her three sons she would ‘be over’ in less than two years.” Sometimes, bereaved employees believe they can return to their previous level of functioning at work and do not want to take time off because work provides structure, social support and a sense of purpose. Thoughtful employers help their grieving staff members find creative ways to balance these competing demands. One interviewee who was a teacher at the time of her teenage daughter’s suicide shared, “The principal called me into his office [the day after the suicide]. The two assistant principals glared at me as I walked in. The principal told me that they did not want me to come to school the next day or when school began. I was very insulted. I argued and told them that I had shown up every day, I had done my job and I needed to be in the classroom for the children. They just listened stone-faced. Finally, one of the assistance principals told me that no one could bear to look at me because the pain in my face and eyes was so terrible. That shocked me. I had no idea that my grief showed. (I guess I had not really looked in the mirror). So then I gave in, and I told them I would stay home for one week. They assured me they would get a professional retired teacher for my class and to stay home as long as I needed. I assured them I would be back in one week. I left school then and drove home very upset. After I got home, though, I suddenly felt a great relief, and I ended up staying home for seven weeks. It turned out that they knew best after all. After I returned to work, there were days I could not make it, so I called in sick. They never complained about me staying home too much. There were a few times I'd look at a little girl in class who reminded me of [my daughter], and I'd break down. If I sent word to the office, they immediately sent a substitute teacher down so I could go home.”  Another interviewee shared how his son’s suicide affected his work performance, “I returned to work one week after [my son’s suicide]. I was under the illusion that I could suppress my pain and go on with my life as if nothing happened. The day I was placed on involuntary leave, I was facilitating a class of about 100 people. Someone interrupted me with an off-topic question. Rather than gently deflect and move on, I went into an uncontrollable rage, comparing that person’s inane question to my pain over my son’s suicide. I was replaced in the classroom immediately. When I went to the corporate offices, they acknowledged my loss; however I was told to take a month off and see if I could return to full performance. Oddly, now that I've ‘cleaned up my act,’ there is a bit of empathy from management.” Because grieving will happen in the workplace, it is important that the culture in the workplace is supportive of reintegrating bereaved people with compassion and flexibility. In the case of an employee who is bereaved by suicide, all of the same recommendations apply. One of the major pitfalls in organizations is to treat an employee bereaved by suicide differently from other bereaved employees. For example, when an employee dies from cancer, a workplace’s common practice may be to circulate a sympathy card and attend the memorial service, but, when someone dies by suicide, the grief support is often neglected. Consequently, the person bereaved by suicide who would likely need additional support coping with grief, trauma, guilt and shame that may accompany this taboo form of loss will actually get less support. NAMI New Hampshire (2006), a U.S. leader in suicide postvention indicates that although suicide postvention includes principles of critical incident response and stress debriefing, it has a larger scope with a narrower focus. While critical incident response and critical incident stress debriefing is designed to support workplaces in managing the crisis phase of a workplace incident, suicide postvention is a long-term strategy that addresses the needs of the workplace as a system. Elaine DeMello of NAMI New Hampshire shared (personal communication August 15, 2015) after responding to many workplace postvention cases, “[Because of the intensity, complexity and duration of the grief and trauma reactions] loss survivors are at risk for losing job; what helps is an advocate or conduit who can pave the way for the person to come back to work.” Tensions in Postvention in the Workplace The goals of suicide postvention in the workplace is really not that different than other crisis responses (Carson J Spencer Foundation et al, 2013), i.e., to support people through the trauma and help restore functioning to a disrupted system (Suicide Prevention Resource Center, 2010). The process is about managing the inherent balance of needs and safety components that can sometimes be at odd with one another. On one hand, workplaces acknowledge something really significant happened, while on the other hand leaders are pressured to get back to business as usual. On one hand, grieving employees need to share stories to grieve and honor a life that was lived, while on the other hand workplaces practice safe messaging seek to minimize glorification of the deceased and the divulgence of too many details about the death. On one hand, employees need information that is quick and accurate, while, on the other hand, privacy and investigation concerns can slow the process. A complicating issue for workplace suicide postvention is that getting fired, laid off, humiliated or disciplined at work can be a precipitating event for some suicidal employees. When this occurs, residual bitterness, anger and mistrust for leadership can have a profound effect on the intensity and duration of the employee’s response.  One interviewee shared this story, “My husband, an employee for 18 years, and supervisor for the last 15, was let go from his position the day before he died by suicide. While this was the third suicide with the company, there was no crisis plan in place. Employees were notified when his death was posted on the lunchroom TV. Management chose not to attend the visitations or funeral to ‘keep the peace,’ but quite frankly I would have preferred to see them there. There was a lot of hostility because he was let go from his position as a supervisor, and, when word of his death got out, there was more hostility from the people who worked with him in the plant. Management let the dust settle over time with no comments.” Few workplaces plan for a suicide by having access to a postvention guide like the Manager’s Guide to Suicide Postvention, because too often the daunting nature of suicide throws people into reactive or avoidance mode. As a first step, managers benefit from reflecting on the question, “What do you usually do when there has been a trauma or death in this workplace?” Usually, there are already cultural norms and policies in place to address grief and trauma, and any deviation from this cultural standard is likely to cause confusion and additional hardship. Case Study When an Employee Loses a Family Member to Suicide "I am a pharmacist at a grocery store and had been there eight years when my teenage son died by suicide. I knew all my customers by name, and many of them knew my son. When word reached the store, my store manager called everyone together to break the news. With tears streaming down his face, he explained that my son was dead. Work was suspended, people were allowed to go home or take the time they needed to pull themselves together. For a grocery store, this is huge, as we are all about customer service in a community where the competition is fierce. By the afternoon, I had cards, a gift basket and messages from so many of my workplace family. Many of the staff were able to take the day off to attend my son’s memorial, and the store was generous in their contributions. Since my return to work, I have been given free rein to cry when I need to, hug when I need to and talk with others when I need to. My store management and fellow staff continue to be a source of support and comfort. The Suicide Postvention Process Postvention is psychological first aid, crisis intervention and other support offered after a suicide to affected individuals or the workplace as a whole to alleviate possible negative effects of the event (Smith, Romero, & Cimini, 2010). In the center of the response are often managers who are guiding bereavement support, trauma reactions and a transition back to work. Effective managers in these circumstances communicate empathy and respect and offer permission for people to take care of themselves. They offer a range of support options and know not everyone will need the same types of resources in the same timeframe. Many managers find themselves in the middle of complex and competing factors. Just like other employees, leaders are often affected by the tragic loss and in need of support, but sometimes become targets of anger and blame by other employees. Leaders may feel overwhelmed and immobilized by the shock, and yet they are charged with returning the workplace to health and productivity.  “A Manager’s Guide to Suicide Postvention in the Workplace: 10 Action Steps for Dealing with the Aftermath of Suicide” organizes recommendations to guide employers in the immediate aftermath of a suicide death, in the short-term, and in the long-term, sometimes over months and years. The duration of these recommendations was intentional because, in many workplaces, immediate needs may be considered, but, often within just a couple of weeks, bereavement support drops off. For example, one of the interviewees for this article reported, “… there was no ‘return to work plan’ that I know of…The employee assistance program I found worthless. I contacted them one evening very stressed and received a lukewarm response. There has been no follow-up contact from them at all to see how, or if, I am managing.” Immediate: Acute phase

• Coordinate: Having the right point person coordinating the efforts around suicide postvention. This person should be decisive and compassionate, knowledgeable about crisis response and suicide grief and able to juggle many high-stress demands at once.
• Notify: Communication after a suicide is difficult. On one hand, those left behind have a strong desire for facts, so quick and accurate communication regarding, “here is what we know, here is what we don’t know and here is what is going to happen moving forward,” can do much to quell anxiety and damaging speculation. On the other hand, workplaces must be mindful to protect and respect the privacy rights of the deceased employee and the loved ones during death notification.
• Communicate: As communication regarding the suicide is disseminated, spokespeople should be mindful of the safe and effective messaging guidelines (National Action Alliance for Suicide Prevention, n.d.) to reduce the risk that people who are already vulnerable to suicide might become more at risk for suicide contagion.
• Support: In the immediate aftermath, most people do not benefit from counseling in its traditional format. Instead, what is often needed more is practical assistance. Many grieving families can benefit from the practical support of transportation, food and everyday life tasks.

Short-term: Recovery phase

• Link: After the initial intensity of the crisis has passed, a smaller group of affected individuals usually surfaces. Workplace managers need strategies to identify and link these employees to additional support resources and refer those most affected to professional mental health services.
• Comfort: Usually, what most people need during the short-term phase of suicide postvention is support, comfort and an environment that promotes healthy grieving. This can be done within the workplace through professionally facilitated debriefing sessions, or managers can find community resources for employees in the form of suicide grief counselors or suicide loss peer support groups.
• Restore: While providing support, managers also must restore equilibrium and optimal functioning in the workplace. Returning to the familiar schedule can be healing for some, but the timing needs to be sensitive to individuals who may not have the capacity to perform their jobs at the levels they did before the tragedy.
• Lead: Leadership messaging is critical during both the immediate and short-term phases of suicide postvention at work. Effective leaders build and sustain trust and confidence in organizational leadership by acknowledging the impact of suicide – on the company, and on them personally, by offering compassion to employees and by helping the team move from an immobilization state to a state that returns to or even supersedes previous levels of functioning. Effective leaders are “visible, vocal and visionary” during this time and are able to successfully pull people together to draw upon the collective resilience of the work team culture (Spencer-Thomas, 2014).

Workplace postvention practices should also take into account the fact that leaders need support, too. One interviewee who worked at a large school where there were multiple suicide losses reported, “The top leadership went from being ‘Principal of the Year’ to not coming to work because of trauma and depressed [after the cluster of suicides]. She was not able to get out of bed and go to work. Our crisis team leader couldn’t quit crying and was told, ‘If you can’t get yourself together, we’re going to have to reassign you.’” See also: Top 10 Ways to Nurture Mental Health   Longer-term: Reconstructing phase

• Honor: With many deaths, the honoring rituals that usually happen at the funeral or memorial service help provide structure as people mourn. For suicide, this intense period of grief and trauma is often protracted (Jordan & McIntosh, 2010), and workplaces are advised to prepare for anniversary reactions and other milestone dates. For example, milestone dates might include when a work team completes a major project in which the deceased played a role. Again, this level of response may be just for a handful of employees most affected, but managers are better off preparing for these days than reacting without a plan. Honoring practices for suicide loss are best if they are integrated into the company’s overall grief practices. One interviewee shared how this experience was successful in bringing together family members and employees most affected by a suicide death of a long-term employee: “While she was working for this company, she had started a plant exchange. On her birthday they dedicated a memorial garden and built a beautiful deck for all employees who had died. Her plaque added to others who had died at this company. The family was invited, and together with the employees they shared memories and the importance of workplace friendships at the dedication service. The project gave employees a sense that they could do something. The process helped turn a negative into a positive event. Now, every year the workplace conducts a butterfly release in September. The company president says a few words for people (employees and family members) who we have lost. New butterfly bushes are planted to attract new butterflies in honor of those who have died.” A large mental health provider in Canada reported on an annual “Celebration of Life” ritual to honor the grief process of clinicians whose clients had died – from all causes -- over the previous year, “We celebrate the life that was lived and the work we provided to help them. We walk along individuals in their journey, practice rituals of remembrance, sing inspirational songs and pray together.”
• Sustain:  Finally, managers are charged with providing guidance in moving the workforce from a postvention state to suicide prevention. Sometimes, in an acute grief reaction, employees might want to put together an awareness event or start a suicide prevention training. Thoughtful managers navigate this need to “do something” with encouragement to create space to move through the oscillating experiences of grief. When an appropriate time has past, and the workforce is less reactive and more reflective, managers can help them build a comprehensive and sustained strategy to make suicide prevention a health and safety priority.

Case Study When Postvention in the Workplace Works In contrast to the opening story of a leadership response of “shutting down,” in the aftermath of a leader’s suicide, the following story of an insurance company of over 50,000 employees demonstrated a far more compassionate response.  Like in the opening example, the suicide death was of a senior-level manager – a man running a 500-700-person division of company. In the weeks leading up to his death, he became distraught and reclusive. “Leaders didn’t say much, but they lived every word,” one employee said. “Their response was value-driven, not just checking a box.” Immediately after the death, executives pulled together all of the managers and briefed them on concrete information about what happened and said that the first priority in the aftermath was to insure the health of all staff. They then assigned Employee Assistance Program staff to specific managers to support all managers and make sure they had what they needed to follow up to provide resources to the employees. The leaders communicated through a press release that was straightforward and honoring of the man who died, using words like “long and distinguished career” and “provided excellent service to customers.” “They didn’t glorify suicide, but they didn’t diminish person,” one employee recalled. “This organization was a family, and we became closer through this experience. It was a teachable moment on how we support one another.” Conclusion Workplaces are often not well-prepared to respond with a compassionate, long-term strategy of grief and trauma support to employees and surviving family members in the aftermath of a suicide affecting the workforce. New practices and policies are needed to give employers a better plan so the survivors of loss can better manage the oscillating grief and restoration processes that are frequently disruptive to work performance demands and overall health.

The insurance industry has been "Amazoned," as customers increasingly demand the sort of easy interaction that the company provides. But the initial pressure is just a taste of what is to come, as the industry goes through the sort of "disaggregation" that Amazon has forced on the world of retailing. The change will alter the basis for competition for many companies and, thus, the skills that will be needed to thrive.

Just look at Sears, J.C. Penney or any number of other retailers to see the dangers that can arise for incumbents when digital technology breaks an industry down into its basic components and allows the nimblest to reassemble the parts in more efficient or appealing ways. Amazon used technology to separate the testing and buying parts of shopping. Instead of going into a store, finding something you like and buying it there, you can complete the purchase at the best price you find on your smartphone. Amazon also pulled the warehousing function out of stores' back rooms and centralized it. Less capable retailers couldn't withstand the loss of sales and of the warehousing piece of their business model.

There are, of course, opportunities, too. Best Buy's Geek Squad managed to take a service function previously fulfilled by the manufacturers or by separate businesses and incorporate that capability into store/showrooms. Allstate, through its purchase of SquareTrade, is stripping warranty business away from manufacturers and retailers. Tesla's use of centralized showrooms is duplicating Amazon's move on warehousing and could take away a major function of car dealerships, while eliminating the cost of financing billions of dollars of cars sitting on lots.

In insurance, you can see the disaggregation coming based on where the innovators are placing their bets—McKinsey reports that, despite early expectations of some sort of killer app, only about 10% of insurtechs are trying to disrupt the industry business model, while two-thirds are working to perfect some piece of the value chain.  

Snapsheet tackles the claims process. Pypestream provides customer engagement. Carpe Data and Groundspeed go after big issues in data and analytics. Platforms like Bolt let customers pick and choose products from an array of insurers, so they can search for the best of breed in each line and not be limited once they choose a principal insurer. RiskGenius makes it easy to take the policy review process for customers and their agents down to comparisons of individual clauses, so they can find the best coverage and build the policies they want.

As this specialization continues, the generalists will have trouble keeping up. Sure, the biggest incumbents will have the resources to compete, at least for a while, but how many companies will be able to match, say, the claims process designed by an insurtech with tens of millions of dollars of backing and access to the kind of programming talent that gravitates to software startups? 

Increasingly, the build vs. buy decision will go away and be replaced by a need to partner with insurtechs that have optimized parts of the insurance process. The switch to partnerships may force major changes to IT systems, so they can work with others' software and not function just as a closed system, based only on what's done in-house. The change will also require a workforce able to get past the not-invented-here bias at many incumbents and to collaborate with partners. 

Leadership will be required. What CIO got promoted by saying, "Nope, I don't think my people can build what you want, at least not as well as that insurtech"? The CEO will likely need to intervene to make sure decisions are made based on fact, not emotion. 

The good news is that, once a company adapts to disaggregation, it can reassemble the pieces of the industry in new and creative ways. Look at Best Buy, which some had on a death watch because of the "showrooming" phenomenon but has reinvented itself in the new world of retailing. Or look at Amazon itself: It began by just selling books but honed its business model and is now eating every market in sight.

Cheers,

Paul Carroll
Editor-in-Chief

Insurers can leverage chatbots to improve a number of customer journeys, including operational processes such as claims first notification of loss, and processes related to the purchasing of insurance products, such as quote and buy. This article covers recommendations related to the latter, specifically focusing on best practices in integrating chatbots with insurance policy-handling applications. Two initial considerations may be relevant. First, will the chatbot journey be a sub-journey within a channel, or a net new channel? Sub-journey within a channel: If the entrance point to the chatbot conversation is contained within the insurance platform’s front end, existing for example as a button on a web page, then the chatbot solution may not attract extra traffic and will effectively be a sub-journey contained within an existing channel. Net new channel: If the entrance point to the chatbot conversation is outside of an existing channel, for example via Facebook, then the chatbot may generate new traffic, potentially adding significant value. Second, will the chatbot journey replicate an existing journey, or will it be a net new journey? Replicate an existing journey: The chatbot asks the same questions in the same order as they are asked in the journey being replicated. For example, if the journey being replicated is quote, then the chatbot asks the same questions as the quote web journey in the same order. Net new journey: The chatbot asks questions different from those asked in other journeys, or asks the same questions in a different order. For example, a quote-and-buy chatbot may be built to ask different questions or use a different tone of voice depending on responses input by the customer, such as age or location. This provides a customer experience that is truly different from that of other channels, potentially engaging different audiences. Beyond the initial considerations, it is important to analyze in depth the architecture of the platform into which the chatbot solution is to be integrated. Key areas to cover:

• Insurance policy-handling application: What data does the policy system expect at the end of the chatbot journey? For example, if the chatbot replicates a quote journey, what data does the policy system require from the chatbot to convert the quote into a policy?
• Integration layer: Is the existing integration solution fit for purpose, or should a new solution be defined addressing how to pass data between the chatbot, the policy-handling application and any relevant near and downstream applications?
• Management information (MI) solution: Does the policy handling platform have an MI solution, and is it feasible to use that MI solution to gather data relevant to the chatbot conversation? For example, a platform may have an MI solution, but a decision may be made to use the analytics produced off the back of the chatbot to gain a more granular view of the conversation.
• Billing application: Are there integrations between the core policy system and the core billing system that could affect the chatbot solution? For example, if the chatbot conversation collects data that needs to land in the billing system, the format in which the data is collected must comply with the billing data model.
• Near-stream/downstream applications: Are there applications that consume data from the core policy system that could affect the chatbot implementation? For example, there may be a documentation system that the chatbot needs to integrate into.

See also: Chatbots and the Future of Insurance   After the architectural issues, consider the overall response times of the chatbot, which have a significant impact on the user experience. Key points:

• One question at a time – the implications: Whereas in web journeys customers can see a number of questions at the same time, and as such have something to read and engage with if the response to their inputs is slow, with a chatbot questions are presented one at a time. The outcome is that when a customer is engaging with a chatbot, and the chatbot response is delayed, the customer can do nothing but wait, which may lead to a poor customer experience.
• Minimizing chatbot response times: An approach to minimizing response times is to build a skeleton proof of concept (POC), then test response times using the POC. A second approach is to perform performance profiling, where speculative analysis is done upfront to model how long each transaction will take. For example, knowing that a rating call made from the policy handling application takes circa one second, it can be estimated that the same called made from the chatbot will take circa one second, too. The combination of early modeling and POC should avoid the situation whereby performance issues are baked into the chatbot solution through architectural decisions that are hard to reverse.

Analysis should be done on the look and feel of the chatbot. The two main options are to have the chatbot conversation align with the look and feel of the other customer-facing journeys, or give the chatbot a look and feel distinct from all other journeys. A key disadvantage of the latter approach is that customers, not recognizing the look and feel of the chatbot, may think they landed on the wrong website or, even worse, on a phishing platform. Points that should be considered are:

• Location in journey: If the platform’s front end indicates to users where they are in the journey, for example highlighting that a user has answered nine of the 12 questions required for a quote, does the chatbot do the same?
• Forward and backward navigation: Is it possible to navigate forward and backward in the chatbot conversation? For example, a chatbot conversation could be built so that questions A, B, C can only be asked once and in order, or could be build so that the customer can navigate both from A to B to C and from C to B to A. If the second, then care should be taken to ensure that answering again previously answered questions does not cause issues with near-stream and downstream application.
• Multi-device look and feel: Is the chatbot look and feel consistent across devices? For example, a chatbot that is built to replicate the look and feel of the underlying policy-handling application will need to maintain that consistent look across web, mobile and other customer devices.

Once deployed, a chatbot coupled with a feedback-gathering and -reporting framework can help uncover insights about customer journeys. For example, web forms do not analyze what the user is doing between when the web page is loaded and the click on the submit button, but chatbots do. Chatbots can help uncover:

• Conversion rates per question, allowing local optimization.
• Net Promoter Score (NPS) for the insurance brand delivering the product.

Each optimization derived from the learning may not be significant on its own, but the sum of all optimizations can lead to significant improvements for the overall journey. Furthermore, because, on average, chatbots can be improved once a month, the result is a learning curve with a faster acceleration than traditional web forms. See also: Chatbots and the Future of Interaction   Key Takeaways:

• Defining whether the chatbot conversation will be a new channel and whether it will replicate an existing journey helps in defining the overall chatbot use case.
• It is good practice to analyze in detail the application architecture into which the chatbot is being implemented, focusing in particular on the core insurance policy application, integration layer, MI solution, billing application and near-stream/downstream applications.
• The time it takes for the chatbot to respond to user inputs is particularly important, as chatbot journeys display one question at a time.
• It is helpful to define upfront whether the look and feel of the chatbot conversation will mimic the look and feel of the other customer-facing channels.
• An implemented chatbot can be used to uncover insights about customer journeys, especially with regard to conversion rates and NPS scores.

The California Consumer Privacy Act (CCPA), which becomes law on New Year’s Day, is to this point the most important and influential piece of privacy legislation in the U.S. It’s designed to protect the privacy of consumers, and its effects far exceed the borders of the nation’s largest state—and the country, for that matter—by dictating how organizations around the world are allowed to collect and handle the data of Californians. Specifically, the law will give Californians the right to know what data of theirs is being collected and with whom it is being shared. It also gives them the right to refuse or opt out of any agreement that would allow their data to be collected (with a few exceptions) and to request that their data be deleted in the event that they do so. Beyond those general considerations, the law aims to address demands for stricter regulations for businesses that collect customer information and stronger enforcement practices when those businesses improperly handle sensitive personal data. In this regard, the law is not unique but rather only the beginning of what’s become a nationwide crackdown on data collection and privacy. Nearly 20 states have passed or are in the process of passing comprehensive privacy legislation. Once enacted, these regulations will create a veritable minefield of privacy measures that vary from state to state, and the organizations whose business purposes compel them to trudge through it will need to protect themselves against the possibility of fines and other penalties. As a result, the need for cyberinsurance, specifically as it relates to fines for regulatory noncompliance, has never been higher. Although organizations are exempt from the California law when “assembling or collecting information about natural persons for the primary purpose of providing the information to an insurance institution or agent for insurance transactions”—thanks to Assembly Bill 981, which was passed in May—organizations are still subject to its requirements when the scope and use of personal data exceeds those specific operations. In many cases, the compliance concerns of insurance companies will be solely with that of their policyholders, so it is in the best interest of both parties to ensure steadfast organizational compliance with an emphasis on reducing risk and anticipating future regulations. See also: Blockchain, Privacy and Regulation   Of particular importance to these insurers and their insureds is the controversial concept of private right of action, which allows individuals whose privacy has been violated to bring civil suits against noncompliant parties. Originally, this portion of the California law could have exponentially increased the financial consequences of a breach by subjecting violators to class-action claims of damages from victims, on top of the compliance-related fines levied by the state. It has since been limited to injunctive or declaratory relief, but other developing statutes include language similar to the original bill’s treatment of private right of action. Louisiana, Massachusetts, New York, North Dakota and Rhode Island all are working on bills that include a private right of action, with New York’s being especially expansive and potentially heavy-handed toward violators. In addition to including a private right of action, New York’s proposal has no minimum gross revenue requirement, meaning all companies—regardless of size—will be subject to the law’s rules and penalties. This has led critics to question the feasibility of fairly enforcing what they deem to be overly broad regulations aimed at punishing well-meaning organizations that cannot keep up with the evolving privacy space. In terms of its impact on the insurance industry, the resulting legislative inconsistency will hit the big names the hardest, but it still does no favors for mid-size carriers struggling to keep up with their state or regional laws. In addition to meeting their own compliance obligations, they will have to accurately gauge the risk and potential penalties presented by the difficulty policyholders will have satisfying theirs. Insurers might not have to walk through the minefield, but they will have to clean up the mess inside it once something goes wrong. As we discussed in a previous post, the difficulty insurance companies already experience when attempting to create reliable cyberinsurance policies is inhibiting the industry’s ability to provide much-needed coverage. The private right of action and other uncertain aspects of these laws further complicate the task of accurately estimating and pricing the cost of cyberinsurance coverage by expanding the potential recompense for breach victims. When coupled with the fact that no federal privacy law exists—allowing each state to establish its own set of rules for what constitutes personal data and how it should be protected—offering cyberinsurance can seem like an almost untenable prospect. However, a risk-reducing, compliance-enabling solution exists in the marketplace: tokenization. See also: Mobile Apps and the State of Privacy   Tokenization, such as that offered by the TokenEx Cloud Security Platform, especially excels at reducing risk through its use of pseudonymization and secure data vaults. Pseudonymization, also known as deidentification, is the process of desensitizing data to render it untraceable to its original data subject. It does so by replacing identifying elements of the data with a nonsensitive equivalent, or token, and storing the original data in a cloud-based data vault. This virtually eliminates the risk of theft in the event of a data breach, and, as a result, tokenization is recognized as an appropriate technical mechanism for protecting sensitive data in compliance with the CCPA and other regulatory compliance obligations. Because tokenization satisfies controls concerning the processing of sensitive data, it can prevent losses stemming from fines and other penalties as a result of noncompliance. As new laws emerge and the privacy landscape in the U.S. continues to shift, it is crucial for both insurance companies and their policyholders to prioritize risk minimization. And tokenization is an essential tool for significantly reducing the likelihood of a cyber event, and as a result, a claim.