A strike of 40,000 Verizon employees could be the best thing that has ever happened to the telecom company’s customer experience. That’s not because the managers filling in for the front-line workers are better at serving customers (a company executive acknowledged as much in a recent Washington Post interview). Rather, it’s because these managers are getting a first-hand, unvarnished look at what it’s like to be on the front-line. They’re seeing, with their own eyes, the obstacles that hamper employees’ best efforts to deliver a consistently great customer experience. Verizon managers and professional staff who normally work with spreadsheets, reports and legal briefs are instead donning call center headsets, laying fiber optic cable and installing internet service. And, as the Wall Street Journal recently reported, when these organizational leaders temporarily take on a front-line role, they’re spotting a variety of improvement opportunities. An operations head whose management reports frequently showed wide variations in TV/internet installation times suddenly saw the reasons why such variations exist, putting him in a much better position to come up with solutions. An engineer who normally monitored Verizon’s network from an office cubicle quickly discovered how work schedules can be completely disrupted when installers don’t get the information they need (such as whether a customer’s residence has previously been wired for cable or Internet). Front-line annoyances — things that make workers’ jobs harder than they need to be — also came to light, such as how quickly the batteries drained in field technicians’ smartphones and tablets. (A Verizon manager is now exploring supplying the company’s installers with portable battery packs for their devices.) See also: Is Verizon About to Outmaneuver Insurers? These examples all illustrate the inherent limitations of relying on spreadsheets, reports and other traditional management information sources to reveal workplace impediments. The internal obstacles that undermine a company’s customer experience are frequently rooted in some of the most mundane and unglamorous activities. They involve things that often don’t make it into a management report and don't get discussed at an executive staff meeting. By periodically venturing “into the wild” and stepping into the shoes of employees, managers can guard against this blind spot. They can witness what’s really happening on the front lines and can gain insight that’s difficult to obtain in any other way. When armed with this unfiltered perspective, managers are much better equipped to develop actionable improvement plans — the kind that don’t just enhance the customer experience but the employee experience, too. Don’t wait for a worker strike or some other crisis situation before venturing out to your front line. Set aside time now and start walking a few miles in your staff’s shoes. As Verizon’s managers are fast learning, there’s no better way to understand and start overcoming the internal impediments that can sabotage your customer experience. This article first appeared at Watermark Consulting.

The insurance sector is becoming more innovative. Various initiatives and projects launched around the globe are proof of that — from the classic “call for ideas” and corporate venture capital to innovation labs and accelerators that involve the largest insurance companies. According to CB Insights, InsurTech — which involves rethinking one or more steps of the insurance value chain through the use of technology — received $650 million in funding in the first quarter of 2016, and the number of transactions more than doubled compared with the same period in 2015. The Italian insurance sector represents an interesting case history about InsurTech. Italy has the most advanced experience in combining the car insurance contract with hardware (the black box) and using that data throughout the insurance value chain. According to Bain Telematics, Connected Insurance & Innovation Observatory — a think tank Bain & Company developed with ANIA, AIBA and other insurance and non-insurance partners to help spread innovation culture in the insurance sector — telematics penetration reached 16% of all cars insured in Italy by the last quarter of 2015. See also: The Future of Telematics is... Italy In Italy, this type of approach is already mainstream — in contrast with other countries, where it is still a niche-value proposition. By looking at the Italian best practices, one can identify certain critical success factors. The most important element is telematics’ capacity to improve the insurance bottom line; a significant self-selection effect exists on customer acquisition and on material savings related to claims settlement (provided that adequate processes are in place and use the telematics information). The second aspect is represented by the benefit of introducing value-added services around the driver journey. The key element for both the client and the distributor is the partial kickback of the value generated by the telematics approach on the insurance bottom line to both the client (via a discount) and the distributor (via additional fees). The current discussion of how telematics will evolve focuses on gamification and reward mechanisms — mechanisms to manage client engagement and retrocession prizes other than insurance premium discounts. For example, in the U.S., Allstate has adopted a score- and prize-based system related to driving behavior. The best practice internationally is undoubtedly Vitalitydrive, the approach through which Discovery (South Africa) has created a motor-telematics policy based on driving behavior. In this case, the cash-back incentive for gasoline bought from partner gas stops replaces the premium discount. By comparing gamification use cases with Italian best practices, insurers can retain an incremental quota of generated value, through telematics solutions that provide rewards financed by partners instead of through premium discounts. This approach requires the creation of an ecosystem of partners to provide a tangible value for the customer. Rewards can be effective ways to steer behavior if they are built on mechanisms that result in frequent interaction with the client. From this point of view, the integration of monitoring driving behavior and the reward-system mechanism has a greater influence on behavior than a tariff that calculates the renewal premium based on those same variables. See also: InsurTech Forces Industry to Rethink The stakes are high for the insurance sector, and the auto insurance mandate has created the conditions for insurance companies to become relevant actors within the ecosystem. That said, the insurance sector faces a double challenge: first, to introduce this type of creative thought inside the product development process and, second, to become equipped with competencies and instruments that enable the management of both gamification dynamics and the partner ecosystem. These challenges are forcing insurance carriers to start thinking and acting like InsurTech entities.

The Theranos saga hit another low when the company informed regulators that it was voiding two years of tests from its Edison blood testing devices and sending of tens of thousands of revised test results to doctors. This means thousands of patients received incorrect results and were likely given incorrect treatments.  These doctors and patients trusted Theranos, relying upon the brand value of the gilded names the company promoted as its governance oversight, presuming somebody truly conducted some genuine, diligent reviews. These names included diplomatic and military titans such as two former U.S. secretaries of state (Henry Kissinger and George Schultz), former U.S. senators (Sam Nunn and Bill Frist), a former U.S. secretary of defense (William Perry) and, surprisingly, the tough-minded former CEO of Wells Fargo, Richard Kovacevich. Didn’t Theranos CEO Elizabeth Holmes and her executive team realize they were risking lives by using unproven and faulty equipment? Didn’t the all-star board ask tough questions about the workings of the technology? Didn’t the leaders understand that ethics is a slippery slope, that once you compromise there is no turning back? Sadly, we have seen too many  ethical lapses and too much lack of disclosure to shareholders in the technology world. We have written about Silicon Valley’s careless and arrogant frat-boy culture; warned Uber’s CEO he risked being known as a modern-day robber baron for his dubious business practices; and battled tech titans who pay children to drop out of school before they have developed important social skills and ethical values. See also: The State of Ethics in Insurance We can list more than 50 tech firms that died when their governance failed long before their technology. One example was Informix — a fallen star of Silicon Valley and a darling of Wall Street. Founded in 1980, it towered over its rivals Oracle and Sybase as the first of the database giants to offer object relational database support with superior multi-media storage built in. Nonetheless, its poor governance drowned out its technological triumphs, as misstated revenue recognition and accounting fraud led to the imprisonment of celebrity CEO Phil White and to the firm’s ultimate collapse. Silicon Valley often thinks it can live by a different set of rules than corporate America because it is developing world-changing innovations and because start-ups need the freedom to innovate. Yes, we need to allow entrepreneurs to take risks and break some rules so they can do their magic. But these rules cannot be ethical ones. The lines on ethics are usually clear, as they were with Theranos, and there can be no compromise. Profiteers are always ready to exploit markets fueled by hope, hype and emotion.  Here are some lessons: 1. Question the over-hyped founders. Theranos’s CEO notoriously chased testimonial media appearances and self-aggrandizing promotional materials and strutted before cheering and unquestioning audiences of wannabe disrupters at TED talks. Instead, look for leaders who engage in debate with people who understand the core technology and may fortify or enhance the original concept. If you look at some of the biggest and most successful companies, some of the most vital names — Robert Noyce at Intel; Paul Allen at Microsoft, Steve Wozniak at Apple, David Filo of Yahoo; Sergey Brin of Google; etc. — are not the names attached to the company by the media, but, of course, they were crucial in each firm’s future technical, commercial and moral trajectory. The wisdom of Abraham Lincoln’s Team of Rivals has value beyond politics. 2. Beware of leaders who hide behind the cloaks of marquee names. Celebrity roll-ups are used as governance smoke screens from substance. It seems too obvious to state what must yet still be stated, that boards must be recruited from the ranks of those with relevant skill and knowledge, not from the gossip pages. The three board members who seemed to understand Theranos’s technology quit en masse three years ago. 3. Dissent is not disloyalty. Tech leaders should embrace outside critics and listen to internal challenges rather than disparage — and even threaten — dissenters. The chief science at Theranos killed himself, after reportedly telling his wife that the technology did not work. Frustrated internal whistleblowers revealed to The Wall Street Journal that the firm’s celebrated systems were no longer even used for most of the several types of tests they ran. The boards of start-ups must also be held to higher standards. When they join a board, venture capitalists have a fiduciary duty to represent the interests of all shareholders, not only their funds. While Theranos is not a publicly listed enterprise, members of the board still staked their good names to reassure investors, strategic partners, employees and the public — in this case not just verifying financial health but also physical health. During the dizzying days on the eve of the dot-com crash, many innovative firms skyrocketed as they disrupted the defensive old order. Anyone who questioned the hype was trashed as a neo-Luddites defending the past. Prominent governance apologists celebrated “e-board governance,” a self-righteous term replacing traditional diligent governance. Such new-age board oversight encouraged venture capitalist service on scores of boards, misleading pro forma financial reports, backdating stock options, illegally booked barter deals and following other reckless practices while waving away oversight through marquee names. Two decades later, “the Valley” should ascend from such governance lowlands. Jeffrey A. Sonnenfeld, a professor at the Yale School of Management, is the co-author of this article.

Healthcare providers, health plans, healthcare clearinghouses (covered entities) and business associates that provide services that deal with protected health information received another reminder to be prepared to prove they are properly handling and administering electronic and other protected health information. This came after the Department of Health & Human Services Office of Civil Rights (OCR) announced its latest in a growing series of high-dollar resolution agreements with a covered entity that was charged with violating the privacy and security standards of the Health Insurance Portability and Accountability Act (HIPAA). Raleigh Orthopaedic Charges and Resolution Agreement The Resolution Agreement and Corrective Action Plan announced by OCR on April 20 requires the Raleigh Orthopaedic Clinic, P.A. to pay $750,000 to settle charges that it violated the privacy rule. The clinic handed over the protected health information of approximately 17,300 patients to a potential business partner without first executing a business-associate agreement. Raleigh Orthopaedic is a provider group practice that operates clinics and a surgery center in the Raleigh, NC, area. OCR’s investigation indicated that Raleigh Orthopaedic violated privacy rules by releasing X-ray films and related protected health information of patients to an entity that promised to transfer the images to electronic media in exchange for harvesting the silver from the X-ray films. Raleigh Orthopaedic failed to execute a business associate agreement with this entity before turning over the X-rays and protected health information (PHI). Although the resolution only addresses charges OCR brought against the covered entity (Raleigh Orthopaedic), business associates need to keep in mind that both covered entities and business associates are now responsible for ensuring compliance with the business associate agreement requirements of the privacy rules — ever since the stimulus bill amended HIPAA to make most provisions of the privacy rule directly applicable to business associates, as well as covered entities. Takeaways for Covered Entities and Their Business Associates The resolution agreement includes a strong message for other covered entities and business associates: It's important for an entity to take seriously its responsibility under the privacy rule to ensure the business associate agreement requirements of the privacy rule are met before business associates are allowed to receive, access or use protected health information. Jocelyn Samuels, the director of the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), said, “It is critical for entities to know to whom they are handing PHI and to obtain assurances that the information will be protected,” and “HIPAA’s obligation on covered entities to obtain business associate agreements is more than a mere check-the-box paperwork exercise.” In many cases, the process of evaluating the adequacy of current arrangement and of considering the advisability of changes to tighten existing practices will result in the discovery and discussion of potentially sensitive information. For example, it is possible that, in the course of review, parties may be unable to locate a signed business associate agreement that governs a relationship, or, in the course of review, information indicates breaches of protected health information or other privacy rule violations may have occurred. For this reason, most covered entities and their business associates will want to consider arranging it so this review and analysis is conducted within the scope of attorney-client privilege or under the direction of qualified legal counsel with HIPAA experience who has entered into a business associate agreement.

"Do you know where your children are?” That was a popular catchphrase in a TV public service announcement. Do you know where your reinsurance program is? Many senior executives at insurers can’t say for sure. Many insurers find it a struggle to document their ceded reinsurance program (the risk they have transferred to a reinsurer) in a way that’s acceptable to regulators—and senior management—because they have not automated management of ceded reinsurance policies, data and claims. According to a recent survey, only 14% of primary carriers have a reinsurance system. Most insurers still use spreadsheets or other manual methods to keep track of their reinsurance contracts and claims. The NAIC Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) became effective in January 2015, and many states have adopted this model legislation. RMORSA requires insurers to have a systematic way of identifying, assessing and managing risk, and everything related to reinsurance is certainly part of it. Under it, insurers are required to submit an annual summary report to their primary regulator. A key part of complying with RMORSA, and other regulations, will be documenting reinsurance coverage in detail. It is possible to comply with RMORSA without a true reinsurance system. But it’s a difficult, time-consuming process that doesn’t guarantee good results. Using a spreadsheet and other manual methods to track contracts and claims doesn’t give you everything you need in one place for regulatory filings. For instance, an insurer might not being able to identify out-of-compliance policies. This can occur when a reinsurer requires one or more exclusions in the policies it reinsures. If the insurer issues the policies without the exclusions, the policies are out of compliance, and the reinsurer may deny liability when there’s a claim. But complying isn’t just a bureaucratic exercise. The RMORSA process also helps insurers get a clearer picture of their risks—and what could be more important for a company whose business is managing risk? Implementing a modern reinsurance management system enables complete automation, controls and audit trails. It will generate Schedule F and statutory reporting at a click of a button. This, in turn, will reduce Schedule F penalties to the bare minimum. Managing Risk Regulatory compliance is hardly the only reason to use dedicated software to track ceded reinsurance. Intricate reinsurance contracts and special pool arrangements, numerous policies and arrays of transactions create a massive risk of having unintended exposures. Inability to ensure that each insured risk has the appropriate reinsurance program associated with it is a recipe for disaster. An insurer must track and integrate many reinsurance processes. They include cession treaties and facultatives, claims and events, policy management, technical accounting (billing), bordereaux/statements, internal retrocession, assumed and retrocession operations, financial accounting, accounts payable, accounts receivable, regulatory reporting, statistical reports (such as triangulation per line of business, type of contract and region) and business intelligence. With fragmented solutions such as spreadsheets and manual processes, things often fall between the cracks because there are so many reinsurance-related items to manage. Financial information for trends, profitability analysis and exposures becomes unreliable. Automating processes can reduce the chances of missing something important to almost zero. Stanching Claims Leakage One of the biggest problems is claims leakage. How do you know when a reinsurer owes your company money? Answering that question is not as straightforward as it seems, given the complexity of many different types of reinsurance contracts. For instance, after implementing a reinsurance solution, a European insurer detected more than $1 million of overlooked claims. (You can’t file a claim if you don’t know you have one.) It contacted its reinsurer, which paid promptly. The situation for insurers that don’t automate will only get worse. Many of the experienced reinsurance administrators have retired or will be retiring in the next few years, and there are few in the pipeline coming up. With reinsurance becoming ever more complicated, the only feasible answer for insurers is a comprehensive reinsurance system that puts everything in one place. The effort and cost are well worth the benefits in staff productivity, risk reduction, better claims tracking and improved regulatory compliance—to avoid RMORSA remorse and a host of other problems.

This is Part 2 of a three-part series on flood insurance. The first part is here.  As you may know, the world of flood is changing. As of April 1, 2016, the National Flood Insurance Program (NFIP) is implementing changes flowing from the Biggert Waters Flood Insurance Reform Act of 2012 and the Homeowners Flood Insurance Affordability Act of 2014 (HFIAA). These affect residential and non-residential property rates, the process to communicate risk and related processes tied to flood insurance. An Upstream Challenge for Agents and Consumers Alike As an agent, you’re dealing with a greater focus on compliance and more regulations wrapped around the NFIP. While working to navigate increased surcharges, fees and assessments that are not eligible for commission, you’re trying to grow your business, mitigate E&O exposures and improve retention. What’s more, the federal program requires underwriting detail that is increasingly complex every day. This may feel like an upstream challenge. The idea of rising costs and gaps in flood coverage are understandably creating questions for consumers. In the wake of historic flooding across the nation and catastrophic events such as “Superstorm Sandy,” some homeowners are unprepared and unprotected. Exploring the Benefits of Private Flood According to Keith Brown, president and CEO of Aon National Flood Services, “NFIP continues to serve a vital need for many Americans now and in the future. ... At the same time, no one product can meet everyone’s needs, so it’s important for independent agents to understand available private flood insurance options, as well.” There are specific exposures the federal program doesn’t cover, such as swimming pools and spa equipment. If you live on the coast and a hurricane pushes a three-foot wall of water onto your property, the NFIP will offer coverage to help dry out the house and restore the first floor and above, but the NFIP won't cover digging sand out of the pool. What’s more, the NFIP does not cover additional living expenses or personal property in basements, so displaced homeowners or homeowners with built-out basements are left picking up these bills. Living expenses and basements are just two of the types of exposures to consider when weighing flood insurance protection options. The good news is that private flood options are continuously coming to market. Not every homeowner has the same needs. While price is often the key factor, you’ll find there are considerations that extend beyond price. In many cases, it comes down to educating the consumer about these options. For instance, policyholders may not be aware that they can supplement NFIP coverages with private options that allow a more customized coverage approach to address their individual needs. By adding private flood insurance to your portfolio, you can offer attractive options, such as:

• Ability to fill gaps in coverage;
• Improved loss settlement (adding replacement cost coverage to all losses);
• Reduced pricing;
• Broad eligibility;
• Shorter wait periods before coverage becomes effective;
• Coverage availability in all flood zones for single- and two- to four-family homes;
• User-friendly application process; and
• Possibly eliminating the need to purchase expensive elevation certificates.

As an example, the NFIP currently limits coverage on residential buildings to $250,000, but many U.S. homes are worth more than that amount.  Clients with high-valued homes may want additional coverage in the event of a catastrophic flood. Excess flood coverage enables you to offer higher limits of flood coverage to your clients so that your client may recover more. See also: Why Flood Is the New Fire (Insurance) Private Flood Resources and Outreach for Agents Agents who can effectively communicate risk by using advanced modeling and analytics are becoming more appealing to homeowners. Flood represents a complicated peril, and agents must turn to emerging technology to better educate their customers. Here are some steps you can take to enhance your flood knowledge, better understand flood risk, decipher changes with respect to emerging exposures and articulate valuable solutions for your clients: 1. Check into the resources available at the state level. Get to know the wholesale channels that agents can tap into to get flood options. Also, NFS has put together the handy visual guide that explains all the NFIP changes, “Making Sense of NFIP Regulatory Changes.” 2. Speak to your carriers. Understand their flood insurance product offerings, and talk to them about your clients’ exposures. Let them know what options you see in the market, and work with your carriers to add programs necessary to remain competitive in today’s changing environment. 3. Become familiar with new user-friendly technologies that help streamline the flood insurance application process. For example, we have developed a proprietary technology with Applied Semcat and Vertafore, the only comparative raters that allow agents to quote flood insurance at the same time they quote homeowner’s insurance. It allows agents to provide a premium indication and personalized flood proposal on all homeowner quotes. Using this application, agents can easily complete a flood policy by benefiting from the single sign-on and removal of duplicate inputs. These are just a few examples. Becoming well-versed in private flood insurance options and contracting to write flood insurance plans is a way to help build out your portfolio, retain more clients and add value to the services you provide your clients.

I recently had the opportunity to chat with two leading Silicon Valley risk managers about the Internet of Things (IoT). John Schaefer is with Lam Research, a leading supplier of fabrication equipment to the global semiconductor industry. And Leslie Lamb is with Cisco Systems, the world’s largest designer and maker of networking equipment. Lam Research and Cisco are two of the companies making our interconnected planet possible, and Schaefer and Lamb are well-positioned to give us a smart overview of the risks and opportunities IoT presents. Opportunities The clear benefits to people and businesses include:

• improved safety
• efficiency
• convenience
• health

See also: Are You Using Your Opportunities? Risks The risks are also obvious. Critical business operations are increasingly Internet-driven. Sensitive data that was once protected in a locked file cabinet can now be opened by anyone with computer file access. As we see hacking incidents become commonplace, "Internet security" is a relative term. A world filled with drones, self-driving cars, health devices and robotics is a linked-IoT world. As IoT links devices, it also links growing opportunity and growing risk in ways we cannot ignore. Addressing Risk Through Dialogue As insurance professionals grappling with these risk challenges, Schaefer, Lamb and I all use the same word to describe what we see as the most promising way forward: dialogue. This dialogue involves insurers, insureds and risk advisers. And there is a lot to talk about, including:

• The application of sublimits;
• Policy definitions that are outdated or unclear;
• Exclusions that do not address today’s business model risks; and
• Gaps in coverage for non-physical property damage or business interruption exposures.

This dialogue, happily, is also about insurance solutions and opportunities for new products. Consider the recent ISO endorsements to add drones to general liability policies. Or the social engineering protections being added to crime policies. As the future arrives, insurance can be ready to cover its risks. See also: Hot to Use Risk Maturity Models More work remains to be done, of course. In his risk management role, Schaefer sees the need to work with the insurance industry to identify and shape the products that the IoT will demand. He also sees the necessity of facilitating his organization’s response to the risks it faces with IoT growth. Again, the word "dialogue" came up. Lamb recommends bringing all a company's stakeholders together to explore the impacts of IoT, including IT, risk management, product development, marketing, operations and finance. Devices are connecting. It will take a connected approach to manage IoT risks. Fortunately, risk professionals like Schaefer and Lamb are currently working with other industry leaders to help drive optimal coverage changes.

“Claims advocacy” is fast getting the attention of workers’ comp claims leaders as a powerful approach to better claims outcomes. The on-demand economy has created cultural and multi-generational expectations around service, speed and simplicity, and some claims leaders have already figured out how to deliver. The workers’ compensation industry is in the throes of internal debate about mission and purpose.  Employee-centric claims models have become a large part of this debate. Some claims leaders say that payer organizations should move away from a compliance-oriented and, at times, adversarial style to an “advocacy” style of claims management. Research, too, indicates that claims advocacy is top of mind for industry executives. The responses of 700 participants in Rising Medical Solutions’ Workers’ Compensation Benchmarking Study confirm that many claims leaders know the building blocks of advocacy and recognize its potential value.  We recently interviewed claims leaders to better understand the practical meaning of the concept, as it applies to all claims operations, from self-administered employers to insurers handling claims for thousands of policyholders. What Is Claims Advocacy? We asked Noreen Olson, workers’ compensation manager with Starbucks, for a definition of advocacy.  (Starbucks employs 180,000 “partners” worldwide and has close to 12,000 outlets in the U.S.) Olson proposed this: “In workers’ comp, advocacy is a process grounded by the values of dignity, respect and transparency that coordinates activities to assist the injured worker effectively and promote expectancy and engagement in recovery, efficiently restores (and often improves upon) health and well-being, and resolves the experience in mutual satisfaction.” Others we spoke with endorsed this or a similar definition. They all have in mind not a checklist, nor a charm offensive, but a culture.  A claims culture that makes access to benefits simple and builds trust – and one that must be supported by executive buy-in, organizational values, technology and operating systems to be successful. Access to benefits from the worker’s perspective includes ease of filing a claim, ease in obtaining prescribed medications, access to medical specialists and help in navigating the healthcare maze. Along the course of injury recovery, there are many opportunities that affect access and trust as perceived by the worker. The highly respected Workers’ Compensation Research Institute reports in its Predictors of Worker Outcomes Series that “trust” is a key driver of claims outcomes. See also: How Should Workers' Compensation Evolve? Why Now? Tom Stark, technical director of workers’ compensation at Nationwide Insurance, told us that advocacy has been around for a long time. He’s practiced advocacy since the 1980s Several forces converge to promote advocacy in claims today. Claims leaders are emphasizing, or perhaps “reemphasizing,” the importance of interpersonal relations. As claims handling has shifted from onsite home visits to lower contact models, the importance of emotional intelligence, soft skills and customer service skills is greater than ever to dispel uncertainty and engender trust. Perhaps the biggest driver of customer service and transactional speed is the American retail sector. Its massive engagement in these areas has shaped everyone’s expectations – of all generations. Millennials, born in the 1980s and 1990s, in particular have grown up with this customer-focused approach and therefore bring to the claims environment high expectations for both delivering and receiving quality service. Slow, bureaucratic responses can shock injured workers. Darrell Brown, chief claims officer at Sedgwick, says, “We are now an on-demand economy. That is the way it is.” Why Is Claims Advocacy Attractive? Brown says that engaging the injured worker is key. Fast and helpful response to injury pays off in worker satisfaction and lower claims costs. “People file claims, but they don’t know what is going to happen. If you lose injured workers at the beginning of the claim, to anxiety and fear, they go to litigation.” Brown also says that when claims professionals engage more constructively with injured workers, their own experience is better. This leads to better morale and talent retention. For employers, claims advocacy provides a special opportunity to directly align work injury response with their corporate brand, core values, employee communications and benefit delivery. Walking the Walk Albertsons Safeway, with more than a quarter million “associates” in 34 states, has crafted its claims approach to reinforce engagement and confidence for the injured workers. Director of Managed Care and Disability Denise Algire, who is also the principal researcher for the Workers’ Compensation Benchmarking Study, says that staff talks with injured employees on the day of injury. “We focus on education and reducing uncertainty,” she says.  They avoid potentially intimidating or antagonistic terms like “adjusting,” “examining” and “investigating.” They also start with the positive expectation that every employee wants to return to work. “Workers’ compensation has become adversarial because we manage the system based on the deceptive few versus the deserving many,” she says. “Our claims approach is based on the majority, not the minority.” Brown talked to us about tangible actions. “If you can make a compensability determination in two days, even though the law gives you 14 days, imagine how much uncertainty and anxiety is removed,” he says. “The same applies to indemnity payments. The industry is often guided by regulatory requirements. If you can take action and make payments sooner, why make it later? You’ve got to walk the walk.” Starbucks, for example, direct deposits indemnity checks into employees’ accounts to increase speed. Advocacy does not hinder organizations from being compliance-minded. Rather, it becomes one aspect of a holistic, customer-driven framework that aims higher than the bar often set by regulatory standards. See Also: How to Win at Work Comp Claims Barriers to Overcome Stark sees lagging technology as getting in the way of engaging the injured worker. To him, claims tasks grew exponentially while support staff in claims offices were cut. Claims technology has often not kept up. He says, “Look at the work-arounds – count the number of sticky-notes on the adjuster’s screen. If technology is not there to support effective claims management, even in its most transactional form, you are really stressing the model. How are you going to be an advocate?” Olson brought up two challenges that Starbucks has solved but still confront most employers. She believes that it is important to make it as easy as possible for a partner to report an injury. At Starbucks, they not only have web, mobile and call center options, they also allow partners to self-report their injuries versus going through their manager or HR. Olson additionally stresses the importance of easily moving the partner to other benefit programs if the injury is not compensable and to avoid language like “your claim is denied.” She says that placing the award of benefits in the “right benefit bucket” needs to be done seamlessly so that the partner does not feel on the hook. In addition to the state mandated language in these instances, Starbucks includes its own letter that communicates that, while the claim isn’t eligible for workers’ comp, the partner may be eligible for other benefits to help with their injury/illness. One barrier that Algire notes – simply “rebranding” claims adjusters as advocates is not enough. “A true cultural shift will require organizations to move beyond performance metrics that are based primarily in cost containment to those based on clinical quality, functional outcomes and patient satisfaction,” she says. This shift is critical to “walking the walk” and reinforcing the advocacy approach with claims staff. Conclusion The on-demand economy has created cultural and multi-generational expectations around service, speed and simplicity – giving workers’ compensation a blueprint for claims advocacy. Embracing consumer-driven models around injury recovery is emerging as a competitive advantage, both from a claims outcomes and a talent recruitment/retention perspective. The 2016 Workers’ Compensation Benchmarking Study will be surveying claims leaders on advocacy, among other pressing topics, to better understand its current application and perceived viability.  A copy of the 2016 Study report may be ordered here.

We have all heard the continued drum beat regarding hacking. Anthem, Sony, Target, Home Depot, Experian and various government and military branches have all been hacked and have received their fair share of negative press. In each case, people were harmed, leaders were fired, brands were damaged and no one was really surprised. I am not a singularly focused cybersecurity expert, but I have been up to my neck in tech for 30 years and have a knack for seeing emerging patterns and macro trends and stitching those together to synthesize consequences and outcomes. In the case of the Dark Web, none of that is good news; The emerging patterns should worry us all. As English historian (1608-1661) Thomas Fuller wrote, “Security is the mother of danger and the grandmother of destruction.” See also: Best Practices in Cyber Security Below is my list of the “Top 10 Scary Macro Cyberthreat Trends” --and this is still early days for them. 1. The Dark Web Pareto  Over the last decade, the hacker population has gone from 80% aficionados/hacktivists/deep-end-of-the-pool techies and 20% professional criminals to 80% professional criminals and 20% "other." To be clear, by "professional criminal" I mean organized criminals who are there for the money, not just to someone who broke the law. 2. “Lego-ization” of the Dark Web Over the last few years, technology in the Dark Web has been changed from intricate, end-to-end hacks to a place where one merely assembles “legos” that are commercially available (albeit inside an anonymized criminal environment.) People don't just buy tool kits with instructions but also the ability to buy “lego-ized” services like illicit call center agent time for more complex criminal activities such as getting access to someone's bank account. Parts of the Dark Web look like IKEA without the assembly difficulty or the inevitable leftover parts. 3. The Dark Web embraces the capital-lite approach Of course, the Dark Web has embraced the cloud-computing model for the reasons we see in the enterprise world. What this means to the criminal hacker or, more likely, hacker organization, is that they can now go asset-free and rent the assets they need when they need them. For example, there are services for running a few hundred million password permutations in less than an hour for a few hundred dollars. Hackers no longer need to infect a massive amount of computers to fire up a denial-of-service hack; they can simply rent time on a botnet, a massive amount of “hijacked” computers up for sale in the Dark Web. Most companies still do not have a botwall to deflect bots. Gameover ZeuS is a massive example of a botnet with one variant able to generate 10,000 domains a day with more than three million zombie computers — just in the U.S. Botnets are sometimes referred to as “zombie armies” (surely there’s a TV series in there somewhere.) The Bredolab botnet may have had as many as 30 million zombie computers. See also: Demystifying "The Dark Web" 4. Clandestine versus brazen  The bragging rights for revealing a hacking “accomplishment” was once a hallmark of this space. Over the past decade or so, that factor has greatly diminished. The criminal enterprise would like nothing more than to go unnoticed. The recent massive Experian hack only came to light after the Secret Service let Experian know some of its stuff had been found for sale in the Dark Web. Focusing on avoiding detection by adopting smarter methods, targets, distribution models and revenue capture is better business and is in line with a longer, sustainable view of profit. None of the criminal organizations have boards of directors that pressure them to hit the quarterly sales and operating income figures. A hack is not a moment in time; if a hacker can go undetected, he or she can milk the hack for years. This is worrisome. 5. The total available market has grown and is target-rich  The target space for crime connected to an IP node has grown tremendously, and so has the value of the content. The massive increase in mobile IP addresses, the online transactions we do and IP-related things like stored value cards or mileage points makes a rich target for crime. It is 100x bigger than what it was just 10 to 15 years ago. The target space’s growth is accelerating. After banking regulations on the minimum size of banks were relaxed in 1900, 2,000 banks were added in two years along with growth in the relatively new credit union sector. This increase in “target space” spawned bank robbers. The target space for Dark Web crime loves the increase in the target area and doesn’t mind that the “banks” are smaller. The number of people using the Web and the average amount of time spent on the Web continues to increase. I think with the advent of things like the Internet of Things, 5G, Li-Fi and a quantum leap in cloud computing capacity per unit cost, this increase will accelerate. 6. Small many versus big few  Over the past decade, the trend in conjunction with the above items moved toward smaller “heists” but a lot more of them. Someone in Venezuela took $2 a month off my credit card for 18 months before it stopped. How many people would miss a dollar or two off a stored value card/account that has an auto-refill function like my Skype account does? What sort of statistical controls would you put on your revenue flows (as a business) to even recognize that leakage? Of course, there are still big hacks going on, but a lot of those are just the front end of a B2B transaction that then sells off that big pool of hacked data to buyers in the criminal bazaar. Small, often and dispersed is harder to catch and more clandestine by nature. 7. Automation of the Dark Web Timing is everything. As the Dark Web evolved into a scale-based, organized criminal environment, it leveraged modern automation from provisioning to tool sets to communications and even to billing. Blackshades creepware is a great example of automation extending into the consumer product end. Available for $50, it has a point-and-click interface and has internalized all of the complexity and has automated hacking even for actors with very low-level tech skills. It allows the bad actor to browse files, steal data/passwords and use the camera (often relating to extortion). Blackshades infected more than 500,000 computers in more than 100 nations. A lot of the people who bought this did not have the skills to do any hacking without this kind of automation. 8. Tech getting better, faster, cheaper while talent improves Late last year, TalkTalk, an ISP quad-play provider in the U.K., got hacked and held for ransom by four teenagers. The company estimates $90 million of cost tied to this hack, and no one really knows what the cost of the brand damage has been. There’s also a third of the company's market cap gone, and it lost 95,000 customers. In all fairness, TalkTalk's security was poor. The point here is that the technology in the Dark Web is getting faster, better and cheaper. At the same time, the average talent level is rising, which may not be the case in the non-criminal tech world. There are three factors at play:

1. Communities of collaboration and learning are becoming commonplace. Blackshades is a great example of a malicious tool with a super-low point of entry (price and tech skills) backed up by great online help and a community site.
2. The likes of the Metropolitan Police Cyber Unit (London), the FBI, Interpol, etc. are all very effective and are continually improving organizations that stop crime and lock up cyber criminals. In some ways, this is a culling of the herd that also serves to create a positive Darwinian push on the average talent in the Dark Web.
3. The giant upside financial opportunity to using tech skills for nefarious purposes creates a big gravitational pull that is only enhanced by recent economic and national turmoil, especially in places like Eastern Europe, Russia and Ukraine. In addition to that, state-sponsored or affiliated hackers with military-like rigor in their training can often make money moonlighting in the criminal world.

The combination of forces raising the talent level and the continued improvement of technology make for a bad combo. The Dark Web is also embracing open sourcing. Peer-to-peer bitcoin-based plays may become the next dark commerce platform. 9. The Dark Web itself The Dark Web has evolved over the past decade or so from a foggy, barely penetrable space to a labyrinth of loosely connected actors and now to a massive, modernized bazaar thriving with commercial activity with a huge neon sign on the front door saying “Open for Business.” It is not just a bazaar, it is a huge B2B marketplace where the best criminals can resell their wares whole or in “lego-ized” pieces. Some of these criminals even offer testimonials and performance guarantees! The Dark Web has moved from what economists call "perfect competition" to a more imperfect model trending toward oligopoly. In simpler terms, it is not a sea of malevolent individuals but, rather, the domain of organized businesses that happen to be largely illegal. These are organizations of scale that must be run like a business. This new structure will evolve, adapt and grow so much faster than the prior structure because these organizations have mission-focus and cash-flow pressures. Of course, the market forces common in a bazaar will winnow out low-value and defective products quickly, simply because word travels fast and customers vote with their wallets.  10. The truly ugly “What’s next?” section Like many thriving businesses, there is a tendency to move into adjacencies and nearby markets. This has already happened. There is a lot of money in fiddling with clickstreams and online advertising flows. Bots account for about 50% of the traffic on the Internet; of those, about 60% are bad bots. There is money to be made in transportation. One can buy fake waybills on the Dark Web to ship a crate to, say, Kiev at a fraction of the price FedEx or UPS would charge, even though the package will travel through FedEx or UPS. Here are four emerging and even more worrisome areas that could be leveraged (in a bad way) by sophisticated, tech-savvy commercial criminal enterprises that are alive and thriving today in the Dark Web.

• Internet of Things – It is just the beginning for the IoT. If you click here, you can read a paper on what may drive the amazing growth and where the potential is. The available talent who know how to secure devices, sensors and tags from hacks and stop those hacks from jumping five hops up a network are few and far between, and they don’t normally work in the consumer and industrial spaces that make stuff and that have decided to make an IP-enabled model. Few boards in the Fortune 500 can have an intelligent conversation about cybersecurity at any level of detail that matters. In short, over the next few years, IoT may be a giant hunting ground. For instance, what if a hacker goes through the air conditioning control system to point-of-sale devices and steals credit card info? That is a target with a big bull’s eye on it. (That is what happened to Target.)

• Robotics – This is a little further out, and the criminal cash flow is a little harder to predict, but IP-connected robots is a space that will grow exponentially over the next decade and be at key points in manufacturing, military and medical process flows. What is the ransom for holding a bottling plant hostage? The Samsung SGR -1 (no, not a new phone) is a thermal imaging, video-sensing robot with a highly accurate laser targeting gun that can kill someone from 3,000 yards out. The Oerlikon GDF005 is a less-sophisticated antiaircraft “gunbot” that is, in part, designed to be turned on and left to shoot down drones. These things are both hackable. 

• Biochem – What if some of the above Dark Web trends extend into this area, renting assets and expertise, point-and-click front-end designs? The bad news is that this seems to have started. 

• The over-the-horizon worries – Nanotech, Li-Fi, AI, synthetic biology, brain computer interface (BCI) and genomics are all areas that, at some point in their evolution, will draw a critical mass of criminal Dark Web interest. The advances in these areas are at an astounding pace. They are parts of the near future, not the distant future. If you have not looked at CRISPR, google it. Things like CRISPR, coupled with progressively better economics, are going to supercharge this space. Li-Fi, coupled with 5G and the IoT (including accelerated growth in soft sensors), will create a large target space. The Open BCI maker community is growing quickly and holds enormous promise. Take a look at the Open BCI online shop and see what you could put together for $2,000 or  $10,000. The Ultracortex Mark IV is mind-blowing (not literally) and only $299.

All of this is going to get worse before it gets better. This is clearly not a fair fight. This is a target-rich environment that is growing faster than almost anyone anticipated. The bad actors are progressively getting better organized, smarter and better built for “success.” Interpol, the FBI and other law enforcement agencies do great work, but a lot of it is after-the-fact. Enterprises need new approaches to network-centric compartmentalized security. New thinking about upstream behavioral preventative design is needed for robustly secure IoT plays. National organizations in law enforcement and intelligence need to think through fighting a borderless, adaptive, well-funded, loosely coupled, highly motivated force like those under the Dark Web umbrella. Those national organizations probably need to play as much offense as defense. Multiple siloed police and intelligence units that are bounded geographically, organizationally, financially and culturally probably will start out with a disadvantage. This article was originally published on SandHill.com. The story can be found here.

I predict that in the brief time you spend reading this article you will get several social media and email notifications. You will receive at least one text message and possibly one or more voicemails. At some point later today, you will log in to at least one news website, content aggregator or feed reader and skim the headlines. In other words, I predict that you are already suffering from information overload and that this condition will only intensify as the day goes on. I don’t have to tell you that you aren’t alone here. We all deal with information overload on a daily basis. Colleges study this condition, and news outlets seem to be in love with the topic — even though their articles about the topic feed into the disease itself! The problem with information overload isn’t necessarily that too much information is a bad thing; it’s that our brains are not capable of consuming, digesting and properly processing all the information thrown at us in a single day. It’s like those lines from the Rime of the Ancient Mariner: Water, water everywhere, Nor any drop to drink. We have access to information everywhere, yet it’s so overwhelming that we don’t have the mental capacity to really absorb and understand it. See also: 4 Technology Trends to Watch for In underwriting, information is vital. The more information we have to process, the more accurate our quotes are and the better our risk assessment is. But with large quantities of applications, increasingly stringent underwriting standards and the sheer volume of information we now have access to — including big data — it’s difficult for human underwriters to keep up, analyze data and sift through the irrelevant to find the relevant.  It’s like trying to drink water from a firehose. This is where automation comes in, both for group insurance or individual underwriting. By automating part of the underwriting process, you give human underwriters a leg up that helps them do their job more efficiently. While simplified-issue products can be fully underwritten by an automated system, more complex cases can benefit from the integration of automation and human review. Automated underwriting can be configured to notify human underwriters when certain red flags are found. It can score applications based on rules — regarding medical history or concerning drug combinations or third-party information that wasn’t mentioned on the application. It can then route the application to a specified team of underwriters based on the initial risk assessment or send to “jet issue” if deemed “clean.” See also: Here Comes Robotic Process Automation An automated underwriting system gives the insurance industry time, better margins and the ability to maintain consistent standards even as demand rises. These systems not only process and analyze data more efficiently — they can quickly disregard irrelevant data without suffering the mental fatigue and strain of information overload, freeing underwriters for more complex cases and allowing more business to be written in less time. It’s time to give all underwriters the automation they need to do their jobs.