Picture the scene: You've been waiting to buy tickets to see your favorite band, you finally get hold of some - you're so excited to see them and then they suddenly pull out. What happens next? Usually, fans are left devastated, show organizers have nightmares and an emergency call is put in to the insurers.

So, who picks up the bill in this situation? Well, there is a good chance it's us -- Robertson Taylor is in the business of live entertainment insurance and has brokered nine of the 10 highest-grossing music tours ever. The cancellation of a tour or a band's appearance at a festival is always set to hit the headlines, and it will normally result in a call to us.

When a band pulls out

When this happens, you need to consider the type of event; for example, if it's a festival, a band's cancellation can have little or no impact because tickets can be sold out within minutes of going on the sale, with no band or artist line-up being mentioned -- a cancellation won't stop the event from happening, but partial refunds may have to be considered. Also the band may lose its guarantee. A concert, however, is different. More stakeholders are affected, like the promoter, the agent and the venue.

The tour

Touring is where things get tricky. Decisions rely heavily on the accuracy of the financial forecast generated for the tour, and the size of the claim depends on the size of the event and the artist involved. The largest one-off show we arranged cover for was insured for $22 million, which is still the largest non-appearance policy placed for one show.

On a large production where there is a substantial set construction, and a large amount of crew, the costs can be huge, even just to reschedule. We've had an artist who had to cancel and reschedule several shows, and the claim was tens of millions of dollars because it required the rehiring of venues, crew, equipment and so on.

How much is it to insure a band?

It's all about risk. If insurers think a particular artist is high-risk, then this will be reflected in the cost to insure that artist -- as with any type of insurance. To gauge risk, we look at a number of factors, including the history of touring and any previous losses, health issues, logistical issues such as the tour routing, what happens if key individuals or equipment is not available, etc. Sometimes, insurance might not be available for an artist who has too much of a "history."

The call

This can happen at any time of day or night; I remember a number of times I have been on the phone in the early hours of the morning because there was an urgent incident on the other side of the world. It's important to get on top of the situation quickly, understand what the issue is and then decide what needs to be done to mitigate the situation. If it looks like there could be a big loss involved, then we may need to reach out to the loss adjuster, but they don't always appreciate getting a call at 3 a.m.!

Throughout the process, it's important to continually communicate with the client. We operate in an immediate business where your expertise is required at that particular moment in time. Although we have been in this industry for 38 years, and undoubtedly the music scene has changed, insuring it still has the same unmistakable ability to keep you on your toes.

In today's cyber world, business is done digitally. Trusted cyber relationships between partners must be formed to effectively conduct business and stay at the forefront of innovation and customer service. Having these trusted partnerships comes with a major drawback, however.

Look at it from this perspective: If your organization is the target of a malicious actor, yet they find your defenses too difficult to penetrate, the attacker can use a partner company to find a way in. Depending on the difficulty, the attackers could target multiple third parties in an attempt to gain access to your network.

The important factor to keep in mind here is that just because your organization may have top-notch security practices in place, it does not mean your partners do, and they can be targeted for their valuable insider access to your systems.

Related story: Third-party vendors are the weak links in cybersecurity

Third-party companies, no matter how trivial they may seem to your everyday operations, need to be thoroughly vetted. If they are given secure insider access as part of doing business with your organization, their systems must be reviewed and assessed for security vulnerabilities. The adage, "you're only as strong as your weakest link," could not be more true when it comes to third-party vulnerabilities.

Coming to grips with risk

Partners may think of themselves as unlikely targets, but even your HVAC vendor could be creating a gaping hole in your security network that malicious actors may use to gain access to your sensitive information.

For example, financial enterprises have extremely large networks of third-party vendors and partners, from payment processors and auditors to Internet providers and other financial institutions. Being able to map your third parties' public Internet space and network presence allows you to identify indicators of compromise and risk that paint an accurate depiction of your partners' potential attack surface.

When we think of potential targets for hacking, we naturally think of big companies or government agencies-organizations that have large volumes of critical and sensitive data. But because these organizations typically have the funds and resources to implement sophisticated security, they are usually not the weak link when it comes to an attack.

Because these organizations cannot be easily accessed, malicious actors adjust their attack strategies to use alternate paths to their desired goal-less secured partners with privileged access. Once a vulnerable company is compromised, its trusted access into other partners allows malicious actors to bypass security controls with exploits that didn't work previously. Adversaries now are free to roam the connected partner networks, essentially undetected.

Dealing with the problem

The moral here is that insider threats don't necessarily have to come from within an organization. Trusted third parties, once compromised, create significant security risks to sensitive data. Organizations must look beyond their own defensive perimeters and consider monitoring their partners to better understand their complete attack surface-especially large and complex organizations in which new services are frequently delivered on outward-facing infrastructures.

Understanding the complete attack surface not only provides the intelligence to prevent abuse, but it provides insight into how an attacker may view a path of attack. Additionally, gaining insight into third-party partners, vendors and suppliers is crucial in creating an informed and dynamic risk management program.

Most organizations are busy enough dealing with their own IT infrastructure, so double-checking the risks associated with their partners may not be at the top of their priority list. However, in today's cyber threat landscape, if you don't take into account the security posture of your partners, you will never be able to truly mitigate your risk and are leaving gaps in your defenses for anyone to access your critical information.

This article was written by Jason Lewis. Lewis is the chief collection and intelligence officer at LookingGlass. Lewis is a network analyst who has technology initiatives in the private and public sectors.

In a recent case, the 2^nd Appellate District of California declined to open an new avenue to avoid the exclusive remedy of workers' compensation in Melendrez v Ameron International Corporation, not only upholding the lower court's grant of summary judgment for defendant/employer but also allowing the defendant to recover expert witness fees.

The employee, Lario Melendrez, was employed by Ameron for 24 years and was exposed to asbestos from insulation products. In 2011, he died from mesothelioma related to his asbestos exposure. His survivors/plaintiffs attempted to circumvent the exclusive remedy rule by alleging the employee had been allowed to take waste and scraps of insulated pipe home for personal use. Plaintiffs asserted the employee should not be shielded by workers' compensation exclusivity for his non-work-related use of the employer's asbestos products. Neither the trial court nor the appellate courts agreed with the effort to create a new exception to the exclusive remedy rule. The Appellate Court commented as follows:

"While we agree that a triable issue of fact exists whether Melendrez's exposure to asbestos at home arose out of and in the course of his employment with Ameron, that issue is not material to the viability of Ameron's defense of workers' compensation exclusivity. It is undisputed that Melendrez's exposure to asbestos in his employment with Ameron substantially contributed to his mesothelioma. Therefore, under the contributing cause standard applicable in workers' compensation law, his mesothelioma is covered by workers' compensation, and his separate exposure at home does not create a separate injury outside workers' compensation coverage. Thus, plaintiffs' lawsuit is barred by workers' compensation exclusivity."

Citing the recent California Supreme Court holding in South Coast Framing, the 2^nd district held:

"Given the purposes of workers' compensation, courts have long applied a broad concept of contributing cause to bring injuries within workers' compensation coverage. In short, if a substantial contributing cause of an injury arises out of and in the course of employment, the injury is covered by workers' compensation, even if another, nonindustrial cause also substantially contributed to the injury. As recently explained in South Coast Framing, Inc. v. Workers' Comp. Appeals Bd. (2015) 61 Cal.4th 291 (South Coast Framing): "[T]he workers' compensation system is not based upon fault. 'It seeks (1) to ensure that the cost of industrial injuries will be part of the cost of goods rather than a burden on society, (2) to guarantee prompt, limited compensation for an employee's work injuries, regardless of fault, as an inevitable cost of production, (3) to spur increased industrial safety, and (4) in return, to insulate the employer from tort liability for his employees’ injuries.'..."

The court also cited case law that had established that the exclusivity provisions of workers' compensation also apply to collateral or derivative injuries:

"[C]ourts have regularly barred claims where the alleged injury is collateral to or derivative of a compensable workplace injury."... see also Vacanti, supra, 24 Cal.4th at p. 815 ["courts have barred employees from suing for psychic injuries caused by their termination, or their employer's abusive conduct during the termination process]; LeFiell, supra, 55 Cal.4th at p. 284 ["'[c]ourts have held that the exclusive jurisdiction provisions bar civil actions against employers by nondependent parents of an employee for the employee's wrongful death, by an employee's spouse for loss of the employee's services or consortium, and for emotional distress suffered by a spouse in witnessing the employee’s injuries...'"

The court further distinguished authorities proposed by plaintiff to expand the ability to escape the exclusivity clause. In each of the cases cited by plaintiff, the court noted there were findings that the employee was not performing any service related to employment or even actions prohibited by his employer. In each of those cases, the injury was solely related to the non-work-related episode, and the plaintiff offered no authority to support severing a single injury into separate components as would be required in this case.

Comments and Conclusions:

This case represents an interesting effort to evade the exclusive remedy provisions in workers' comp. A successful plaintiff's result could potentially have expanded the ability to file civil actions whenever an employee took home something from work that eventually contributed to a work injury. Think a carpenter who receives permission to take home a tool and later files both a WC injury claim and a civil action against his employer for allowing him to use a work tool at home that resulted in injury. The potential combinations are endless for such scenarios.

Luckily, with this case the exceptions noted by plaintiffs in their brief will remain isolated and not expanded under this ruling.

If a patient or her attorney believes a physician is responsible for a bad outcome at an outpatient medical facility, the facility itself will be sued, not just the physician. Therefore, it is up to the facility to have established procedures and protocols in place to deter the risk of lawsuits. Here are five tips for outpatient medical facilities that may help reduce the risk of lawsuits.

#1. Good patient communication

Communication is the No. 1 issue in any medical setting - outpatient care is no exception. Within outpatient services, patients don't typically have the same depth of relationship with the doctors as they do with their own primary physician. This often makes them more inclined to pursue legal action in the case of a bad outcome or adverse event. If facility physicians and staff take even a few minutes of extra time to answer all questions and address all concerns, patients and their families will walk away feeling as though they had all the information - even if a bad outcome occurred.

#2. Confirmation of informed consent

The patient is at the outpatient facility because of a medical problem - usually determined by his primary physician - who then referred him to the outpatient facility. It is the facility's job to confirm that informed consent has occurred between the patient and physician, so policies must be in place to ensure this happens with each and every patient encounter. Patients must be informed of the details of the procedure, the risks and benefits and any alternative treatment options. A procedure should not be performed until informed consent has been confirmed. When patients or their families feel they were provided all available information, they are much less likely to pursue a lawsuit in the case of an adverse outcome.

#3. Proper documentation

Documentation can make or break a case when attorneys become involved. Be sure everything is documented, including all test results as well as the date, time and subject of all conversations with both the referring physician and patient. In the event of an adverse outcome where the court becomes involved, the ability to show all conversations is essential. For example, it can be invaluable to show that the referring physician was spoken to on a specific date and that the patient was given specific recommendations.

#4. Thorough and safe medical records

The outpatient setting leaves many opportunities for accidental breaches simply because so many patients are cycled through the facility on any given day. Printed medical records must be kept safe and strictly out of the public view - and that includes being locked away each night. It's essential that facilities have protocols in place that diligently track the security of medical records at every step.

#5. Prompt diagnosis

Patients often don't realize how long it may take for medical tests to return. Some lab tests can take days or weeks. Outpatient medical facilities must have an efficient procedure in place for obtaining results and delivering them to patients and the ordering physician in a timely manner. Let's say a patient had an MRI because of an unidentified growth in breast tissue. If the MRI indicates suspicion for cancer, how does the facility ensure that test results aren't getting lost in the shuffle? The cancer could spread and lead to a bad outcome. A system of checks and balances must be in place that helps the ordering physician see the results, and act quickly based on the findings. In an outpatient facility, all staff must be informed as to which test results need to be called in to the referring physician immediately.

Bottom Line - All of these reasons come back to the No. 1 issue: communication. For a busy outpatient facility, it can feel as though there simply isn't enough time to talk to patients, but, from a risk management perspective, the importance cannot be stressed enough. It's important to take the time to communicate every step of a patient's care with her - to listen and answer her questions. Not only does this help to build trust, it can also minimize the risk of a lawsuit. Excellent communication between the provider and patient almost always creates a "win-win" situation.

For most of 2015 I have been banging on about disrupting insurance (or Instech, if you like that kind of jargon). I'd like to use this blog post to talk about why I find it exciting.

1. Insurance is an enormous market

Life insurance premiums are $2.3 trillion globally. Non-life insurance premiums are $1.4 trillion globally. (Both numbers are from 2012, from a McKinsey report.) I don't get to write the word "trillion" often when looking at market sizes.

Importantly for a European venture capitalist, Europe is a disproportionately large chunk of the market, coming in at $700 billion of life and $400 billion of non-life. And London, as the place insurance was invented, remains its biggest global hub.

2. Incumbents face a number of challenges

The insurance industry in Europe and the U.S. is mostly composed of large traditional insurers that have been operating for decades or centuries. They have struggled to adapt to a digital age, as shown by the graph from BCG below. As with banks, their back-end software and underwriting is tied into legacy software from previous decades, with major system integration challenges.

Insurers also have very little contact with their customers, contributing to low brand loyalty and retention.

In many countries and verticals, insurance is still mostly distributed via expensive offline broker networks. Insurers are often tied to these networks, making it very hard for them to move to direct/online distribution. For a typical insurer, distribution costs are significantly higher than all their other non-claims costs combined. Regulatory change in some countries is forcing insurers to make brokerage costs more explicit, which could well lead to customer backlash.

3. Technology can be highly disruptive in insurance

Technology can have a huge impact on every important aspect of insurance. Distribution was the first part of insurance to be disrupted, with insurance comparison engines such as Moneysupermarket and Check24. Further disruptive mobile-first distribution models are emerging. On the underwriting side, there is a huge volume of new data available (telematics, mobile phone, health tracking, etc.) with which to make decisions. And there are new machine-learning techniques to work with existing data. Smartphones allow a much more efficient and pleasant claims experience. Personalization software and machine learning enable :segment of one" insurance. The list goes on. (You can download a good report on this from BCG here.)

4. There are obstacles to entering the industry

It wouldn't be an achievement if it was too easy. Insurance presents start-ups with a number of barriers to entry, of which the most significant are:

• Regulation. Insurance is (with good reason) a highly regulated industry, and regulations vary by country (and by state in the U.S.). To get going in the UK, for example, you need to get into the nitty gritty of brokers, MGAs, reinsurers, Solvency II, warehousing, etc., etc. You also need to understand a different set of accounting standards and terminology.
• Balance sheet. Once you get through the regulation, you need to prove that you have the balance sheet to be able to pay up for claims in any eventuality. This requires serious capital before you can write your first policy.
• Partnering with incumbents. Both of the above make it near-impossible to start fresh, unless you can raise an Oscar-like $100 million-plus. Any other Instech start-up is going to need to partner with existing insurers. This presents a number of challenges and limits flexibility. Some insurers are trying to encourage innovation (e.g., axastrategicventures.com), but good intentions are confronted by big-company politics, vested interests and "not invented here" syndrome.
• Historical data. If you are going to get into underwriting insurance, you need historic claims data on which to base your decisions. However, this data is privately held by insurers. Building up enough data over a long enough time frame (given that claims are infrequent events) is a real challenge. Without it, there is a danger of start-ups mispricing risk.

5. These obstacles put off the big tech players

For the likes of Alphabet/Google, Facebook and Amazon, insurance is too hard and too boring. When you have a huge war chest, self-driving cars and drones are much more interesting areas to explore. In the war for engineering talent, it is hard to get your best developers to work on financial services. When I was with Google in 2007-09, I worked on the early days of Google Compare. Despite much hand-wringing in the insurance industry, this hasn't gone anywhere. It's just not high enough up Google's priority list.

6. Despite the obstacles, there are success stories

Ping An is one of the most impressive growth stories of any company globally. It was founded in 1988 in Shenzhen and was the first insurance company in China to adopt a shareholding structure. It took the nascent Chinese insurance industry and put a rocket under it, going IPO in 2004 at a $10 billion valuation. It is now valued at $100 billion. Ping An has always been a technology-led company and continues to lead the way in tech-led innovation.

Moneysupermarket was the first player to really crack insurance comparison, allowing users to type in their details once and receive competing quotes from dozens of insurers. It was quickly copied, leading to a fierce TV and Google ad spending war with Comparethemarket, Confused and Gocompare that continues to this day. Despite this, Moneysupermarket is still valued at almost $3 billion.

esure was founded in 2000, went public in 2013 and is now valued at $1.5 billion. Its success has been built on efficient, low-cost operations and building brands (both esure and Sheilas’ Wheels ). esure also owns Gocompare, one of the players in the UK comparison market.

7. There are a number of impressive start-ups emerging, but there is room for plenty more

Over the last year, I have seen a step change in the number of startups going after insurance. But this change has been from "almost none" to "a trickle." Tiny in comparison to the huge number of start-ups going after the similar-sized fintech market.

Here are a few of the areas in which I see Instech start-ups emerging:

Insurance distribution beyond comparison

This is the most obvious area for start-ups to address, as it is not subject to many of the challenges above (less regulated, no balance sheet, no underwriting). A few interesting new players:

• Knip. Mobile-first insurance concierge. Initial proposition for users is to remove administrative pain: Have all of your insurance policies in one place. Over time, there is the potential to be a user's trusted insurance adviser, recommending where he should increase/decrease cover and who he should insure with. Started in Switzerland, now taking on German market with competition from Safe and Clark. PolicyGenius in the U.S. is a different twist on the insurance concierge concept.
• Boughtbymany. Social distribution for niche insurance. Boughtbymany finds niche groups who have challenges finding good insurance today (e.g., diabetics, young drivers). It plugs into these affinity groups to push specially designed insurance products to them.
• Simplesurance. Seamless insurance cross-sell at checkout. The idea of selling insurance for high-value items at point of purchase is not a new one. Simplesurance's innovation is to make it as frictionless as possible for users and online retailers.

New forms of capital provision/peer-to-peer

In our persistent, low-interest-rate environment, new capital is flowing into the insurance industry in search of returns. One manifestation of this is hedge funds getting into reinsurance.

As a start-up, one opportunity is peer-to-peer insurance, where a group of members cover some or all of claims made by the group. In some ways, this goes back to the original concept of cooperative insurance. The advantages should be less fraud, lower acquisition costs (through referrals/social), greater loyalty and, over time, better pricing.

• Friendsurance in Berlin was the first company with this approach.
• Guevara in London is a different take on the P2P concept.

New sources of data

Connected devices and other online data offer insurers a huge amount of additional data on their insured risks. The first success story has been telematics for car insurance, where your driving behavior affects your premium. A number of good businesses have been created, such as Insurethebox, which sold 75% of the business at a valuation of around $200 million earlier this year. However, so far, telematics has remained a niche product, in particular addressing young drivers. Connected cars and ubiquitous smartphones will take it to the mass market.

Going forward there are many more opportunities to use connected hardware to refine insurance: wearable devices for healthcare, smart homes for home insurance, mobile phones for almost anything. There is also the opportunity to use people's online presence and social networks to reduce fraud and (possibly) improve underwriting.

A few examples in this area:

• Climate Corp. Collecting weather data with high precision, offering farmers crop insurance and in depth analytics.
• Metromile. In the car insurance telematics space, but using your smartphone to collect data, and a new pricing approach (pay per mile).
• Vitality. Keeping fit and healthy reduces your health insurance costs. Data taken in from partners and wearable devices. Has grown to 5.5 million members. Oscar is also using data from wearable devices for its insurance.

Reinventing the insurance experience

This is a broad category, including changing how claims are handled, how insurance is sold and how it is bundled with other services.

• Oscar is the best example of this, reinventing U.S. medical insurance from the bottom up. It has been well-covered by the tech press, so I won't go into it further here.
• Aircare is part of Berkshire Hathaway but worth a quick mention as it eliminates claims completely - it automatically pays out if your flight is delayed. Claims management is the most painful part of dealing with an insurer, with expensive offline measures to try to combat fraud. As everything we do becomes connected (starting with our car) the concept of "claiming" may become an anachronism.

New verticals

There is always a new category emerging for insurance. Smartphone insurance has seen huge growth. Cyberinsurance is a current hot topic. However, addressing these new lines of business is something that insurance insiders are pretty good at. Unless a start-up can come in with a real tech advantage (which in cyberinsurance might be possible), the worry is that new segments quickly become competitive.

New markets

The insurance market is still in its early stages in much of the developing world, offering opportunity for land grab. Compare Asia is an example of one company addressing this. DirectAsia, acquired by Hiscox, is another.

SaaS to help the insurance industry keep up

The insurance industry is more than big enough for a SaaS provider focused on the industry to build a billion-dollar business. There is a lot of Excel still being used. The question is which parts of insurance require unique software, as opposed to a slight customization of generic business intelligence, CRM or machine-learning SaaS packages. A couple of insurance-specific SaaS companies are Quantemplate, offering business intelligence and data warehousing, and Shift Technology in fraud detection. Balderton’s portfolio company InterResolve is a different sort of B2B insurance company, with a technology-led approach to insurance claims mediation.

What I am looking for as a VC in insurance

Finally, a quick summary of what I look for as a VC in insurance start-ups:

• Founding team who combine deep understanding of the insurance industry with an external, tech-led DNA. This probably means two founders, or a truly exceptional founder who can combine both. This is not an industry you can bluff your way through. On the flip side, I worry that a team of insurance industry insiders will struggle to break from industry norms.
• Real tech DNA in the company (something I look for in any sector).
• A clear focus on the customer, not the insurer/partner.
• Simplicity: an ability to take a complex industry and present it in a beautiful way using plain language.
• Mobile-first.

If you are an insurance start-up in Europe than I haven't spoken to before, please contact me!

Statistics on identity theft show that tax-related fraud causes billions of dollars of financial harm, but tax fraud assistance may or may not be included in identity theft protection products. For comprehensive coverage, an identity theft protection service must include tax fraud assistance.

What is tax fraud?

Instances of tax fraud could involve...

• Phone scams where thieves pretend to be the IRS calling for money or information
• Phishing scams where fraudsters send fake IRS emails or set up unsolicited websites to get money or information
• Criminals using false information or a taxpayer's stolen information to file fraudulent tax returns, thereby getting the victim's refund
• Dishonest tax preparers who defraud their clients with false deductions, inflated expenses or the like

How common is tax fraud?

Every tax season - and all the months in between - the U.S. Treasury Inspector General for Tax Administration (TIGTA) deals with dishonest tax-related schemes. The TIGTA has received well over 90,000 complaints about IRS phone scams and found that victims have lost approximately $5 million.

In 2013, the Federal Trade Commission (FTC) received 1,455,146 identity theft complaints - a third of which stemmed from tax-related fraud. In 2014, the FTC's 1.5 million fraud-related complaints revealed that consumers have paid a total of $1.7 billion because of fraud, and a third of those complaints were also tax-related.

Fake tax returns cause problems, as well: $4 billion of tax refunds went to fraudsters after they sent in fake tax returns to the IRS.

How do identity theft protection plans address tax fraud?

Unfortunately, not many products provide services specifically geared toward preventing tax fraud. Common features, like credit monitoring, are less likely to catch these kinds of crimes because tax information is not connected to the main credit activity being monitored.

Another reason for lack of tax fraud assistance could be strict limitations on a third party's ability to communicate with the IRS. The IRS requires that anyone communicating with it on a victim’s behalf must have IRS-approved credentials (e.g. enrolled agent, certified tax preparer or certified public accountant).

The upkeep of a tax fraud assistance division can get expensive, as well. A significant amount of time and money are needed for finding approved specialists, giving them the time to work through each case and maintaining the correct credentials. Some certifications involve continuing education, periodic renewal fees that can really add up and purchasing and maintaining a tax preparer bond in the thousands of dollars.

Despite limited capabilities to detect that a member is a victim of tax fraud or act on a victim's behalf with the IRS, a specialist could still assist victims by guiding them on what to do next and giving them the necessary resources to carry out the steps themselves.

How can you avoid tax fraud?

First, whether it's on your own or through an identity theft protection plan, tap into resources about how to avoid victimization. For example, learn how to pick a reliable tax preparer and how to handle tax documents with confidential information.

Second, make sure your protection plan includes Social Security number (SSN) monitoring because your SSN is a key piece of information that the IRS uses to confirm your tax return actually came from you. In some instances, if a taxpayer's SSN is at risk, the IRS will issue a special PIN number that differentiates the taxpayer's real tax return from the thief's fake ones.

Third is tax fraud assistance, which provides access to professionals who will help victims report the crime and address the resulting issues. Victims of tax scams deal with the same burden of significant financial losses and rebuilding reputations that accompany any other kind of fraud. Support from people who are familiar with both the tax system and identity theft recovery will give victims direction and help them take action.

Taxes are already frustrating for many, so adding the problem of identity theft only aggravates the situation. The statistics prove that tax fraud is relevant and must be taken into account when building security against identity theft and fraudulent activity.

Are your workers' compensation medical doctors treating injured workers from a P.O. Box? That may sound ludicrous, but most workers' compensation data suggests just that. The rendering physician's address is a P.O. Box.

In the past, documenting only the provider's mailing address was acceptable because that and a tax ID were all that were needed to pay bills and file 1099s. Now, having more complete data has become profoundly important.

Data on providers is scrutinized to determine medical performance, claim cost and outcome. Accurate analysis relies on the data-complete data. Rendering physicians must be documented on the bill so that their performance is accurately tied to the correct injured worker and claim in the data. Including the 1) treating physician's name, 2) physical location and 3) NPI number of the rendering provider on each bill lets analytics tell us who are the best and why. When those three little data elements are missing, so is any useful information for medical management.

When the data contains group or facility demographics without the rendering physician's name, the actual treating physician cannot be linked to the claim. Performance cannot be logically averaged among all the providers in the group. Obviously, not every treating provider is equally gifted or competent.

The HCFA (Health Care Finance Administration) standardized form has a box to document the rendering provider's name and NPI (National Provider Identification). That box must be used.

Sometimes, the name of the provider is documented on the billing form but is not captured in the OCR (optical character recognition) process, whereby the data on the bill is translated to a digital form.

Even when bills are submitted electronically, that data element, while present, may not be forwarded. The digital bill is usually handed off to a bill review service that analyzes the appropriateness of the charges and passes its conclusions on to the payer. Rarely is all the information from the HCFA billing form passed on to the payer. The provider information that is handed off may be just the billing address and tax ID.

Sometimes, the name and NPI of the rendering physician are omitted simply because it has always been done that way. No one has thought to change the procedure.

In other words: Retrieving definitive provider demographics might be a simple matter of requesting it!

Sometimes, though, the reason accurate data is missing may be more sinister. The Centers for Medicare and Medicaid Services (CMS) requires the rendering physician name and NPI number on bills submitted to Medicaid and Medicare. CMS simply withholds payment on bills without that information. But those standards are not applied in workers' compensation. The frequent result is bad or misleading data, but it can be even worse.

Unfortunately, omitting the name and NPI of the rendering physician is sometimes deliberate. This could be strategic or actual fraud. Some large multi-specialty medical groups and multi-location practices deliberately omit such information because they want the anonymity for their individual practitioners. They want to avoid measurement of their providers' performance. They do not want individuals identified, not even by the location in which they practice. All the providers in the group treat from a P.O. Box and under the group NPI number.

Some providers deliberately obfuscate the data so they can stay under the radar to overbill. They submit different addresses and even different NPI numbers on their bills. The practice is clearly fraudulent because CMS expects that one physician or other medical provider is assigned one NPI. Providers who commit fraud also circumvent CMS.

The solution

Regardless of the reason for bad medical provider data, payers can correct the problem by demanding more. Often, the solution is as simple as asking the bill review service for more complete data. Further upstream, it might be as simple as requiring all providers in a network to include the name and NPI of the actual treating physician on the HCFA billing form.

All you require is the 1) rendering physician's name, 2) physical location and 3) NPI number with every bill. With that information, the best and worst providers can be identified, and the fraudulent ones exposed.

In my capacity as benefits consultant, I often hear employees say they know we have the most expensive system in the world, but they feel that is a fair trade-off because we have the U.S. healthcare system is the best in the world.

Well, let me disavow you of that notion. Every metric measurable shows that we have a mediocre system, at best! The World Health Organization ranks the U.S. healthcare system as 37th in the world, strictly based on outcomes. That puts us tied with Slovenia but significantly behind Costa Rica, Saudi Arabia, Colombia and the bankrupt country of Greece.

Part of the reason for the poor results, I believe, is because we don't ask hard questions on the quality of care we receive (and likely wouldn't get answers, if we did). Does anyone know the readmission rate or infection rate of the hospital they are about to have a surgical procedure in?

Stephen Dubner of Freakonomics fame asked the following question: There are two major cardiology conferences each year, where more than 7,000 of the top cardiologists and thoracic surgeons go for one to two weeks each; what happens to the quality of care in their facilities while they are gone?

I tried to imagine: Would I want to even go to the hospital knowing the top doctors were away?

To get to the answer on quality of care, Dubner used 10 years of data from Medicare looking at more than 10,000 patients with emergency types of heart conditions (like heart attacks) so that patient choice of facility is largely removed as a variable. The baseline for the comparison against the work of these top doctors was data from teaching hospitals, even though conventional wisdom says, "Take me to the facility with the top doctors and keep me away from a teaching hospital. I don't want any residents cutting their teeth on me!"

The answer: If you were brought to a teaching hospital for a heart attack, your mortality rate was about 15%. Mortality rate at a non-teaching hospital, with those top doctors, the week before or week after the convention was 25%! This is a HUGE swing! This means that, for every 100 heart attacks brought in, 10 more people die when the top doctors are around!

Let me put this in perspective. If you look at all treatments given for a heart attack, like beta blockers, Plavix, stents, angioplasty, aspirin....all these COMBINED reduce mortality by 2% to 3%!

Here is another interesting point. The amount of invasive treatments, like angioplasty and stents, are used in about 33% FEWER cases when the cardiologists are away.

Okay, so wait a second. Did I just say that better care is given when the top doctors are away, and, at the same time, less severe treatments are being administered and fewer dollars are being spent?

That sounds pretty counter-intuitive. Let me give my take on why.

When I think of a “top” cardiologist, an image comes to mind. He has lots of gray hair (not sure why my mind imagines a male, but it does), and has been doing cardiac surgery for decades. Does this sound about right?

Well, this doctor was trained in medical techniques 30 or 40 years ago, and he has likely been sued for malpractice, perhaps multiple times (which leads to "defensive" medicine). He frequently has ownership or at least compensation tied to the profitability of the facility where he practices. These traits lead to more care and often inappropriate (or unnecessary) care. The younger doctors, meanwhile, are less jaded by malpractice, less engaged in profits and more recently trained.

I ask you to question EVERYTHING when it relates to care. Assume nothing. One thing is clear; the more involved the patient is in her own care, the better the outcomes (and the lower the costs, too)!

In April, a large life insurer announced plans to use Fitbit data and other health data to award points to insureds, providing impressive life insurance discounts for those who participated in "wellness-like" behaviors. The assumption is that people who own a Fitbit and who walk should have lower mortality. That sounds logical. But we're in insurance. In insurance, logic is less valuable than facts proven with data.

Biases can creep into the models we use to launch new products. Everyone comes to modeling with her own set of biases. In some conference room, there is probably something like this on a whiteboard: "If we can attract people who are 10% more active, in general, we will drive down our costs by 30%, allowing us to discount our product by 15%."

That is a product model. But that model was not likely based on tested data. It was likely a biased supposition pretending to be a model. Someone thought he used data, when all he did was to build a model to validate his assumptions.

Whoa.

That statement should make us all pause, because it is a common occurrence - not everything that appears to be valid data is necessarily portraying reality. Any data can be contorted to fit someone's storyline and produce an impostor. The key is to know the difference between data cleansing/preparation and excessive manipulation. We continually have to ask if we are building models to fit a preconceived notion or if we are letting the data drive the business to where it leads us.

Biases hurt results. When I was a kid, my Superman costume didn't make me Superman. It just let me collect some candy from the neighbors. Likewise, if insurers wish to enter into an alternate reality by using biased data, they shouldn't expect results that match their expectations. Rose-colored glasses tend to make the world look rosy.

Here's the exciting part, however. If we are careful with our assumptions, if we wisely use the new tools of predictive analytics and if we can restrain ourselves from jumping through our hypotheses and into the water too soon, objective data and analytics will transport us to new levels of reality! We will become hyper-knowledgeable instead of pseudo-hyper-knowledgeable.

Data, when it is used properly, is the key to new realms, the passport to new markets and to a secure source of future predictive understanding. First, however, we have to make it trustworthy.

Advocating good data stewardship and use.

In general, it should be easy to see when we're placing new products ahead of market testing and analysis. When it comes to insurance, real math knows best. We've spent many decades perfecting actuarial science. We don't want to toss out fact-based decisions now that we have even more complete, accurate data and better tools to analyze the data.

When we don't use or properly understand data, weak assumptions begin to form. As more accurate data accumulates and we are forced to compare that data with our pre-conceived notions, we may be faced with the reality that our assumptions took us down the wrong path. A great example of this was long-term care insurance. Many companies rushed products to market, only later realizing that their pricing assumptions were flawed because of larger-than-expected claims. Some had to exit the business. The companies remaining in LTC made major price increases.

Auto insurers run into the same dangers (and more) with untested assumptions. For example, who receives discounts, and who should receive discounts? Recently, a popular auto insurer that was giving discounts to drivers with installed telematics, announced that it would begin increasing premiums on drivers who seemed to have risky driving habits. The company had assumed that those who chose to use telematics would be good drivers and that just having the telematics would cause them to drive more safely. The resulting data, however, proved that some discounts were unwarranted; just because someone was willing to be monitored didn't mean she was a safe driver.

Now the company is basing pricing on actual data. It has also implemented a new pricing model by testing it in one state before rolling it out broadly - another step in the right direction.

When we either predict outcomes before analyzing the data or we use data improperly, we taint the model we're trying to build. It's easy to do. Biases and assumptions can be subtle, creeping silently into otherwise viable formulas.

Let's say that I'm an auto insurer. Based on an analysis of the universe of auto claims, I decide to give 20% of my U.S. drivers (the ones with the lowest claims) a discount. I'm assuming that our mix of drivers is the same as the mix throughout the universe of drivers. After a year of experience, I find that I am having higher claims than I anticipated. When I apply my claims experience to my portfolio, I find that, actually, only the top 5% are a safe bet for a discount, based on a number of factors. Now I’ve given a discount to 15% more people than ought to have had it. Had I tested the product, I might have found that my top 20% of U.S. drivers were safe drivers but were also driving higher-priced vehicles - those with a generally higher cost per claim. The global experience didn't match my regional reality.

Predictions based on actual historical experience, such as claims, will always give us a better picture than our "logical" forays into pricing and product development. In some ways, letting data drive your organizations decisions is much like the coming surge of autonomous vehicles. There will be a lot of testing, a little letting go (of the driver's wheel) and then a wave of creativity surrounding how the vehicle can be used effectively. The result of letting the real data talk will be the profitability and longevity of superior models and a tidal wave of new uses. Decisions based on reality will be worth the wait.

In an entirely entertaining Forbes online article, a truly effective healthcare leader, Leah Binder, lists the following three hazards of worksite wellness programs:

1. Dismaying and Alienating Employees. Who today doesn't already know that smoking is unhealthy?

2. Bad Programs Don't Save Money. Too many wellness vendors simply fabricate results.

3. Potential Harm to Employee Health. False positives on wellness-driven testing can lead to employee harm and huge, unwanted spending.

Binder writes "I don't come to this conclusion lightly."

Further, "...I believe we must call out poorly designed programs that prey on well-meaning employers and other purchasers."

She points to a great book by on this topic by my friends and colleagues Vik Khanna and Al Lewis, Surviving Workplace Wellness...: With Your Dignity, Finances and (Major) Organs Intact.