This is part two of a series of five on the topic of risk appetite and its associated FAQs. The author believes that enterprise risk management (ERM) will remain locked in organizational silos until boards are mobilized in terms of their comprehension of the links between risk and strategy. This is achieved either through painful and expensive crises or through the less expensive development of a risk appetite framework (RAF). Understanding risk appetite is very much a work in progress for many organizations. The first article made a number of observations of a general nature based on experience in working with a wide variety of companies. This article describes the risk landscape, measurable and unmeasurable uncertainties and the evolution of risk management. The Risk Landscape Lessons learned following the great financial crisis (GFC) include the importance of establishing an effective risk governance framework at the board level. In essence, two key questions must now be addressed by boards. First, do boards express clearly and comprehensively the extent of their willingness to take risk to meet their strategic and business objectives?  Second, do they explicitly articulate risks that have the potential to threaten their operations, business model and reputation? To be in a position to provide credible answers to these fundamental questions, we must first seek to understand the relationship between risk and strategy. It is RMI’s experience that risk and strategy are intertwined. One does not exist without the other, and they must be considered together. Such consideration needs to take place throughout the execution of strategy. Consequently, it is vital that due regard is given to risk appetite when strategy is being formulated¹  Crucially, risk is now defined as "the effect of uncertainty on objectives."²  It is clear, therefore, that effective corporate governance is strategy- and objective-setting on the one hand, and superior execution with due regard for risks on the other. This particular landscape is what we in RMI refer to as the interpolation of risk and strategy. For this reason, RMI describes board risk assurance as assurance that strategy, objectives and execution are aligned. Alignment is achieved through operationalization of the links between risk and strategy, which will be described in the final article in this series. Before further discussion, however, we would like to draw attention to observations based on our practical experience that give cause for concern, namely: 1.  Risk appetite: While we now have a globally accepted risk management standard³ and sharper regulatory definition of effective risk management for regulated organizations, there is as yet much confusion, and neither a consensus nor an internationally accepted guidance, as to the attributes of an effective risk appetite framework. 2.  Risk reporting: In relation to risk reporting, two significant matters arise: Risk registers that are primarily generated on the basis of a compliance-centric requirement, as distinct from an objectives-centric⁴ approach, tend to contain lists of risks that are not explicitly associated with objectives. As such, they offer little value in terms of reporting on risk performance. Note: RMI supports the adoption of a board-driven, objectives-centric approach⁵ to reporting and monitoring risks to operations, the business model and reputation. Risk registers and other reporting tools detail known risks and what we know we know. They tend not to detail emerging or high-velocity risks that have the potential to threaten the business model. As such they tend to be of limited value in terms of reporting or monitoring either unknown knowns⁶, or unknown unknown⁷ risks. This is a matter that should give boards cause for concern given pace of change, hyper-connectivity and the disruptive nature of new technologies. 3.  Risk data governance: The quality, rigor and consistency in application of accounting data that is present in well-managed organizations does not equally exist in those same organizations in the risk domain. The responsibility of directors to use reliable accounting information and apply controls over assets, etc. (internal controls) as part of their legally mandated role extends equally to information pertaining to risks that threaten financial performance. The latter is not, however, treated in an equivalent fashion to accounting data. Whereas the integrity of accounting data is assured through the use of proven and accepted accounting systems subject to audit, information pertaining to risks typically relies on the use of disparate Excel spreadsheets, word documents and Power Points with weak controls over the efficacy of copying and pasting of data from one level of report to another. Weaknesses and failings in risk data governance can be addressed in much the same way as for other governance requirements. For example: a.    Comprehensive training for business line managers and supervisors on:

•  (Risk) Management Processes,
•  (Risk) Vocabulary,
•  (Risk) Reporting,
•  Board (Risk) Assurance Requirements

b.    Performance in executing (risk) management roles and responsibilities included in annual performance appraisals,   c.   System⁸ put to process through the use of database/work flow solutions, providing an evidence basis of assurance that:

• The quality, timing, accessibility and auditability of risk performance data is as rigorously and consistently applied as that for accounting data,

• Dynamic management of risk data (including risk appetite/tolerance/criteria) can be tracked at the pace of change

• Tests can be applied to the aggregation of risks to objectives at the pace of change and prompt interdictions applied when required,

• Reports, or notification, of significant risks are escalated without delay, and without risk to the originator of information.

4.  Lack of understanding of the nature of the risks that need to be mastered in the boardroom: Going back to our definition of risk as the effect of uncertainty on objectives: There are many types of objectives -- for example, economic, financial, political, regulatory, operational, customer service, product innovation, market share, health safety, etc. -- and there are multiple categories of risk. But what is uncertainty? Uncertainty⁹ is the state, even partial, of deficiency of information related to understanding or knowledge of an event, its consequence or its likelihood. There are essentially two kinds of uncertainty: 1.   Measurable uncertainties: These are inherently insurable because they occur independently (for example, traffic accidents, house fires, etc.) and with sufficient frequency as to be reckonable using traditional statistical methods. Measurable uncertainties are treated individually through traditional (risk) management supervision, and residually through insurance. Measurable uncertainties are funded out of operating profits. 2.   Unmeasurable uncertainties:  These are inherently un-insurable using traditional methods because of the paucity of reliable data. For example, whereas we can observe multiple supply chain and service interruptions, data breaches, etc. they are not sufficiently similar or comparable to be soundly put to a probability distribution and statistically analyzed. Un-measurable uncertainties are treated on a broad basis through organizational resilience. For the top 5-15 corporate risks¹⁰ that are typically inestimable in terms of likelihood of occurrence, the organization seeks to maintain an ability to absorb and respond to shocks and surprises and to deliver credible solutions before reputation is damaged and stakeholders lose confidence. Un-measurable uncertainties are funded out of the balance sheet. The hyper-connected and multispeed world in which we live today has driven the effect of un-measurable uncertainties on company objectives to unprecedented, heights, and so amplified the risk potential enormously. 5.  Urgent need to recognize the mission-critical importance of building  and preparing management to always be prepared to offer credible solutions in the face of unexpected shocks and surprises  Figure 1 below describes the evolution of risk management as depicted within the red dotted line¹¹ and the next stage of the evolution (resilience) as envisioned by RMI.

Figure 1: Evolution of risk and the emergence of “resilience” as the current era in the evolution of 21^st century understanding of risk  

Resilience was the theme that ran through the World Economic Forum: Global Risks 2013, Eight Edition Report.  Resilience was described as capability to

1. Adapt to changing contexts,
2. Withstand sudden shocks, and
3. Recover to a desired equilibrium, either the previous one or a new one, while preserving the continuity of operations.

The three elements in this definition encompass both recoverability (the capacity for speedy recovery after a crisis) and adaptability (timely adaptation in response to a changing environment). The Global Risks 2013 Report emphasized that global risks do not fit neatly into existing conceptual frameworks but that this is changing insofar as the Harvard Business Review (Kaplan and Mikes¹²) recently published a concise and practical taxonomy that may also be used to consider global risks¹³. The report advises that building resilience against external risks is of paramount importance and alerts directors to the importance of scanning a wider risk horizon than that normally scoped in risk frameworks. When considering external risks, directors need to be cognizant of the growing awareness and understanding of the importance of emerging risks. Emerging risks can be internal as well as external, particularly given growing trends in outsourcing core functions and processes.

The most costly problem facing employers today is work-related, soft-tissue injuries, more commonly known as work-related musculoskeletal disorders (WRMSD). According to OSHA, WRMSD account for 34% of lost work days in the U.S., as well as a third of the dollars spent in workers’ compensation and of all work-related injury cases. Not surprisingly, soft tissue injuries -- to the ligaments, tendons and fibers of the body that connect the bones -- are difficult to diagnose. Standard diagnostic tests such as X-rays or imaging are frequently unable to document the presence of pain and loss of function. As a result, diagnoses are often subjective, leading to poor treatment (including unnecessary surgery and overuse of narcotics), extra lost work time, precariously high medical costs and, at times, fraudulent claims. There is a need for accurate, timely and evidence-based diagnosis and treatment to curtail escalating costs and improve clinical outcomes, as these case studies show: Case 1 A 44-year-old gentleman had undergone a baseline EFA. (The Electrodiagnostic Functional Assessment, or EFA, combines mutltichannel wireless electromyography (EMG) with range-of-motion testing and integrates that with a functional output). He is employed as an unloader in the shipping department. He alleged a work-related injury in October 2014, five weeks into his employment. He stated that he injured his shoulders when he put his hands out to block a fall. He complained of bilateral shoulder pain, radiating to the right upper extremity. He rated the pain as an eight on a scale of one to 10. But an EFA found no change from the baseline test. Outcome: Because there was no change from his baseline, he was released from treatment and advised to see his primary care physician for any further medical needs. Case 2 A 37-year-old gentleman was employed as a loader. He alleged a work injury in October 2014; when he bent to lift some ice, he felt a pain in his lower back. He complained of radiating lower back pain, into the left lower extremity, rated as a 6/10. He was referred by his occupational medicine doctor, as there were no objective findings, and his subjective complaints seemed out of proportion. An EFA revealed normal EMG activity, with chronic, unrelated pathology. Outcome: When he returned for his follow-up evaluation after the EFA, he still had the same subjective complaints. After his doctor reviewed the EFA findings, he stated that he felt much better and asked for a release to return to  full duty at work. Case 3 A 34-year-old gentleman was employed as a mix/truck driver. He had undergone a baseline EFA in June 2014 and had a work-related motor vehicle accident in September 2014. His head struck the roof of his truck, and he was not wearing a hard hat. He complained of neck, shoulder and head pain. When an EFA was compared with the baseline, chronic, unrelated pathology was noted. However, the comparison also revealed a change in the paracervical region. This change was consistent with the date and mechanism of injury and with his subjective complaints. Outcome: The EFA comparison was able to identify and redirect care, away from the chiropractic care that he was receiving. After imaging studies were performed and the results found to be consistent with the EFA findings, he received site-specific, conservative care for his work-related injury, and his symptoms improved. It is our opinion that the EFA-STM provides a book end solution, comparing a pre-injury test to a post-injury assessment to objectively and accurately determine AOECOE (arising out of employment/course of employment) status. One must base a medical evaluation on facts, not subjective complaints. When that is accomplished, proper diagnosis and treatment are rendered, and outcomes improved. The authors invite you to join them at the NexGen Workers' Compensation Summit 2015, to be held Jan. 13 in Carlsbad, CA. The conference, hosted by Emerge Diagnostics, is dedicated to past lessons from, the current status of and the future for workers' compensation. The conference is an opportunity for companies to network and learn, as well as contribute personal experience to the general knowledge base for workers' compensation. Six CEU credits are offered. For more information, click here.

The thought of placing links to competitors’ products or services on a company website would normally stop chief marketing officers or marketing managers dead in their tracks. After all, once you’ve attracted a consumer to your website, it’s only natural to expect them to purchase your product. However, what if that specific item isn’t available? Or it’s sold out? Or it’s not the right fit? You’ve exhausted your advertising investment on this potential customer, only to deliver a “sorry page,” forcing him to leave your site and head elsewhere. But what if your "sorry pages," instead of being a dead end for a consumer, could still bring in revenue? It sounds like some Twilight Zone marketing nightmare, but it’s becoming a much more utilized practice - and a smart one at that. Businesses need to come to terms with the fact that they don’t own customers; they are, at best, momentarily rented. This can leave brands in the lurch when it comes to sales and brand loyalty. However, there are many options a business can apply that ultimately generate revenue, even without sales, when the consumer turns to make a purchase from a competitor. But competitor advertising placed on your own website? This is how it ends up being a win-win. Say you are a car insurance company looking for policy holders with specific characteristics. A consumer will visit your website and fill out an application; however, they do not meet your ideal customer criteria. Now you have two options: reject them outright or provide additional other options with that rejection, some of which may be best obtained through a competitor. To suggest an alternate purchase by providing a link to a competitor’s website in the form of, “You may be interested in policies from XXXX,” you’d be providing prime real estate for a competitor to make a sale through a tailored advertisement. You receive revenue from an otherwise lost opportunity by selling advertising space on your site to these competing brands, while also building positive brand recognition. These consumers have shown intent, and you’ve helped them get what they need, which makes you a valuable asset. Instead of shutting down the deal and turning your back on the customer, you are aiding them in their search, while providing a competitor with a valuable lead, for which they are paying. Win-win, right? Many customers would consider that a positive brand experience. After all, it shows that your brand is ultimately focused on helping the customer find what she needs, even if you are not the one to give it to her. Consider Amazon. This booming company not only has an enormous selection of goods for customers to choose from, but it also provides links to external shopping sites instead of sorry pages when a specific product is not available.

You don’t often see a CEO squash a great quarter with an analyst call script designed to batter his company’s stock price. Yet, that’s what Mark Zuckerberg recently did—to his great credit. One of the biggest challenges for public companies is to make investors prioritize long-term value over short-term profits. So, rather than running a victory lap after beating Wall Street’s expectations for the third quarter, Zuckerberg laid out a long-term strategy that drove loads of investors away. To understand why this was a smart move, look at Amazon.com and IBM. Few CEOs have been more audacious than Amazon CEO Jeff Bezos in managing Wall Street. Bezos told investors 17 years ago, “It’s all about the long term. . . . Our goal is to move quickly to solidify and extend our current position while we begin to pursue the online commerce opportunities in other areas…. We will continue to make investment decisions in light of long-term market leadership considerations rather than short-term profitability considerations or short-term Wall Street reactions." Bezos has, ever since, eschewed profitability to invest in—and deliver—innovation and growth in ever-expanding retail categories and adjacent markets, including tablets, phones, original content and cloud services. In return, Amazon attracted investors who believed in his long-term time horizon, as evidenced by Amazon’s astronomical price-to-earnings-ratio and a market cap that stands at nearly $140 billion. Amazon’s costs have risen to eat up all revenues -- but the stock price has rocketed. At some point, Bezos will have to deliver profits commensurate with Amazon’s scale, but, for now, investors continue to give him wide latitude to invest for the long term. Contrast Bezos’ approach with that of his counterparts at IBM. In 2006, IBM CEO Sam Palmisano told investors that IBM would focus on earnings per share, ahead of growing IBM’s business. Palmisano’s rationale, as he recently told Harvard Business Review, was that IBM was a “mature business” that needed to respond to the demands of shareholders who “wanted more margin expansion and cash generation than top-line growth.” Palmisano dubbed his plan Roadmap 2010 and committed to increase earnings per share from $6 to $10 by 2010.In return, IBM amassed like-minded investors who drove up IBM’s share price in lockstep with earnings growth. Roadmap 2010 was so successful with investors that Palmisano and his successor, Ginni Rometty, doubled down on it with Roadmap 2015—which called for IBM to deliver $20 per share by 2015. While investors loved them, Roadmaps 2010 and 2015 took IBM far off course in meeting the needs of its customers and employees. The problem is that while IBM might well be a mature company, it competes in an industry that was far from mature in 2006, and is even less mature today. Rather than accepting old age, IBM needs to be as agile as startups and growth-minded goliaths—like Amazon. But Palmisano and Rometty locked IBM into a set of investors and expectations that left less and less room for agility. Rather than staying on top of the rapid advances in information technology products and services redefining its industry—and every one of its target markets—IBM management had to focus on financial and business reengineering to increase earnings for its investors, as promised. One industry insider summed up IBM’s predicament this way: "They are paying the price for moving to services—which was smart—but not investing in the fundamentals to support services, e.g., recruiting, training, staffing, etc. They kept their earnings afloat by financial engineering, such as loading up on debt to fund buybacks." IBM paid a high price for not innovating. It suffered declining revenues for the last 10 quarters—to the point where Rometty had to abandon Roadmap 2015. The superiority of Amazon’s long-term market leadership approach over IBM’s short-term profitability considerations is evident in the two giants' battle over cloud services. Who could have imagined in 1997 that one of the next big things in IT services would be cloud services, and that Amazon would be the dominant player in that space? If anyone should have foreseen and owned the cloud, it should have been IBM—given its deep client relationships and long history of running data and networking centers for corporate clients. Yet, BusinessWeek estimates that Amazon Web Services is one of the fastest-growing software businesses in history:

The growth of Amazon’s cloud business is unprecedented, at least when compared to other business software ventures. It’s grown faster after hitting the $1 billion revenue mark than Microsoft, Oracle, and Salesforce.com. You would need to turn to Google—which had the advantage of the vast consumer market—to find a business that grew faster.

Amazon has also vanquished IBM in head-to-head competition, including for a high-profile 10-year, $600 million contract for cloud services to the CIA. What’s more Amazon’s initial success has drawn other deep-pocketed competitors like Google and Microsoft.  The resulting price war might have more dire consequences for IBM, which does not have Amazon’s long-term investment flexibility. So, when Zuckerberg prepared for his recent earnings call, he could have easily crafted a story that short-term investors would have loved. Facebook beat expectations for both top-line revenue and bottom-line profits. It also made great strides in showing that it would dominate in the mobile space—a transition about which many observers (including me) had been skeptical. Facebook’s share price would surely go for a nice ride if Zuckerberg simply focused on monetizing his social network. Instead, Zuckerberg took a page from Bezos’ playbook and laid out five and 10-year visions with aspirations far beyond the core Facebook network. He told investors that he would build a series of other billion-user products—before starting to monetize them. What’s more, he said that Facebook would build the next major computing platform, which he believes will revolve around augmented reality. And he made it clear that this vision required significant investment and that, like Bezos, he would prioritize long-term market leadership over short-term profitability: "We’re going to prepare for the future by investing aggressively." The subsequent drop in share price meant that a lot of investors got the message, and left. Zuckerberg still needs to deliver on his long-term strategy. But he left little doubt about his intentions and made sure that his investors were working on the same assumptions. That’s smart.

As the demand for cyber insurance has skyrocketed, so, too, has the cost. One broker estimates that sales in 2014 will double from the $1 billion premium collected in 2013. Much of the increase in demand and cost has been a result of the widely publicized hacks of the point-of-sale systems at large retailers, and the primary emphasis of most cyber policies is to address liability arising from such events. New payment technologies, however, will change the need for this type of cyber insurance. American Express recently announced a token service; Apple incorporated ApplePay into its new iPhones; and a group of retailers, the Merchant Customer Exchange, is working on the release of a new payment technology, as well. These technologies, although different in detail, eliminate the need for merchants to collect unencrypted payment card information from customers, significantly reducing the risk created by point-of-sale malware. These technologies work by generating tokens or cryptograms for use at the point of sale. Financial institutions are able to determine whether the tokens or cryptograms are associated with a customer's account, even though it is virtually impossible for a third party possessing the token or cryptogram alone to identify the account. The specifics of the technologies vary, but the result is that the merchant does not need access to the customer's unencrypted account information, and any data obtained through the point-of-sale malware becomes virtually worthless. As these payment technologies become prevalent in the U.S., the need for cyber insurance protecting retailers against point-of-sale malware should plunge. There still will be a need for coverages protecting against other cyber risks, including other forms of malware and security breaches as well as against business interruptions arising from cyber events. However, the need and demand for cyber insurance covering privacy breaches should be reduced and the pressure on much of the current cyber insurance market removed. This article first appeared on the Privacy and Information Security Law Blog.

When I was a fledging claims examiner, I was taught the universal file mantra: res ipsa loquitor ("the thing speaks for itself"). In claim terms, it means the file should tell the story. Not a difficult concept if you think about it. I suppose a less classy version would be, “If it ain’t written down, it didn’t happen.” But res ipsa loquitor is more than just jotting down crib notes in a file. It’s about documenting the direction in which you are headed and why. A second, equally important mantra came from a former claim manager, who said, "If you were hit by a bus, someone should be able to pick up your file and know exactly where you left off.” He went on to say that could only be achieved through clear, copious and comprehensive documentation. As a senior work comp claims consultant, I often dinged examiners for poorly documented files and a dearth of a memorialized thought processes. Occasionally, their response was akin to, “Well, obviously you don’t know Alaska comp!” (or whatever state I was auditing).  While I realize they were just being defensive, they missed the point entirely. I wasn’t criticizing them for something statute-related; I was simply telling them they failed the res ipsa loquitor test, which is the most critical common denominator in all the various best-practice file criteria available. An employer always has the right to know how and why a certain decision was made. Pronouncements made by insurance companies and third-party administrators (TPAs) – which obviously affect the employer - should never be made in a vacuum. In my claim manager days, I came up with a whimsical way for my staff to visualize the documentation process. I called it HIPPO. History: What happened? Who/what/where/how? Issues: How serious was the injury? Is there time-loss involved? Plan of Action: What is the examiner’s initial plan? Is return-to-work possible? Procedure: How will the examiner begin the compensability process? Outcome: What is the examiner’s best guess at this point? Obviously, HIPPO would need to be revisited from time to time as the file matures and becomes more complicated. And, of course, the compensability aspect of the claim would be much different than a plan of action for continuing medical management. But you get the drift. And, yes, I found little plastic hippopotamuses that I placed on their desks to help them remember! For the younger generation, who seem compelled to use social media to document what they had for breakfast, perhaps this concept will come easier. Then again, documenting what you ate is a far cry from explaining why you chose that particular food item; why it was the best choice over all others; why it made financial sense; and what gastronomical ramifications might ensue because of the choice. Bon appétit.

The rising cost of insurance is putting a squeeze on American families. And this problem could get even worse if lawmakers don't fix a little-known federal drug program called "340B." Created by Congress in 1992, 340B was originally intended to provide low-income people access to needed medications. This program allows hospitals, clinics and other healthcare providers serving large numbers of poor and uninsured patients to buy drugs at a deep discount. The idea was that these facilities would pass along those savings to their patients. But 340B is not working as intended. Instead, it's being manipulated by hospital systems to increase profits. It isn't helping the poor. And this exploitation is driving up health insurance costs for all Americans. Price Disparity The program's major flaw is it doesn't actually require healthcare providers to pass along those drug discounts to low-income patients. Participating facilities are free to buy huge volumes of cheap medicines and then sell them at full price to insured patients -- and pocket the difference. That's exactly what many participants are doing. Duke University Hospital has accumulated $280 million in profits from 340B over the last five years. The drug chain Walgreens is projected to make a quarter of a billion dollars off the program over the next half decade. Established hospital systems have increased their revenue from 340B by buying up specialty clinics. These smaller practices often use a high volume of expensive drugs. By acquiring these clinics, hospitals can purchase even more discounted medicines through 340B and further boost profits. In 2012, hospitals enrolled more clinics in 340B than in the previous 20 years combined. A new University of Chicago study shows that most of these clinics are located in relatively affluent areas. In other words, they aren't even pretending to serve the low-income and uninsured populations 340B was intended to help. Unfortunately, lawmakers have not responded to these abuses by fixing 340B's structural flaw. Instead, they've blindly expanded the program. Back in the early '90s, just 90 health care facilities participated in 340B. Today, that figure is more than 2,000. The acquisition of smaller clinics, precipitated by 340B, will seriously drive up insurance costs for average Americans. Large, established health providers tend to charge more than smaller, independent clinics. And insurance companies respond to these higher treatment expenses by raising premiums. Indeed, a study from three Duke University researchers published in the October issue of the journal Health Affairs looked into the price disparity between key cancer drugs provided at both corporate hospitals and clinics. Researchers noted that, between 2005 and 2011, the proportion of cancer services administered at independent clinics dropped by 90%. They found that the price gap between the two settings can be as much as 50%. Pharmaceutical manufacturers are now incurring heavy losses from 340B abuse. In 2010, this program cost the industry $6 billion. By 2016, that's expected to more than double, to $13 billion. Simple economics forces firms to compensate for losses by raising their prices, leading to higher medical expenses for average patients. Noble Purpose 340B has a noble purpose. But it's not fulfilling its mission to provide vulnerable patients with discounted drugs. Instead, 340B is being exploited by rich hospitals to boost their bottom lines. And these abuses are leading to higher insurance costs for everyone else.

There’s been a lot of talk lately about value-based purchasing and price transparency in the U.S. healthcare system. With the proliferation of high-deductible health plans, consumers and payers are now actively chasing “value”— high-quality care at the right price. But what happens when “value” calculates to a grand total of zero—or even less than zero? Only in healthcare is that even possible. “Zero value” occurs when healthcare is harmful—and you, the patient or purchaser, pay extra for the privilege of that harm. This is the issue currently facing employers and other purchasers paying out of their own pockets when a hospital commits an error that results in injury, infection or other harm to a patient. It’s backwards and incomprehensible, but healthcare purchasers are at the mercy of these zero value “hidden surcharges.” The payer gets the bill for the added length of stay and treatment of the infection or the medication error, even if they were preventable. This is common, and it’s not cheap. The Leapfrog Group created the Hidden Surcharge Calculator, which estimates that, on average, an employer pays approximately $8,000 per hospital admission for errors, injuries, accidents and infections. The calculator was recently awarded  a “Certificate of Validation Seal” by the Care Innovations Validation Institute, an organization established by Intel and GE to rate healthcare tools, plans and vendors to help industry consumers make educated choices. The Hidden Surcharge Calculator is free and allows plans and employers to determine surcharges they pay for their covered lives. To build on the findings from the calculator, Leapfrog crafted additional tools to help purchasers apply their leverage with hospitals in their communities, communicate effectively with their employees about patient safety and try to reduce some of these shocking surcharges. So we launched the Hospital Safety Score Purchaser Toolkit, also free, created with the support of a grant from the Robert Wood Johnson Foundation. The toolkit is being released at a crucial time of year—the beginning of open enrollment season. We know that employers want to help their employees make the best decisions about their healthcare, and we hope that our toolkit will foster genuine conversations on these issues. We include downloadable “plug-and-play” communications, including newsletter articles, internal memos template emails and even sample tweets. Messages educate employees about the problem of patient safety and what they can do to protect themselves and their families. It provides background and instructions for using the Hospital Safety Score, letter grades that assess the safety of general hospitals. There’s also a series of whiteboard videos that explain the issues in plain language and can be downloaded at no cost. Just as importantly, we want to encourage purchasers to use their own leverage to effect change. Despite the harm to employees and expense to the bottom line, patient safety is rarely observable in claims data. Purchasers have to rely on hospitals to voluntarily report on safety to the Leapfrog Hospital Survey. By putting pressure on hospitals to publicly report to Leapfrog, healthcare purchasers can ensure that transparency and accountability are at the top of every hospital’s agenda. The toolkit offers suggestions on joining local business coalitions on health to maximize regional leverage, communicating with hospitals and getting needed provisions in contract language with plans. Value-based purchasing is nonsensical when value is less than zero, so plans and purchasers need to be more aggressive on patient safety. Otherwise, payment reform loses its raison d’etre. Because the safety problem is so large and hard to pinpoint, many payers just give up. The Purchaser Toolkit, Hospital Safety Score and Surcharge Calculator are meant to provide them with concrete steps that will make a difference immediately.

Insurance modernization results in core business and administrative functions using commonly trusted sources of data to inform and enhance business decisions and reporting. Benefits of this transformation include greater efficiencies, improved decision-making and better risk management. However, modernization is not just about changes to processes and technology. There also are potentially profound organizational and talent-related changes. Given the broad impact insurance modernization will have throughout an organization, HR has a key role during the journey. The case for change Insurance modernization is not simply another transformation program that affects select capabilities within specific organizational functions. Rather, the changes that insurance modernization brings are far more broad and systemic. HR executives, in particular, understand how modernization reshapes their organization’s talent agenda, influences priorities,and changes how HR invests in services that enable the transformation. Many insurers already face critical skill shortages, particularly in the areas where insurance modernization makes the greatest impact: risk, actuarial, financial and technical competencies. Modernization efforts also hinge on an organization’s ability to attract and retain people who have the skills to drive transformational change. Combined with an aging workforce, the case for adjusting talent strategy is clear. Modernization also requires stronger links between performance management and critical regulatory and risk management objectives. Changes in organizational structure, governance and decision rights may be necessary to strengthen accountability for modernization goals and objectives. Characteristics of a modernized HR function In the journey toward a modernized organization, HR leaders are uniquely positioned to drive workforce changes for positive impact. Leading HR functions draw on their capabilities and services to provide support by:

• Driving organization structure, governance and decision rights changes to strengthen accountability for modernization goals and objectives. HR will help manage changes to the work processes and systems that drive a substantial redistribution of work effort by redeveloping job families or job design and making logical and lasting changes to interaction models.
• Shifting key talent management strategies – ranging from recruitment to career development to succession planning – to address gaps in critical actuarial, financial and technical capabilities. The modernized organization will require talent with new and enhanced skills. In some roles, for example, employees will devote less time to activities such as data scrubbing and more time to analysis and consultation.
• Motivating broader cultural change through employee engagement initiatives that promote modernization vision and goals. Leading HR organizations will leverage insurance modernization as a key growth opportunity for both the organization and for high performers who demonstrate skills development and leadership capabilities.

As a key partner in the transformation, HR leaders sit alongside business leaders to plan for critical modernization initiatives and develop strategies to drive desired outcomes. At the same time, other important HR capabilities, such as performance management and goal-setting processes, will be critical to driving organization-wide performance outcomes. The benefits As a steward of organizational capabilities, the leading practice HR function is a key supporter of insurance modernization. The main challenge for the HR function is to assess organizational needs during the transformation while focusing on broader organizational objectives at the same time. Engaging HR early in the transformational journey sets the foundation for realizing objectives:

• Defining program impacts to both people and the organization and developing a holistic plan for protecting and expanding the organization’s brain trust and key capabilities.
• Directing organizational development, including organizational redesign and job analysis activities, by redirecting limited resources toward critical needs and forecasting and managing HR capabilities and capacity in concert with demands.
• Reshaping talent strategy for risk, actuarial and finance roles, as well as select IT roles, to address shifting skill profiles and talent requirements
• Designing a change management plan from an HR perspective that aligns culture-related change management and communications activities to promote organizational focus on modernization’s most critical objectives.

From an HR perspective, insurance modernization enables the institutionalization of key capabilities, rather than the loss of key assets as talent moves within and outside the organization. Modernized IT services and platforms enable both performance and scalability by facilitating more efficient use of talent. Critical success factors The degree of HR’s impact on modernization hinges on the degree to which it can partner with key business leaders. HR can provide critical support when it is engaged early on and acts as counsel to risk, actuarial and finance leaders on the people and organizational impacts stemming from modernization. The following factors apply:

• Early involvement to design appropriate governance, oversight and decision-making processes, as well as evaluate the impacts of technology and process changes that can drive changes to talent, structure and performance requirements.
• Sustained participation in decision making to enable thorough discussion of broader organizational- and talent-related impacts, as well as redirection of activities as needed to align decisions to broader organizational goals, drive accountability and protect against critical talent loss.
• Active engagement with talent at all levels of the organization to understand the impacts of the transformation on roles, employee satisfaction and engagement within the organization, as well as the talent risks that may need to be managed.

HR also often has a cross-functional view of impacts and can identify key talent from other parts of the organization to lead transformation efforts. With an eye on the future needs of the organization, HR can provide advice to keep leaders on the same page and help provide solutions to issues that arise along the modernization journey. Next steps To be successful, transformation requires discipline and continued leadership commitment to achieve goals. HR is well-positioned to help drive progress and momentum toward achieving higher levels of organizational maturity. HR also can help to keep leaders connected, as well as monitor and maintain alignment between organizational and individual goals. It also provides a people-focused perspective to modernization objectives and initiatives and works with business leaders to protect the organization’s talent assets.

More news from the technology front: Aetna acquires bswift. , shortly after Hodges-Mace announced the purchase of SmartBen. Last year, it was Towers Watson buying Liazon. Next year, it will be someone else. Is this just beginning of the dance where everyone in employee benefits needs to choose a partner? What does this mean for the benefits market and the benefits broker?

For some, the Aetna acquisition of bswfit may be strange. Aetna buys a company that provides technology that is used by its competitors and that handles enrollment for many employers that don’t have Aetna insurance. Similarly, Towers Watson bought a company whose products and services are distributed by its competitors, other brokers. What most people aren’t realizing is that the world has changed. If you view this acquisition in the old world, where competitors don’t work together, you may see it one way, but in a new world it may look a little different -- in many industries, companies that compete in one segment may be partners in another. My message to brokers on this is to start thinking differently. Those who don’t will get left behind. The rules of the game are changing, and you don’t get to make all the rules. I have been fortunate to have worked in some capacity with Mark Bertolini, CEO of Aetna, and Rich Gallun, CEO of bswift. Both are outside-the-box thinkers. Aetna has invested billions in technology preparing for what it views as a consumer-centric healthcare model. Aetna wants to reinvent the patient experience. To quote Bertolini, "We're going to begin to change the healthcare industry by giving people tools they can put in the palm of their hand.” Here is another quote from Bertolini that would make brokers pause. When asked about the future of healthcare, Bertolini responded: “There wouldn't be plan designs. You wouldn't need them. What you would do is invest in all those things that are necessary to keep people healthy.” You can see a full overview of the Aetna model by viewing this presentation from its 2013 investor conference. Some may see the bswift acquisition as a benefits enrollment platform for Aetna. But I see this as another step by Aetna to execute on a plan to compete effectively in a new healthcare world. A world where consumers are in more control. Where provider systems are engaged in a patient's wellness and not just proving treatment after the fact. Where health information and communication is moved via Web and mobile. Bswift made a strategic move into the consumer-centric world through private exchange technology, with individual rating and decision support tools. Now it has paid off. This made bswift attractive to Aetna. Congratulations to bswift for a job well done. So what does this mean for benefits brokers? A few weeks ago, I wrote an article titled “Does Apple’s HealthKit signal the end of employer-based insurance?” Some may not relate Apple’s investment to the Aetna acquisition of bswift; however, I think they are related. Apple is clearly one of the top consumer technology vendors in the market. Aetna is driving consumer-centric healthcare. They are pieces of the same puzzle. It is a puzzle benefits brokers need to pay attention to because the market is changing around them. A carrier buying an enrollment vendor says one thing, Aetna’s and Apple’s investments mean something different. The healthcare world is changing in a way that most brokers are not recognizing. Consumer-centric; mobile; doctors as wellness facilitators; employers out of the risk business? Maybe. So get ready.