An organization the size of the University of California system—10 campuses, five medical centers, a student body of 239,000 and nearly 200,000 faculty, staff and other employees—requires the close attention of individuals who help assess and manage risk and insurance. Kevin Confetti, the UC deputy chief risk officer in the Office of the President, is one of those people who keeps the University of California operating and its employees satisfied.
Born and raised in Pittsburg, CA, Confetti grew up in a hardworking blue-collar family with parents who worked at DuPont and at U.S. Steel. While in high school, he aspired to be a teacher and football coach, and he attended UC Davis, where he played on the varsity football team and graduated with a B.A. in rhetoric and communication. After graduation, he hung up his cleats and got his first real job working in claims adjusting for Cal Comp, where he found he really liked the variety of work. That experience led him to promotional opportunities at Fireman’s Fund, Ernst & Young and Octagon Risk Services. Serving for five years as a claim unit manager at Octagon—the UC system’s third-party administrator (TPA) at the time—Confetti was hired by the UC system in 2006. Now, he’s in the process of achieving his ARM (Associate Risk Management) designation.
Within the UC system, Confetti reports to the chief risk officer, Cheryl Lloyd, and he provides overall management of self-insured workers’ comp (aka “human capital risk”), employment practices, general and auto liability, medical malpractice, construction risks and $50 billion of property risks. Confetti said the UC system’s various campuses and medical and research facilities are actually quite autonomous, while the Office of the President strives to manage the overall risks without using too many mandates. It’s a program that responds to needs as it sees fit, and it helps set up system-wide policies.
To do his job well, he said he needs to be a good communicator, a good listener and someone who facilitates collaboration and cooperation among his various facility risk management teams. He described the job as, essentially, convincing his campus teams that something is the right thing to do. He loves the variety of what he manages, and his passion is to save the UC system money, whether it’s $1 or $1 million, so those savings can go to the UC system’s mission. Confetti said, “Leadership requires the ability to convince others in the UC system of the value of our propositions and decisions.”
With an in-house risk management staff of 10 to 12, Confetti serves each campus risk management department (ranging from about two to three at UC Merced to 12 at UCLA) as clients. The UC system uses Sedgwick as its TPA for its self-insured programs, which provides in-depth metrics, data mining and monthly and ad hoc reports. Sedgwick also provides assigned analysts in virtually every UC risk area.
Confetti also manages the UC Risk Management Leadership Council, which meets monthly on various campuses. In addition, his office hosts a Risk Summit conference once each year for every campus and facility risk management team. These teams come together to discuss trend statistics and emerging issues that are key risk factors for each unit as well as the overall UC system. While each campus team does things a little differently, they all operate with a similar mindset that fits within the UC system’s overall objectives.
At the moment, Confetti’s biggest area of concern is cyber security; cyber issues can be difficult to identify and prevent and can be one of the most destructive risks, threatening things such as power grids and other infrastructure. The UC system employs several different IT structures, and, because most insurance coverage excludes cyber risk, the risk is extremely dangerous from a risk manager’s perspective—especially given the size and nature of electronic data managed by the UC system.
A second issue Confetti is currently concerned with is the risk to students and faculty from active shooters or other terrorist-minded groups.
A third risk he’s focusing on is the use of drones; Confetti said the federal government, businesses and institutions haven’t been able to effectively manage the growing number of drones operating freely in the U.S.
Confetti said he would tell newcomers to risk management that technology continues to propagate new risks. He advised, “Be willing to take on risks, but learn from your mistakes and know that you don’t have all of the answers. You have to take risks to move forward, but negative experiences should provide the knowledge and skills to mitigate risk more effectively. … Be flexible and open to new ideas. … Avoid reliance on statistics. Data will give you a trail of facts like breadcrumbs to show you what trail you need to follow. But get out of the office and make the rounds to see and hear what’s going on.”