Safety and risk committees are an incredibly powerful tool to prevent incidents and enhance the effectiveness of all organizations.  Safety and risk committees bring together dedicated employees, representing departments and divisions throughout an organization. They are focused on improving and reinforcing safety and risk management initiatives and make a real impact on the organization.
 
Safety committees enhance employee morale, foster greater productivity, and improve standing among the various stakeholders of the organization. An effective committee sends a powerful message that management cares about the wellbeing of their employees, and the public.
 
When establishing safety and risk committees, careful consideration should be given to identifying the appropriate scope and duties that will be delegated to the committee as a group, and to the members who serve on the committee(s).   Effective committees include representation from senior management, supervisors, and front-line employees, from across all departments or divisions. Committees should not be so large that they lose the ability to be responsive to individuals or to affect organizational changes. 
 
For larger organizations safety committees may need to be established in individual departments and divisions, which report to a centralized risk committee.  Selecting those employees that have a desire to serve on a committee and that will be actively engaged in committee activities is crucial.
 
The mission of the committee should be clearly stated, with well-defined objectives. These objectives reinforce the overarching mission that safety reaches beyond just complying with OSHA or other minimum requirements.  Rather, safety and risk management provide a sense of purpose and a roadmap for accomplishing key organizational objectives.  For example, if the organization has had several lost time workers compensation injuries, the safety committee could identify and evaluate the root cause of the injuries and form and execute a plan to correct unsafe conditions. 
 
While many committees meet monthly, other successful committees may meet less frequently on a semi-monthly or quarterly basis.  The key issue is holding well planned meetings consistently, with good committee member participation.
 
Safety and risk committees are most effective when they can identify issues and are empowered and provided with the resources to resolve them. When a committee is working as it should, employees and managers work together to address safety and risk concerns before injuries or claims arise.
 
While many may think of safety committees as simply a forum to review workplace accidents, many successful committees have much broader oversight, including many key risk management functions, which include:

• Address employee safety concerns.
• Administer safety incentive programs, and safety grants.
• Develop emergency response plans.
• Establish safety training standards.
• Examine OSHA citations and identify solutions.
• Investigate incidents, or near misses.
• Perform site inspections with safety recommendations. 

When these key areas are addressed early, they significantly improves the effectiveness of committees:

Members should demonstrate a general understanding of technical safety and risk issues, familiarity with data gathering and analysis, and experience with group dynamics and meeting participation.  Training may be provided internally, online and from third party resources.  

A committee should be considered an investment, and management needs to provide adequate tools and resources.  Committees may need funds to oversee and administer safety incentive programs and purchase safety equipment or tools.

​Committees will make recommendations for corrective actions or changes in policy and procedure. The committees need to know that they have the support of management to carry out their mission and that their efforts will be sustained.

Engaging all organization stakeholders can significantly improve the visibility and support for the organization. Many successful risk committees prepare an annual report that is reviewed with the governing body (e.g., Councils, Commissions and Boards), with objectives and goals outlined for the coming year.

When safety and risk committees are engaged and empowered, they serve as a vital piece of a risk management program. With knowledgeable, enthusiastic members that develop innovated and creative solutions, these committees have a far-reaching impact on the organization. They improve the culture of safety and risk awareness throughout the organization, improve employee moral and build good will with those that are served by the organization.  

With Spring comes the start of many significant capital projects, from new office and administration buildings to pipelines and treatment plant expansions.  The risks to property under construction are significant but can be well managed through an effective builder’s risk insurance program.
​
Builder’s risk insurance programs can be handled by the owner or left to the general contractor or construction manager.  Project owners understand the scope, cost and special conditions of the project and are better equipped to set up the builder’s risk insurance program.  Contractors may not address all of the ancillary elements and supplemental limits needed for a builder’s risk project and may, mark up the cost of the insurance with profit and overhead. 

​In the absence of detailed information, many underwriters may make assumptions which could result in higher than necessary premiums.  Providing details on the type of construction materials, a timeline of work to be completed (e.g. Gantt Chart) and a summary of new construction vs existing facilities being renovated, will provide greater clarity on the project. This will result in more competitive terms.

​Many organizations use the contract value or guaranteed maximum price when setting the insured value for their projects.  While this is a good starting point, a careful review of the projects costs often yields many items that may fall outside of coverage, or for which you would not intend coverage to respond.  These may include site grading, pavement, purchase of property or property rights (e.g. easements). 

​When establishing the term of the builder’s risk policy, owners and contractors should incorporate potential delays from material suppliers, subcontractors and sub-subcontractors, weather and other exigent circumstances which could result in a delay to the project.  Builder’s risk underwriters will generally increase the policy rate for projects that are behind schedule and need an extension in the policy term.  

When designating the policy term, allow additional time for unanticipated delays from contractors and suppliers.  Builder’s risk policies can be cancelled before the policy expiration at the conclusion of the project, with the unearned premium returned to the owner.  This approach will yield the lowest overall builder’s risk policy rate and total cost.

​Policies should include both the owner and contractors as insured parties.  This has become more critical in recent years due to the increase in owner supplied specialized equipment, which would not be covered under a standard builder’s risk policy obtained directly by a general contractor or construction manager.

​Understanding the transition from the builder’s risk policy to your permanent property insurance program is critical.  Builder’s risk policies may specify that coverage for the project will end when substantial completion is achieved, when a certificate of occupancy is obtained or when the property is put in service for its intended use, even if the project is not yet complete.  

These timelines should be communicated when evaluating builder’s risk insurance options, and throughout the duration of construction to ensure that the project is not left without coverage. 

Staying safe at work sounds like a simple enough goal.  No worker wants to work in an unsafe environment and no administrator or elected official wants to spend time and resources investigating preventable incidents.  The potential for workers’ compensation or third-party liability claims arising from unsafe activities are considerable, when, unsafe incidents occur.  People get hurt property is damaged and productivity is impaired, adding to the negative impact from t events.
 
Often, incidents occur in spite our best efforts to adopt safety policies and satisfy training requirements.  Safety culture is beyond policy and procedure, since it develops a   lasting change in the organization. A culture of safety t reinforces a shared organizational commitment at all levels of the organization. 
 
A good example is provided by Paul O’Neill, formerly of Alcoa.  Mr. O’Neill took over as the CEO at Alcoa during an incredibly challenging time, when he stated: “I knew I had to transform Alcoa. But you can’t order people to change. So, I decided I was going to start by focusing on one thing. If I could start disrupting the habits around one thing, it would spread throughout the entire company.” 
 
He reinforced his commitment to developing a culture of safety in a now famous speech to Alcoa shareholders, he said: “If you want to understand how Alcoa is doing, you need to look at our workplace safety figures. If we bring our injury rates down, it won’t be because of cheerleading or the nonsense you sometimes hear from other CEOs. It will be because the individuals at this company have agreed to become part of something important: They’ve devoted themselves to creating a habit of excellence. Safety will be an indicator that we’re making progress in changing our habits across the entire institution. That’s how we should be judged.”
 
Despite initial resistance from the shareholders, O’Neill’s decision to prioritize safety over profits paid off.  Sales increased, employee injuries declined, and net profits grew five-fold over his twelve-year tenure as CEO.
 
There are several steps we can take to better reinforce a safety culture within our own organizations.  While not an exhaustive list, these seven areas are a great place to start:
​

• Robust training program – Too many incidents resulting in employee injuries, organization property damage and third-party liability result from the lack of proper training.  Training should be more than checking a box once a year to meet a minimum standard.  Training should include specific examples of the type of work to be performed, the actual hazards evident and the safety practices to be followed to safety perform the work.  New employees should receive specific onboarding and follow-up training to ensure they are familiar with the safety policies and safe work practices of the organization.
  
  
• Keep safety top of mind – Do not leave safety training to a monthly formal training but incorporate safety into daily work activities.  Taking five minutes to review the work that will be performed, the hazards present and the safety precautions that need to be taken can be incredibly beneficial.
  
  
• Effective safety/risk committees – These committees should not just be a forum to review incidents but should provide members with the opportunity to review near-misses (near-hits) as well as to express safety and risk concerns from within their own departments or divisions.  Committees should have the full support of senior leadership, and when possible should have representation on the committee from the most senior levels of an organization.
  
  
• Safety incentive programs – An effective safety incentive program should not simply reward employees for a lack of incidents but should encourage proactivity from employees.  Recommendations from employees of known hazards or alternative approaches to perform a task in a safer way can be tremendously valuable.
  
  
• Empower employees – Employees at every level of the organization should be empowered and encouraged to address unsafe activities directly, including stopping work in process if necessary.   
  
  
• Plan for safety – When employees understand that safety is the first and highest priority of an organization, they will work differently.  Supervisors and managers should reinforce this while planning projects, that injuries are likely to occur when shortcuts are taken, or safety protocols are not followed.    Incidents occur where employees are hurried to finish to their work within a specific timeframe, such as the end of a shift or workday.    
  
  
• Safety accountability – Incorporating safety into the performance evaluations of employees, supervisors and senior leaders tangibly reinforces the organizations commitment to safety.

As we work to improve the safety culture within our organizations, safety will become a habit.   Productivity improves with a decrease in incidents, employee moral rises, and our public image is enhanced.
​

Sound risk management involves many preventative actions and processes, to maintain facilities and equipment, and to mitigate potential claims.  Unfortunately, many of these actions go unrecognized without documentation that the tasks were completed.  Two real-world situations to illustrate:
 
ABC City experienced a sewer back-up that flooded the living quarters of a private home. This resulted in the resident vacating the home and moving into a motel for nearly a month. When the claim for damages to the home was submitted, a request was made to the city for documentation of their sewer inspections and maintenance. The city’s public works staff responded that sewer lines were periodically inspected but could not produce written records of any inspections or completed maintenance.  This severely hindered the city’s defense efforts, which led to the city ultimately settling with the homeowner for over $100,000.

XYC City also experienced a sewer back-up, which caused raw sewage to back-up into a restaurant. Because the back-up occurred in the sewer main line under the street, city staff thought that the city was likely responsible for the damages, and the city contacted their insurance company to report the back-up before a claim was even submitted. The claims adjuster requested and reviewed the documentation of sewer inspections.
 
The area where the back-up had occurred was a known low spot in the main. Less than two weeks prior to the back-up, XYZ City’s public works staff had inspected the main on both sides of the low point, noting that the line was running free and clear. Additionally, the city had documentation reaching back several years for their entire sanitary sewer system inspections and maintenance activities. The documentation demonstrated that the city was being a responsible utility owner and, consequently, was not liable for the back-up and damages to the restaurant. Instead, it was later established that restaurant employees had caused the back-up by dumping grease down the drain and had not properly maintained their grease trap. Without this documentation, XYZ City could have been liable for significant clean-up and restoration expenses.

For local governments, there are several benefits to documenting the many daily activities conducted by staff, not just sewer system operations. These benefits include:
​

• Records what your people do every day
• Builds data to be used for scheduling future work
• Justifies current budget expenditures
• Adjusts capital replacement plans
• Establishes future budgetary and staffing needs
• Provides information for new employees when current employees retire or leave
• Reduces potential liability for the agency, thus saving costs

  Documentation should include all inspections and maintenance activities, as well as repairs conducted, and replacements made. While the list of what should be documented will vary by entity type, there are some common activities that should be documented across all public agencies, whether you are city, county, water or sewer utility, school district, fire district, or other government agency.

• Building and property use.
• Building safety systems (e.g. Fire extinguishers, AED’s, fire alarms, security systems, panic alarms, active shooter protocols, etc.).
• Chemical handling and storage.
• Department specific equipment (e.g. SCBA’s, ladders, hoses, nozzles, tools, etc.).
• Incident reports for employee and patron injuries.
• Parks/recreation facilities, playground equipment, tree health, trip/fall hazards, lighting, restrooms, security cameras, fencing, sports fields, and swimming pools/splash pads (including water quality).
• Right-of-ways for maintenance, encroachment, and obstructions.
• Sidewalks/trails including ADA accessibility, trip and fall hazards, and condition.
• Staff training conducted, including subject, attendance, date, and length of the training, training content, policies reviewed.
• Street condition.
• Streetlights.
• Swimming pools, gymnasiums, athletic fields and facilities.
• Traffic control/street name signs for visibility, retro-reflectivity, physical condition, and proper supports. Follow the Manual on Uniform Traffic Control Devices, for retro-reflectivity and placement, traffic signals, and temporary construction signage.
• Transit operations.
• Use of personnel protective equipment.
• Use of portable equipment and tools.
• Utilities systems, such as sewers, storm water, drinking water, electric, and waste management.
• Vehicle use and maintenance.

​
Inspection reports should contain the below items:

• Date
• Location
• What was wrong
• Who was involved in addressing the issue
• How was the problem or issue resolved, with specific details.

 
While documentation can be as simple as a spiral notebook with hand-written entries; many organizations use sophisticated asset management or work-order systems to not only track inspections and incident reports, but to also receive reminder tasks for preventative maintenance issues (e.g. cleaning ‘hot-spot’ sewer lines).  These systems can also often include pictures of sites before and after work is completed

Documentation and reports should provide sufficient detail so that someone who was not present when the work was performed, or when the problem was addressed, could fully understand what transpired.
 
Documentation offers many benefits to you as a worker and to your agency, the least of which is that ongoing and thorough documentation can help reduce an agency’s liability when a claim occurs.

​The U.S. Department of Transportation’s Federal Motor Carrier Safety Administration (FMCSA) clearinghouse of commercial driver's license (CDL) holders' drug and alcohol violations went into effect on January 6, 2020.  

Employers must register to access the data repository to fulfill compliance obligations.  Employers of CDL drivers, can now register on the site and create a secure online user account. Employers with drivers covered by FMCSA regulations will be required to query the database for current and prospective drivers' drug and alcohol violations before permitting those employees to operate a commercial motor vehicle. Employers also must report drug and alcohol program violations through the site. The regulation requires that employers annually screen each of their drivers through the clearinghouse.

​This new regulation comes from a law signed in 2012 intended to help reduce crashes, injuries and fatalities involving large trucks and buses by creating a way to identify and track commercial drivers with a history of violating drug and alcohol prohibitions.

Before the clearinghouse was created, regulated employers were required to check with a driver's prior employers to verify his or her drug and alcohol testing record. Drivers with violations are not eligible to drive a commercial motor vehicle until the employer confirms that the driver has successfully completed mandatory return-to-duty obligations.​

​The clearinghouse will enable employers to more easily identify drivers who commit a drug or alcohol program violation while working for one employer but who fail to subsequently inform another employer.  Records of drug and alcohol program violations will remain in the clearinghouse for five years, or until the driver has completed the federally mandated return-to-duty process, whichever is later.

Registration is free, but there will be a charge, depending on the number of queries, to run records searches. Employee drivers are not required to immediately register for the clearinghouse but will need to register to respond to an employer's request for consent prior to a pre-employment check or other query. "Employers may want to encourage drivers to create an account, however, as doing so will streamline the process by which a new driver can be hired or returned to work following a report.  As the database grows over time, it will become more effective. Unfortunately, employers must also continue to independently gather driver drug and alcohol program compliance records directly from prior employers until the clearinghouse has been operating for three years.

FMCSA regulations require employers to add language to their drug and alcohol testing policies to notify drivers and driver applicants that employers are now required to report any adverse drug and alcohol testing information to the clearinghouse.

This includes any positive drug-test results, any alcohol test results with a blood alcohol content greater than 0.04, refusals to test, and any other non-test violations of the FMCSA's drug and alcohol regulation.  Employers will have to submit a report of a drug or alcohol program violation by the close of the third business day following the date on which the employer obtained the information.

In addition, employers will be required to report any "actual knowledge" violations along with a detailed description of the event, supporting evidence, and the names and contact information for any corroborating witnesses.

For example, supporting documentation will be required … from a supervisor who saw the driver engage in prohibited conduct or documenting a driver's admission of a regulatory violation. The employer must also ensure and certify that all of the information reported to the clearinghouse was also provided to the covered driver in question. This process is designed to ensure that covered drivers are able to exercise their right to dispute potentially inaccurate information.

FMSCA-regulated employers must initiate a database query of the clearinghouse as part of the hiring process for new drivers.  This query must be run on every prospective driver before they are able to perform safety-sensitive functions.  Employers must obtain the consent of the driver before running the check. Consents to limited queries can be evergreen, allowing the employer to continue to search the database as needed after the driver's initial check.  If the query identifies a relevant report on a driver in the database, however, the driver must at that time and on an individual basis authorize the release of the full query report to the employer. Failing to authorize the release of these records to the querying employer will prevent the employer from using or continuing to use the driver.

In addition, employers will be required to run a search of the database at least once a year for all their current drivers.  Employers have some flexibility as to the timing of the searches and should be wary of the potential disruptions that running queries on all drivers at once can create. For example, if an employer elects to run all covered drivers at once as part of its annual review, and the limited query reveals information necessitating a full query on certain drivers, the employer must then conduct a full query on each of those drivers within 24 hours.  If the employer fails to conduct a full query within 24 hours—recognizing that the employer must obtain specific consent from the driver to do so within this time period—the employer cannot allow the covered driver to continue to perform any safety-sensitive function until the results of the full query confirm that the driver's clearinghouse record is clear.

​The operation of motor vehicles remains among the highest impact risks of public agencies.  Collectively, the public sector operates nearly 3 million licensed vehicles; more than any other segment of the US economy.  From patrol vehicles to fire trucks and specialized utility vehicles, these fleets are diverse, with unique uses and operational requirements.  The risks associated with the use of vehicles continue to expand, particularly the increasing number of distractions present within vehicles.  It is crucial to have a well-crafted fleet safety program to establish and reinforce best practices for the use of vehicles.  A comprehensive fleet safety program should address the following areas:

​The policy statement should address your unique operations and environment, as well as reinforce the commitment of management to the safety of drivers and the safe operation of motor vehicles.

​Many organizations permit certain types of vehicles to be taken home to facilitate greater efficiency or as a benefit of employment.  Rules should be outlined to clarify the personal use of vehicles for these employees, including permitted operators and passengers, deviations while commuting or any other territorial or mileage limitations.  These rules should also specify when prior authorization is required to deviate from the rules, and how that might be obtained.  In addition, company vehicles should not be used for the towing of personal trailers or for off-road or recreational use.  

​When employees drive their personal vehicle on official business, their employer may be enjoined in any claims arising their negligent acts.  Accordingly, they should be held to the same standards as those employees operating company vehicles.  Employers should specify the minimum acceptable personal insurance requirements for these employees, and obtain evidence of the personal insurance limits purchased.  Employers should also specify that when the employee is driving their personal vehicle on company business that they must still comply with the organizations fleet policy, including the use of electronic devices.

​Reinforcing the importance of seat belt use is crucial.  Annually, 47% of people killed in motor vehicle crashes were not wearing a seat belt.  Your policy should clearly state this is a requirement to operate a motor vehicle.

Operators of company owned vehicles must have a current driver’s license for the class of vehicle being driven.  A commercial driver’s (CDL) license must be required for all operators of commercial vehicles.  Employees with suspended or revoked licenses should not operate vehicles at any time. 

Motor Vehicle Reports (MVR’s) can be a valuable tool to ensure drivers have an acceptable driving history, however the timing of data being available on these reports can be problematic, often taking several weeks to be updated for the most severe violations (e.g. DUI, reckless driving), where mandatory court appearances are required.  In most states, public agencies have free access to MVR reports, which can be continuously accessed and monitored.  In Utah these reports are available through Utah Interactive.  It is recommended to require that employees self-report any moving violations immediately to their supervisor, regardless of severity.
 
Scoring criteria should be included to designate drivers as acceptable or unacceptable based on the number and severity of moving violations.  Examples of critera that would disqualify an employee from driving are as follows:   
 

• Not licensed for last two consecutive years
  
• License suspension or revocation within the past 3 years
  
• 3 or more moving violations within the past 3 years
  
• Reckless driving moving violation within the past 5 years
  
• Drug or alcohol violations within the past 5 years
  
• Other serious moving violation (Hit and run, use of vehicle for illegal purposes) within the past 5 years
  

​Driver fatigue is responsible for nearly 800 fatalities annually.  Your policy should affirm that drivers should be alert, attentive and rested before driving.  Drivers who may be fatigued or ill should not operate vehicles. 

​Rules specific to the types of commercial vehicles that you operate should be included, including securing of equipment, covering of loads, towing of trailers, and use of specialized vehicles (e.g. Streetsweepers, garbage trucks, vacuum trucks).

​The use of telematics to monitor fleet movements has increased significantly in recent years.  The data collected through these systems may be a useful tool to identify areas for improvement and reinforce safe driving behaviors.  Many telematic systems can provide alerts based on vehicle speed as well as acceleration, braking and cornering velocities.  Alerts may be triggered when a vehicle leaves a designed geographic area, or moves during a specified time (e.g. a take home vehicle moving after work hours).  Some systems also include forward facing and cab facing cameras, which can prove invaluable in the event of accident.

Training requirements should be established for new employees, including training for the specific vehicle(s) that will be operated, including a road test.  Special emphasis should be placed on unique driving exposures, including driving at night, use of 15 passenger vans, or other extreme driving conditions.  At least annually, all drivers should be required to complete refresher training as outlined by management.

​Vehicle maintenance should be monitored, scheduled and documented by a designated employee within the organization.  Employees should not be responsible for or directly perform vehicle maintenance.  Pre-trip and post-trip inspections should also be completed and retained by management for all vehicles.   

If an accident should occur, all vehicles should have a copy of the organization’s post-accident procedures.  At minimum, the following steps should be included:

• Report to the employee’s supervisor
  
• Complete accident form, take photos, obtain witness information
  
• Coordinate the accident review process with supervisor or other designee
  
• Post-accident drug testing
  

​A formal process should be established to review the facts of the accident, determine if the accident was avoidable or unavoidable, and outline the corrective steps if an accident was avoidable.  This review may be completed by a supervisor, manager, director of accident review board. 

A sharp rise in public sector ransomware attacks across the U.S. has drawn considerable attention in recent years – and for good reason. Such attacks can cripple an organization’s ability to conduct important operations or provide needed services to the community. They can also have a huge financial toll.

“Ransomware is not a new problem, but it’s presenting a bigger challenge for public entities,” said Kirstin Simonson, Cyber Lead for Technology and Public Sector at Travelers. “Ransoms are trending significantly higher, in years past ransoms were often in the five to six figure range.  Cyber criminals now routinely demand seven or eight figure sums from local and state governments. Ransomware has impacted government agencies of all sizes, unfortunately, no one is immune.”

While ransomware has been a threat for years, newer variants are able to infect entire networks and cause considerable damage, often before detection.  Here are some measures you can take to help protect your data and ensure an effective response in the event of a ransomware attack:

​A primary step is to back up critical data on a frequent basis. Backed-up files can be quickly recovered, which can help to restore operations in the event of an attack.  Ensure the backed-up data is stored on a separate offline device that is completely severed from the working network. Otherwise, it’s likely to be ransomed along with your primary data.

​Splitting your network into smaller segments is another way to protect critical data. This is typically done by business function or data type, so you can grant employees access to just the data they need to do their jobs. If an employee should fall for a ransomware attack, segmentation can help to prevent the virus from spreading throughout your network and operations. Employees should only have access to critical data, including all forms of protected information when it is required to perform their work.  Otherwise, sensitive data should be restricted. 

​Multifactor authentication (MFA) provides an addition level of protection to your network data. This is a method of verifying an employee’s identity with two or more pieces of proof. The authentication factors typically correlate to a device (e.g., an authenticator app or text message on a smartphone), biometrics (e.g., a fingerprint) or information (e.g., a PIN).

Even if a cyber attacker has obtained a user ID and password, MFA decreases the risk that an attacker can gain access by requiring an additional means of validation. For example, they would need to steal both an employee’s password, as well as their phone, to be able to log in to your systems.

​It is important to continuously monitor your network to identify and mitigate security vulnerabilities. Begin with a complete assessment of the network; identify all systems that are not fully patched and take corrective action. This includes operating systems and software, especially older legacy systems that your municipality may depend upon, which often the most vulnerable systems.

If security updates are no longer feasible, you can reduce the legacy system’s exposure by placing it within its own network segment, making it inaccessible from the internet and restricting employee access.

Your monitoring should also include the systems that remote employees use to gain access to the network. Microsoft’s Remote Desktop Protocol (RDP), for example, can act as an open door for cyber criminals if not properly configured and secured.

​Ransomware attacks can often be traced back to an employee who unknowingly clicked on a phishing email or malicious link. To minimize the risk of human error, provide frequent training on how to recognize cyber threats. Emphasize to your employees the importance of examining links and attachments to make sure they are from a reliable source. Also, warn them of the dangers of sharing company or personal information in response to an email, letter or phone call, and set up protocols for reporting suspicious activity to a designated contact within the organization.

Avoid scrambling to figure out a plan after a ransomware attack occurs. Having an incident response plan in place in advance is key to a swift, systematic response to help contain the damage to your systems and minimize the response and recovery costs. To ensure that your plan will fulfill its intended purpose, test your plan and put it into practice before an incident occurs. You should also continuously update it as you become aware of new risks and vulnerabilities.

A comprehensive cyber insurance program should provide access to a data breach coach, who can review real-world claim scenarios and identify areas for improvement in our response planning; as well as provide complementary or discounted access to qualified cyber security services.  Some of the most common services provided are:
​

• Cyber security education
• Endpoint security
• Network vulnerability scans 
• Password Managers
• Phishing simulations
• Ransomware defense

​If an incident occurs, the first step a public entity should take is to engage legal and computer forensics experts, ideally those identified in your incident response plan or recommended by your cyber insurance provider. These professionals can assist with investigating the extent of the infiltration, removing the cause, restoring your network and determining whether or not to pay the ransom. You may also have an obligation to notify others of the incident if their information was potentially compromised as a result of the breach.

In recent years considerable attention has been paid to the large settlements and awards that have been made against governmental agencies.  Historically, claims in excess of $1 million dollars were quite rare.  Today, they are occurring with greater frequency.

These large liability claims have a significant impact to the cost of risk to most governmental entities, who at one time enjoyed relatively inexpensive insurance program costs.  In recent years, these premiums have grown in relationship to the higher risk of large liability losses.

Recent data from the American Property Casualty Insurance Association highlights that large liability claims are occurring more frequently with an increasing average cost.  In their report they state, “Median jury awards for personal injury lawsuits increased over 300 percent between 2010 to 2017.  Mega or nuclear verdicts amounting to greater than $5 million have increased by 60%.”  

These findings are consistent with other publications, which express an exponential growth curve from the 1980’s where few claims were settled in excess of $1 million, to today where they are more frequent and severe.  

This has impacted the availability and the cost of excess liability insurance, and many carriers have either withdrawn, limited or repriced their coverage offerings.  In a recent Risk Conference webcast, David Lund from the Utah Attorney General’s office shared the State of Utah’s experience involving large liability claims, and the availability and cost of their excess liability insurance program.  The claims at the state level have increased significantly over the past few years, as is the cost of the State’s excess liability insurance program.  
​
There are many reasons for the increased cost of excess liability insurance. Chief among them is Social Inflation, which is a term coined to reflect many different social trends that impact the number of claims and the severity of claims that arise against local government entities.  Social Inflation has many causes, which are drivers in this profound societal change.

Historically, juries were inclined to rely upon community values, firmly grounded in the legal liability as defined in the law.  The jury awards for many years were based on an outlook of what is best for the community and the individuals that may be aggrieved by the actions or failure of another.  Recent jury verdicts are more motivated by social justice and may be inclined to send a message with a large award.  This is particularly evident against large corporations, state and local governments, religious organizations, and other cultural institutions.  

When large jury verdicts occur, the jurors are questioned on their motivations for the award that was made.  At times, they want to send a message to the offending party.  They have also stated that they would like to punish those that are responsible, where clear negligence is found. In a survey of the top jury verdicts of 2019, 42% of jurors said they would decide a case based on what they believe is fair, and not based on the law.  

In many cases juries award based on the hardship or economic conditions that may be felt by those who suffered injuries.  Even with little or no comparative negligence, awards may be made, simply because economic hardship is evident, and the defendant is able to satisfy the destitution that may result, such as a lifetime disability.  
​
An example of a recent large award occurred in Texas, where a pickup truck driver lost control of his vehicle in icy conditions.   The truck crossed the median and struck an oncoming commercial truck, which killed one child in the pickup, paralyzed another and severely injured two others in the pickup.  The commercial hauler had been traveling in control and below the speed limit.  The jury found against the commercial hauling company in the amount of $90 million, which is currently being reviewed on appeal.  

Pursuing a major claim through litigation can be a very expense process, with attorney time, court costs, expert witnesses, depositions, and other forms of discovery.  The pretrial costs can go well into the hundreds of thousands of dollars, and the cost of taking a claim through trial are several multiples greater.  It is not unusual for several million dollars to be spent taking an action through trial.  

Most law firms do not have the financial resources to take claims that are complex and sizable on contingency, where they front the cost and share the final award or settlement.  Many firms would rather work toward a resolution of the claim in pretrial settlement.  A claim may be pursued to the point of pretrial motions, to assure that the defense council with the defendants and their insurers are motivated to bring closure through settlement.
​
A new form of funding has arisen in recent years, where outside investors with deep pockets agree to fund the litigation for a promised sizeable share of the final awards that may be achieved.  The investors assess the potential merits of the case, including the potential for sizeable jury verdicts.   
Litigation funding has a powerful incentive to bring actions to a jury, where jury sympathy may weigh heavily on the financial outcome.  

In the interest of protecting the ability of local governments to deliver essential services, statutory protections have been in place to reduce the possibility of some types of claims, and to set caps on other types of claims.
​
Over time, the protection afforded from these statutes, has been eroded.  Claims may arise in certain types of federal actions, which do not have any damage cap.  Claims that are made in state courts may only have caps apply for the services and activities that are wholly unique and can only be provided by government. 

Historically, attorneys relied upon their professional reputation to be referred by satisfied clients for future legal work.

In the present environment attorneys advertise their services, as well as engender a demand for those services through social media, targeted class advertising, and profiling of those in the action and potential jury demographics.  They share strategy with their peers in conferences and seminars.  The plaintiffs bar is well organized and uses technology and sophisticated resources to find and pursue actions to a successful conclusion.  
​
Social inflation is an ever-present threat that needs to be addressed through effective risk management planning and progressive insurance program design.   The impact of social inflation is a factor to be considered when setting liability limits, and in the way in which organizations understand and approach their major risks.  

Over the past few months, the world has changed as elected and administrative officials have addressed the impacts of COVID-19.  This includes the loss of economic activity, reductions in revenue, and civil disturbance.
​
A featured coverage in most public sector insurance programs is public officials’ errors & omissions or management liability.  This is a type of professional liability coverage is designed to protect against potential claims that may arise alleging wrongful acts, and errors or omissions on the part of elected or appointed officials, or administrative personnel.

Historically, this coverage has primarily responded when an elected or appointed official acts contrary to sound governmental practices. 

The most common claims against public officials have arisen in six areas:

• Conflicts of Interest
• Overextending individual or group authority
• Failure to fully disclose issues that may be integral to a decision 
• Failure to allow input from affected parties
• Acting contrary to local, state, or federal laws
• Violation of open meeting laws

In each of these areas, significant claims have arisen, which in many circumstances are costly to defend and settle.  The average public officials claim takes 3.5 years to close and has defense costs, exclusive of settlements, that average $470,000. 

Fortunately, an emphasis has been placed on disclosing conflicts of interest before key decisions are made, and not overextending promises to groups and individuals.  Many organizations seek legal input or review prior to key decisions, to ensure that those decisions are not in violation of any local, state, or federal laws. 
As we continue to move into increasingly unfamiliar terrain, and organizational decisions are impacted by the effects of COVID-19, it will be worthwhile to review a few key points to help in avoiding public officials or management liability claims.

In uncertain times, there may be outside factors that contribute to the difficulty of coming to a consensus with various groups.  Many may experience additional pressure from the loss of revenue, demands for resources and services or to further political agendas.  There may also be a great deal of misinformation or public outcry by those who seek to influence decisions, especially when there are heated emotions. 
When decisions are made in these circumstances, crucial steps may be missed in in the decision-making process.  This may result in decisions that are not in the best interest of the greater community and contrary to sound judgement. This process can be made more difficult as many organizations are meeting electronically, which may not easily allow for input from all interested parties.  

During periods with challenging circumstances, it is crucial to allow expression from those that may have a different point of view, not just those that may be speaking the loudest or demanding the most. Since decisions may impact the organization beyond the current budget period, a broad cross section of community engagement allows for enhanced perspective and better overall decisions. 

The final point to consider is essential leadership. The COVID-19 pandemic causes many to feel the weight of an uncertain future. 

Winston Churchill faced his fair share of challenging moments during some of the darkest times in World War II, when the outcome was less than certain. He quoted Herodotus, the Greek Philosopher.
“Adversity has the effect of drawing out strength and qualities of a man (woman) that otherwise would have lain dormant in its absence”.

Public officials provide the leadership that will allow for our return to a more normal society, enriched by experience and greater understanding.  Essential leadership guides individuals to strive to their higher selves in the interest of their communities and those that surround them.  

The vast majority of these injuries are preventable, if we follow a few basic steps:
​

• Inspect all equipment before each use.   This should include not only the mechanical operability of the equipment, but also safeguards, including lawn mower roll bars, blade guards and exhaust shields.
• Ensure maintenance is completed in accordance with the equipment manufacturers recommendations, and that all maintenance is documented when completed.
• With each piece of equipment, the required personal protective equipment (PPE) will vary.  Ensure employees are issued and understand how to correctly wear and use the appropriate PPE.  Two commonly overlooked elements of PPE are safety rated sunglasses and sunscreen or UPF rated clothing.
• At the end of work each day, ensure equipment is cleaned and properly stored, with any maintenance issues addressed before starting work the following day.  This can greatly reduce the likelihood of a fire occurring from the accumulation of wood dust and other combustible debris.

Manage heat exposure to avoid heat-related illness

It is easy to lose track of time while working in the sun and heat.  As the temperature climbs, so does the risk of heat-related illness, which includes heat stroke, heat exhaustion, heat cramps and heat rash.  OSHA’s ‘Water. Rest. Shade.’ campaign provides useful tools to help identify and mitigate the risks to employees from heat exposure.  The impact of hot weather is magnified when working around large equipment, which can generate significant heat, and roadways.  OSHA recommends the following best practices:

• Provide workers with water, rest and shade.  This can include setting up canopy's at job sites with fans, portable air conditioners, ice machines, water coolers and electrolyte rich drinks like Gatorade.
• Scheduled breaks to ensure workers do not become overheated.  It is important to have employees rest before they become fatigued and dehydrated.  
• Train employees to watch out for each other, and to be aware of the common symptoms of heat-related exhaustion which include: Headache, dizziness or fainting, weakness, wet skin, irritability, thirst, nausea or vomiting.  
• Monitor weather conditions.  NIOSH provides a smart phone app to aid in monitoring the heat index.  It is also important to monitor to UV index, and ensure that employees are protected from the sun using sunblock or UPF rated clothing.

​
Be alert and aware of your surroundings

Working outdoors all day does present some unique risks, which include:

• Adverse weather – Wind, rain, lightning, etc.
• Interactions with wildlife
• Exposure to insects and poisonous plants

Having a plan in place to mitigate these situations, can greatly improve the safety of employees while working outdoors.