Ripped from the Headlines
Jan 31, 2019

An international mystery begins thus: "One morning in March 2017, Mike Vitello's work phone lighted up. Customers wanted to know about an odd email they had just received. What was the agreement he wanted signed? Where was the attachment?"

Before long, Mike Vitello's unexpected email had involved the FBI, Homeland Security, and various other Federal agencies. His little construction company, All Ways Excavating had 15 employees, became ground zero in a Russian plot to compromise America's electric grid. The Wall Street Journal report reads like a spy novel - which is exactly what it is, only it's in the non-fiction section. If you have any concerns about hacking, this tale offers a textbook case for how highly skilled hackers can find a way through what at first appears to be top notch security.

They do it by following directions from Shakespeare*: "Thus do we of wisdom and of reach,/ With windlasses and assays of bias,/ By indirections find directions out." The Russian approach was multi-step and very indirect, starting with the least secure systems in the power grid eco-sphere: little construction companies that work for larger outfits that are then service vendors for the real targets, the major utilities.

This complex story is well worth your time if you value data and system security. Read it, then ask yourself - what equivalents of All Ways Excavating do we have in our vendor pyramid? The most important point is that this little company was several layers down. In all likelihood, the real targets didn't know they existed. But any weak point in your vendor pyramid, no matter how apparently inconsequential, can turn into a superhighway into your data repositories and operating systems when patiently attacked by a clever and insidious hacker.

Texans remember the Alamo. We suggest that risk managers remember All Ways Excavating.

*It's true- the whole world is in Shakespeare. As valid today as in 1604.


Big Time Burnout

Here's a puzzle. Identify the profession profiled in the following short paragraph:


Close to 44 percent of them are burned out, and 15 percent are depressed and thinking about suicide, according to a recent survey published by Reuters. More than one of them commits suicide every day in the US nationwide - a rate higher than in any other profession and more than twice that of the general population.

No, not risk managers, not even insurance brokers. These are a few of the insights in a new Medscape survey of American physicians.

The survey details both reasons for burnout - overwork, payment discounting, having to deal with electronic health records, and other administrative minutiae - and the ways in which physicians try to cope - from mindfulness to junk food and alcohol. It also notes that physicians are retiring in record numbers.

What does this mean for patient care? Leslie Kane, Senior Director of Medscape Business of Medicine told Reuters Health: "Fourteen percent of physicians said they made errors they might not ordinarily make; 16 percent are more apt to express frustration in front of the patient; and 26 percent say they are less motivated to be careful taking patient notes."

Ouch. What can you do about this in reference to your comp program? Talk to your claims provider about physician selection and care monitoring. The days of discount PPOs are long gone. You don't want your injured employee being treated by one of those doctors who admits to making more errors or to not taking careful treatment notes. What is your TPA doing to watch out for non-compliant treatment patterns or other indications of physician disengagement? Medical management isn't just about fee schedules and discounts any more.

As for the dejected docs? Shakespeare nailed that one as well:
"Therein the patient must minister to himself."


It's All About the Data

The Consumer and Electronics Show (CES2019) in Las Vegas is not on the calendar of most risk managers, but perhaps it should be nowadays. Speakers at the opening of CES2019 declared that we are in the Age of Data. It is no secret that all of us, in all of our roles, as individuals, households, and corporate entities, are amassing data at practically unbelievable rates from a rapidly expanding array of sources. Just ask Alexa.

In his report on CES and insurance, Mark Breeding, writing in Property Casualty 360, notes five ways in which the data tsunami demonstrated by scores of vendors and speakers at CES is changing insurance and risk.


Capture: we now have so many ways of gathering information, from dash-cams to wearables to text analytics. Understanding the nature of risk is no longer limited to what an adjuster or a property manager can key into a system (and remember the proper code for).


Security: gathering data on exposures becomes its own exposure component, generating a whole new ecosystem of risk.


Privacy: who owns which data and how does this constrict what can be done with it?


Analytics: we have more and more new ways to view and understand the information we capture. New questions to ask and answer.


AI: this takes us beyond classic analytics into prediction and new insights into risk and prevention.

The author concludes his review with, "data will fuel transformation in every customer segment covered by the insurance industry." This may well be a polite understatement. Once upon a time, risk managers, brokers, and TPA reps got together over lunch or on the links and problems were solved on the backs of napkins at the 19th hole. (Yes, dear reader, that really did happen; sorry you missed it.) Now matching risk, insurance, and claims services becomes: "let's have your computer talk to our computer, run some scenarios, do a little risk modeling and we'll prepare a few projections."

CES is right. Are you optimizing your own data acquisition, analysis, and information retention? It is the age of data and risk management is data management.


Quick Take 1:
We Told You This Was Coming

Giant Food Store's parent, Ahold Delhaise USA, announced two weeks ago that it is rolling out a new robot, called Marty, in its locations throughout the eastern US. Giant's move marks a major shift in the use of robots. Industrial robots and cobots have been in use for a generation now, but these machines operate inside manufacturing facilities, warehouses, and offices. Marty works out in the open, mixing in with the regular shoppers on a daily basis.

For the moment, Marty's functions are modest: he uses image capturing technology to report spills, debris, and other potential hazards to store employees. As the system develops, he will also assist in inventory management, spotting items that need replenishing, for example. Note that for the most part robots have been brought into contexts where the people, their colleagues, are trained on how to work with a robot.

Marty represents a whole new challenge - a big, moving, talking robot working with the general public, people intent of getting their bag of frozen peas and getting home. The risk implications are boggling. Small children may think he's a giant toy. Some elderly persons focusing on their shopping lists may be seriously frightened when they turn a corner and run into a tall, imposing robot cruising along, checking inventory and watching for spills. Any organization thinking about similar public uses of robots and the unique risks which follow will want to watch Giant's experience.

Ready or not, the future keeps happening.

Photo Credit: (Sue Gleiter/

Quick Take 2:
Just When You Thought It Was Safe

As we have reported here, workers' comp claims payers seem to be getting a rope around opioid abuse. Many different claim mechanisms are now in place to prevent opioid over-prescription and to detect and intervene with claimants who are already struggling with dependency. That's the good news. The folks at Safety & Health Magazine working with Quest Diagnostics have published a report that reminds us to keep the champagne corked for now.

Here's the lead for the Safety & Health article: "The rate of positive drug tests rose by double digits in five of 16 major U.S. workforce industry sectors from 2015 to 2017, according to a recent analysis by lab services provider Quest Diagnostics." The Quest report has plenty of bad news to spread around. The industry groups hit hardest are: transportation and warehousing (the hands down winner with a 21.4% increase in positive urine tests over the past three years), other non-government services (15.4%), finance and insurance (13%), retail trade (12.8%), and wholesale trade (11.8%). The types of drugs involved vary dramatically from one group to another. Marijuana was the big winner overall, with methamphetamines strong in construction; cocaine rose noticeably across most industry categories.

What does this mean? Drug addiction remains a major threat to worker and public safety in every industry, from truck drivers riding high to meth-addicted construction workers handling heavy equipment. Our satisfying but still marginal successes in curbing opioids only scratch the surface. Aggressive testing and careful observation remain essential for all of us, from hiring to claim management.

Perhaps we should all think more about why so many of our colleagues and fellow citizens can't handle another day on the job without serious self-medication. What's wrong with this picture?



Share This
* Required Fields