Tag Archives: Petra Risk Solutions
While businesses prefer to avoid cyber perpetrators entirely, these days nearly all organizations are at risk of a breach.
As the number of incidents (and claims) continues to rise, the prudent strategy is for firms to not only work diligently to prevent an intrusion, but also to have a plan in place to respond quickly and effectively if they suspect information has been compromised.
A data breach response plan proactively outlines the necessary actions a business must take, providing a framework that can be regularly matched against emerging risks and updated if the firm’s situation changes — for example, if additional staff are added in key data privacy or technology roles or if partnerships are formed that could change the way sensitive information is processed.
Developing a data breach response plan, one that is easy to follow and quick to implement, gives businesses time to prepare the necessary resources and mitigate the damage an exposure can inflict. Leaving key tasks to the last minute, such as scrambling to identify qualified outside legal counsel, is unwise and can significantly impact the timeliness and expense of a breach response. Likewise, pulling the plug on a single server without seeking guidance from an experienced technology expert may not shut down the unauthorized access that caused the exposure, thus leaving the business open to further harm. Worse, it may even erase key information a computer forensics company may need to assist the investigation. Getting the firm’s ducks in a row in advance of any breach is a far more effective cyber mitigation strategy.
One component of many small business breach response plans is accessing the financial and technical support available through a well-structured Cyber Liability insurance policy. Coverage options vary widely, so businesses (or the insurance broker) must carefully examine their needs before crafting a policy. For those firms with lean internal resources and thin financial margins, the right insurance can be a key asset when it comes to implementing a solid breach response plan. Below, three steps that will help organizations mitigate data breach disruptions before they occur.
1. Assemble the team
Who needs to be involved in responding to a breach? Before attempting to pull together more than a cursory list of post-exposure action items, it’s critical that the firm identify those individuals or groups that should be contacted in the event of a potential breach. The team will vary from one business to the next, but most organizations will want to include representatives from the executive group, legal (either internal or an outside consultant), privacy or information security, risk management, information technology, human resources and public relations.
Given the growing reliance on external partners — cloud providers, payroll processors and the like — firms should also consider where vendor touchpoints exist and how or when those third parties will contribute to the breach response process. They may need to be included on the contact list or they may even be responsible for raising the initial alarm if a breach occurs. It’s also important to ensure vendor contracts clearly spell out the company responsible when a breach occurs and who is liable for notifying those impacted. Other vendors are also commonly part of the response team, such as media relations consultants experienced in crisis management and notification firms with the resources necessary to quickly inform breach victims about the situation.
If the business has Cyber Liability coverage, the insurance company should also be part of the breach response plan. There are support services included in many policies that will be helpful in the event of an exposure, ranging from forensic investigation teams to data recovery specialists. To maximize the value of any applicable coverage, firms must be ready to access available features quickly and through the most efficient channels.
Petra Risk Solutions had a successful education session at CH&LA‘s SoCal Conference. Todd Seiders, CLSD, Director of Risk Management, presented “Today’s Safety & Security Challenges for Hotels”. Over 100 people attended! They walked away educated and with a better understanding on how to handle phone scams, human trafficking situations, renting hotel room to minors, ADA scams, and the recent Erin Andrews/ privacy ruling.
All California businesses with 10 or more employees – including lodging establishments – are covered by Proposition 65, and they therefore have to post special “warning” notices in specific locations. There is a new Proposition 65 “warning notice” required for Bisphenol A (BPA) that takes effect May 11, 2016, and it will affect a number of lodging establishments.
The new warning – which was issued by the Office of Health Hazard Assessment (OEHHA), applies to canned and bottled foods and beverages that are offered for retail sale (i.e., “foods and beverages packaged in hermetically sealed, durable metal or glass containers; including, but not limited to those containing fruits, vegetables, soups, pasta products, milk, soda, and alcoholic beverages”).
The obligation to provide BPA warnings falls primarily on manufacturers, producers, packagers, importers or distributors of canned and bottled foods and beverages. However, if a “retailer” or its authorized agent receives a specified written notice from a manufacturer, either “directly or through a trade association,” the retailer must then provide the BPA warning at every “point of sale.” (“Point-of-sale” means the area within a retail facility where customers pay for foods and beverages, such as the cash register or check-out line where the warning sign is likely to be seen and understood prior to the consumer purchasing the canned or bottled food or beverage. Point-of-sale also includes electronic check-out functions on Internet websites. OEHHA has advised CH&LA that “point-of-sale” includes vending machines.).
Hotels that sell or provide canned and bottled foods and beverages (e.g., a sundry shop or food sale area, or in connection with conventions or business meetings) will be required to post the warning.
(Note: manufacturers and others in the chain of distribution must “provide, or offer to provide, to the retail seller, at no cost, a sufficient number of the required point-of-sale warning signs ….” If you receive such a notice, ask your distributors to provide you with the warning signs.)
The specific BPA warning must:
Contain the word “WARNING” in all capital letters and bold print, and the words: “Many food and beverage cans have linings containing bisphenol A (BPA), a chemical known to the State of California to cause harm to the female reproductive system. Jar lids and bottle caps may also contain BPA. You can be exposed to BPA when you consume foods or beverages packaged in these containers. For more information go to: www.P65Warnings.ca.gov/BPA.”
The warning sign should be no smaller than 5 x 5 inches. The BPA warning must be “displayed with such conspicuousness, as compared with other words, statements, designs, or devices at the point-of-sale, as to render it likely to be read and understood by an ordinary individual prior to purchase of the affected products.”
Important Note: Prop. 65 already has a different, non-BPA, warning requirement for hotels, restaurants, and other businesses that sell foods and non-alcoholic beverages (WARNING: Chemicals known to the State of California to cause cancer, or birth defects or other reproductive harm may be present in foods or beverages sold or served here.) In the context of hotels, this general warning for foods and non-alcoholic beverages needs to be provided in all dining rooms and areas, and also in room service menus and in other appropriate places.
Members should bear in mind that CH&LA is not a law firm, and this alert is not intended as legal advice. Lodging operators with questions should consult with legal counsel. Members are also free to contact our Member Legal Advisor, Jim Abrams (firstname.lastname@example.org).
CH&LA has explanatory materials on the Prop. 65 signage requirements. CH&LA and CABBI members can access these materials in the “members” section of www.calodging.com. Non-members should contact Sandra Oberle (Sandra@calodging.com) for this information.
Legionella bacteria were identified in 1976 as the cause of Legionnaires’ disease (a deadly pneumonia) and Pontiac fever. More recently, rates of contamination and infection have been on the rise across the United States and around the world. Not only are there new, unexpected sources of contamination, but also drinking water sources and infrastructure (in addition to premise plumbing) have been implicated in the increased spread of Legionella. In order to avoid expensive, public evacuation and closure, hotel operators are beginning to monitor their facilities for Legionella contamination.
According to the Centers for Disease Control and Prevention (CDC), Legionella infection has a 5 to 30 percent mortality rate and is responsible for at least 8,000 to 18,000 U.S. hospitalizations each year. The sick and elderly are most vulnerable, but anyone is susceptible. Each week there are new reports of Legionella contamination in hotels, cruise ships, and hospitals that has resulted in closure for remediation. Several high-profile deadly outbreaks have occurred recently, including one around Flint, Mich., (nine deaths) associated with its lead contamination. Twelve deaths from Legionnaires’ contracted at a hotel in the South Bronx last summer prompted New York State to pass a regulation on the monitoring of cooling towers for Legionella. Because contamination is intensifying—The Lancet reported a 219 percent increase in reported cases of infection during 2000-2009—incidents like these, and subsequent regulations like New York’s, are expected to become more common.
Legionella prefers warm, wet environments, but because it can grow in a wide range of temperatures and conditions, it is ubiquitous in both natural and industrial environments. Infection occurs after inhalation, so any process that creates fine water droplets or aerosols (evaporative condensers, showers, spas, pools, decorative water features, or sprinklers) can spread Legionella. More unusual cases of infection have occurred as well. Recently, The New England Journal of Medicine reported strong evidence of person-to-person transmission. Grocery store produce misters in the United States and abroad have caused outbreaks when not cleaned regularly. Particularly surprising was the spread of Legionella through communities in Spain by street paving and cleaning trucks, resulting in 59 cases and 11 deaths. In these cases, identifying, removing, and cleaning the vehicles responsible ended the outbreaks.
In its Hotel Safety and Security Assessment Form, the American Hotel & Lodging Association (AH&LA) recommends that procedures be in place to monitor and mitigate Legionella. It is essential to detect the bacteria early with a rapid, on-site test, allowing prompt, targeted treatment. This will minimize the risk of more extensive contamination leading to closure and undesirable publicity, or worse, infection of employees or guests. However, the Legionella detection methods currently in use fail to meet all of the above criteria. Culturing, the method recommended by ASHRAE Standard 188-2015 for building water systems, is generally accurate and quantitative, but very slow (one to two weeks), and, for multiple reasons, plagued by false negatives. PCR is faster, though not rapid (8-24 hours), not quantitative, and is subject to both false positives and negatives. Both methods are elaborate and expensive, cannot be performed on-site, and require scientific training. Strip tests are simple, but not quantitative, and do not detect all of the deadly species of Legionella.
A new method being adopted by hotel chains and cruise lines, called immunomagnetic separation capture enzyme immunoassay (IMS-CEIA), meets the need for a fast, on-site Legionella test without the disadvantages of the other methods. With minimal training, it can be used by facility employees to monitor water systems and cooling towers, so that when necessary, prompt action can be taken while a subset of samples are sent for confirmation by culture testing.
The continued global expansion of Legionella contamination and outbreaks has heightened the need for preventive monitoring by the hospitality industry. Incorporation of a testing program that can be performed on-site by hotel staff will enable rapid, targeted mitigation.
For more: http://bit.ly/1M0iYSv
High levels of customer satisfaction in the hospitality and leisure industries are critical to the success of any property. It is even more challenging to maintain customer satisfaction while reducing costs associated with employee injuries and the workers’ compensation claims. Employees are continually trained on the nuances of customer service skills and customer interactions in order to achieve the best levels of service. However, maintaining a high level of productivity is difficult when employees have been injured. Increasing injury rates result in higher workers’ compensation insurance, medical care, and claim costs.
Taking a look at the causes of work-related injuries, implementing standardized work practices, and making simple changes can yield a significant decrease in injury risk and an increase in productivity. A single property within a national hotel chain has been able to decrease its workers’ compensation costs by $500,000 in the first year while improving its customer satisfaction ratings.
Within the U.S. hospitality and leisure industry, food services and accommodations employees represent 12.9 million of the 15 million employees. In 2014, the recordable injury rate among these employees was 3.6 injuries per 100 full-time employees. These injury rates can be higher among employees in departments such as housekeeping and banquet operations. One study indicated that up to 95 percent of the housekeepers indicated they experienced severe to very severe physical pain.
Any effective ergonomics and process improvement program should include aspects such as management support, employee involvement, training, problem identification, early reporting of injury symptoms, evaluation of hazard controls, implementation of hazard controls, and evaluation of progress.
Effective administration and implementation of each aspect is important, but knowing which changes will bring the most improvement in productivity and injury reduction can make a big difference.
Let’s take a look at housekeeping: Their work ensures proper cleaning as well as maintaining the visual standards of the brand. Over the past decade, consumers’ expectations of luxury as it relates to hotel rooms have increased. Furnishings are more luxurious and often include thicker mattresses, plush duvets, decorative bed skirts, and the inclusion of a variety of pillows.
In an effort to reduce injury risk while maintaining or improving customer satisfaction within a housekeeping department, we reviewed common tasks and identified the tasks that were most likely to cause injury. A detailed study was conducted of these common housekeeping tasks, such as cleaning bathrooms, changing and making beds, and removing trash and soiled linen. The evaluations determined the extent of injury risk factors and opportunities to improve the quality of the services performed. After the analysis, recommendations were made related to the selection of appropriate tools, the modification of techniques for cleaning showers and bath tubs to decrease awkward postures and minimize forces, and the identification of methods to minimize awkward postures and forces while changing beds and handling trash and dirty linens. One key factor in the success of these changes was training the employees in the appropriate methods, injury risk factors, and the proper use of tools. The changes made within the housekeeping department decreased duvet-making time by 32 percent while maintaining a standard look; reduced the number of awkward shoulder postures by 72 percent; and reduced the number of awkward back postures by 45 percent. Guests indicated an improvement by a 5 percent increase in customer cleanliness ratings.
Another department that commonly experiences a high number of injuries is the banquet operations department. Within the banquets area, server and setup tasks were also evaluated. Following similar principles, tasks were identified that had previously caused injury or were difficult to perform. Evaluations were again conducted and recommendations were made. These recommendations involved working with vendors to identify the changes to carts that could make the most impact on decreasing push/pull forces while not decreasing the load on the carts. Additionally, standardized methods of room setup and table movement were established. These simple changes and employee training yielded a decrease in injury risk, improved employee morale, and increased efficiency.
Maintaining high levels of customer satisfaction while minimizing employee injuries and workers’ compensation costs in hospitality and leisure industry is critical to the success of any property. Evaluation of tasks by a qualified professional (such as a certified professional ergonomist) can ensure that risk factors are appropriately identified and that the recommendations will adequately reduce injury risk. Minimizing costs, reducing injuries, improving efficiency, and improving customer satisfaction ratings are benefits of a successful ergonomics and process improvement program.
For more: http://bit.ly/1SaVAye
Mobility may be one of the most important elements in maintaining personal autonomy. And now, thanks to the incredible technology behind robotic exoskeletons, the elderly, the injured, and many others can experience mobility like never before. In a new video, Panasonic unveils its latest achievements in the robotics field, applying advanced control and sensor technologies to create a motor-equipped robot that will assist with human body mechanics.
Panasonic has developed a pair of suits — one meant primarily for industrial purposes, and another to help the disabled. The power assist suits will help users perform manual labor and potentially dangerous tasks in a range of worksites, and Hiromichi Fujimoto, president of Activelink Co. (one of Panasonic’s in-house venture companies) noted, “We are proposing robotics to help at these worksites, because there will always be a certain level of work that must be done by people, and these power assist suits can help reduce the physical strain during such work.”
To help with lifting and carrying heavy loads, Panasonic has introduced the AWN-03, an assist suit designed specifically to provide lower back support. By sensing the wearer’s motion when lifting or holding heavy objects, the suit sends a signal to its motors to jump into action. By raising the user’s upper body while simultaneously pushing on their thighs, the suit promises to reduce stress on the lower back by 15 kg.
There are also two additional suits that could be used in industrial settings — the PLN-01 (the “Ninja”) is meant to help the user’s motion while walking and running, whereas the Power Loader is heralded as a powerful suit perfect for use during disaster relief, construction, and public works.
On the other end of the spectrum, Panasonic has unveiled suits meant for the elderly. “As Japan has becomes an aging society, Panasonic is aspiring to make its contribution by supporting the elderly and their families lead a comfortable life full of smiling faces and laughter” explained Hitoshi Sasaki, assistant director of Sincere Kourien, an elderly care facility run by Panasonic Age-Free. “There are many instances that can be straining to both caregivers and care recipients. Just moving from the bed to a wheelchair can be a very energy consuming for both parties.”
For more: http://bit.ly/1UGTjAW
You are an executive working intently in your office when your assistant calls and informs you that a disgruntled ex-employee has shown up at the facility with a weapon and is threatening violence.Â Will you know what to do, or better yet, what not to do?
Workplace violence can be defined as any act that creates intimidating, hostile, and offensive or a threatening work environment through unwelcome words, actions or physical contact.Â As we have seen on multiple occasions, workplace violence and active shooter occurrences have been on a steady incline in this country.Â Are you and your company prepared?
There are two types of workplace violence that need to be taken into consideration. First is the external variety â€“ criminal activity from a non-employee, client or customer.Â Second is the internal variety of a problem employee, employee personal relationship, hostile individual due to disciplinary actions or a facility closing.Â Be prepared by taking some very easy measures:
- Have a Â written policy that is known throughout your organization
- Take the position of â€˜no toleranceâ€™ for this activity
- Train employees and provide ongoing training
- Make sure your plan protects first, then concentrates on compliance
- Understand and effectively communicate the legal implications
The potential deadly situations are reasonably foreseeable and this should be the standard used for compliance and determination of liability. Understand what data you need to assist in the prevention of workplace violence.Â You not only have a legal responsibility but the obligation to your workforce.Â Negligent hiring, high-risk terminations, retention, security, and poor training open you and your organization to the possibility of a workplace violence incident.Â Human resources plays a key role in your workplace violence plan through effective pre-employment screening, establishing discrete communications channels, an Employee Assistance Program and coordination with your security personnel regarding response plans.
Do not allow yourself to make these five critical mistakes:
- Denial and avoidance
- Not having a threat response plan
- Acting too hastily
- Lack of total workforce participation
- Insufficient assessment process
Coordinate a case assessment team and make sure they understand their purpose, make-up, objectives, and documentation measures.Â The need to recognize the behavioral warning signs that signal potential trouble and that evaluation of behavior is not â€˜profilingâ€™.
Protective measures include:
- A facility security audit
- Obtaining local crime statistics
- Recording a history of incidents
- Personnel training
- General security awareness training
- An established liaison with local law enforcement.
Remember, ignorance does not relieve an organization of responsibility.Â In summation, an organization has a Duty of Care responsibility to their employees and must plan, train, recognize, manage and respond to this growing problem within the business community.
For more:Â http://bit.ly/1XAJN02