Archive | Risk Management RSS feed for this section

Artificial Intelligence is Disrupting the Insurance Industry

August 1, 2018


What exactly is artificial intelligence?

According to IBM, who has been doing research on the topic since the 1950s, artificial intelligence (AI) is simply “anything that makes machines act more intelligently”.­ This can be broken down further into two groups: applied or general. Applied AI is capable of doing only those tasks it has been designed for, such as driving/operating a car, or trading stocks. This is the most common type of AI, and has had a wide range of success in many applications. On the other hand, general AI is far more advanced and theoretical. Instead of seeing specialization in one task, “a machine [would be] able to perform any task a human can”. It would, in essence, be able to learn anything and apply it to any situation, to think and reason just like a human. This type of artificial intelligence, though generating much attention in the recent years, is still far from a reality.

Hand-in-hand with the concept of AI is the area of machine learning (ML). This is “a branch of artificial intelligence based on the idea that systems can learn from data, identify patterns and make decisions with minimal human intervention”. This technology is widely used today, mainly by industries who amass a large amount of data (e.g. financial services, government, health care, etc.). It is what gives a machine its ability to learn from the past, and make predictions/decisions for the future. The more it encounters, the smarter it becomes.

The financial services industry has been using artificial intelligence and machine learning for years. Referred to as FinTech, firms take advantage of AI’s power by providing sophisticated virtual customer service assistants, analyzing legal documents, and even making strategic trades on the stock market. Large firms such as JP Morgan Chase have adopted artificial intelligence to help analyze important documents, which in turn has reduced their time spent from 360,000 hours annually down to a matter of seconds.  With AI’s ability to streamline back-end operations and improve efficiency all around, one might wonder why other industries have been so late to the game. Insurance firms, for example, are only just beginning to experiment with the use of AI. Considering its resemblance to the financial industry, it seems odd that insurance is still lagging so far behind. There may be, however, two reasons why FinTech got a head start. For one, insurance is a very passive product. Whereas roughly 70 percent of insurance firms only hear from their customers once a year, financial institutions communicate with their clients almost 200 times annually. This frequent customer interaction, coupled with the heavy regulation following the economic crisis of 2008, created a need for change. It also created the perfect opportunity for disruption from startups and innovators. “From non-bank lending, because banks could no longer provide enough capital, to consumer friendly apps and efficient payment solutions” the introduction of FinTech was unsurprising. Given that the field has steadily grown over the years, and amassed $16.6B in investments for firms last year, AI’s possibilities should not be ignored. The question is: can other industries catch up?

For the insurance industry, AI and machine learning have thus far been used in pricing, handling claims and detecting fraud, though firms are only now learning of its endless possibilities. Lemonade, a new property insurance company out of New York, is pioneering the way for other carriers to automate their processes and implement artificial intelligence. They enlist the help of chatbots, which are computer programs able to analyze language and mimic conversations to interact with humans. The bots are able to speak to multiple customers at once and are available anytime of the day. This is a major advantage for businesses that rely on fast, effective customer service.

Lemonade’s chatbot, Maya, “sells inexpensive homeowners’ and renters’ insurance, and their claims bot, AI Jim…recently settled a claim in three seconds”. Maya is able to communicate directly with customers and help them navigate through the confusion of applying for coverage. Their website claims she will craft the perfect insurance for you, without the need for customer service representatives and underwriters. The appeal of having a computer execute such tasks is that it reduces the time spent, the hassles and the costs. It makes the processes far more seamless, instantaneous and trustworthy. Even though Lemonade is targeting a niche group (millennials), other insurance companies should not turn a blind eye; they could learn a lot from the company’s operations and values. “Lemonade is fast and transparent rather than slow and opaque”. Many people will be drawn to this refreshing view in a notoriously mundane industry.


With the ever-increasing use of social media and “smart” gadgets, AI machines now have access to a wealth of data. This is especially useful when analyzing a client’s risk and setting an appropriate premium. Underwriting, a somewhat lengthy and intricate process, has been presented with the opportunity for automation. A bot is able to “scan a customer’s social profile to gather information and find trends and patterns”. This ability to analyze social media posts and determine a person’s risk within seconds puts AI’s capabilities far beyond humans’, and at a far lower cost. When considering the vast amount of data generated from the Internet of Things (IoT), the accuracy and knowledge of these bots will be unparalleled. AI also provides the “mechanics to capture ‘tribal knowledge’, thereby providing a uniform assessment metric across the entire underwriting process”. Tribal knowledge is defined as information that is known only to the insiders of a particular group or organization, and is not common knowledge to outsiders. In the world of underwriting, this tribal knowledge could consist of emails, internal reports, presentations and evaluations, all of which can help better assess a group’s risk.

One would think gathering personal data from people would be met with overwhelming opposition, but surprisingly “62 percent of younger groups said they’d be happy for insurers to use third-party data…to lower prices”. While it is exciting that companies may no longer base their premiums on generalized assumptions, and look to individualized data instead, a concern for privacy is presented. Allowing limitless access to your personal data is both risky and invasive. What happens to our freedom of speech if we can no longer share photos from a night out, or post our thoughts online without the threat of increased insurance premiums? Additionally, think of the impact a data breach would have if you allow all of your personal information to be in the hands of one company. To make matters worse, there is no guarantee these companies would not sell your information to third parties, thereby increasing the risk of a data breach exponentially. Consumers need to weigh the pros and cons before allowing insurance companies access to such personal information. Since when does affordability outweigh privacy?

Claim Handling

Claims processing can be “a monotonous task susceptible to errors stemming from uniquely human factors”. Not only does AI reduce the amount of time spent on claims, it also reduces the probability of error. Imagine having a machine analyze a photo of damage and estimate repair costs within seconds. The entire burden of handling the claim would fall off of the insurer and customer. AI will eliminate the need for having multiple people work on the same claim, thus decreasing administrative costs and the frequency of errors. Kristof Terryn, COO of Zurich, has instituted a project to automate their claims processes. He declared that it “will trim $5 million from expenses…for the 39,000 hours of claims handler time now being done by computer”. Though this is an impressive reduction in costs, most of the value stems from increasing the accuracy of claims and virtually eliminating errors during the process. Other companies that have implemented automation “of their claims process have seen a significant reduction in processing times and [an increase in] quality”. The use of chatbots also reduces the need for interaction with customers during the process. Any questions customers may have could be directed to those bots, therefore allowing workers to focus on more important tasks. Thanks to artificial intelligence, insurance companies’ resources can be better allocated; they will no longer require the manpower needed in decades past.

Fraud Detection

With the implementation of AI and machine learning comes the ability to analyze data better and faster than any human ever could. These machines are able to identify patterns within a claim, look to historical data and “help to recognize fraudulent claims in the process”. This should be of utmost importance to not only insurance carriers, but to the insureds as well. According to the FBI, it is estimated that insurance fraud costs the United States $40 billion annually. This cost is passed along to the insureds in the form of increased premiums, roughly “$400 to $700 per year”. A startup firm in France called Shift Technology is using AI in their fraud prevention services. They have “already processed over 77 million claims… [and] have reached a 75 percent accuracy rate for detecting fraudulent insurance claims”.1Even IBM offers AI services to fight financial crimes.  It is evident that this application of AI will grow exponentially in the future and drastically help cut the cost of fraud.

All things considered, artificial intelligence is set to flip the insurance industry upside down. Automating monotonous processes, reducing fraud and increasing accuracy are major advantages of using the technology. Insurance, which as an industry is notorious for its antiquated processes and values, is being disrupted by this emergence of artificial intelligence and machine learning. Disruption happens when an existing market, industry, or technology is displaced and replaced with something new and more efficient/worthwhile. Accenture claims that “75 percent of insurance executives believe AI will provide significant industry changes in the next three years”. Despite the fact some insurers have started to embrace the change, many others are unaware of the impact it is having already. While there are many kinks left to be ironed out, the reality is that companies have two options- catch up or be left behind.


About the Author

Ashley Evans: Analytics intern at J.W. Terrill, and senior at Saint Louis University pursuing a bachelor’s degree in Finance; Dean’s List recipient for two consecutive semesters. Interested in continuing her education with a Master’s in Applied Financial Economics.


  1. “Artificial Intelligence.” IBM. July 25, 2016. Accessed July 18, 2018.
  2. Marr, Bernard. “What Is The Difference Between Artificial Intelligence And Machine Learning?” Forbes. September 15, 2017. Accessed July 18, 2018.
  3. “What Is AI?” IT PRO. June 11, 1970. Accessed July 18, 2018.
  4. “Machine Learning: What It Is and Why It Matters.” SAS. Accessed July 18, 2018.
  5. Alton, Liz. “How Financial Services Use AI To Serve Customer Needs.” Forbes, Forbes Magazine, 8 Sept. 2017,
  6. Kurani, Ravi. “InsurTech Is the New FinTech – or Is It? – Earlybird’s View – Medium.”Medium, Augmenting Humanity, 23 Aug. 2016,
  7. “The Global Fintech Report Q4 2017.” Corporate Innovation Trends, 2018, Ads&utm_medium=FintechReport&msclkid=4a5f3b8d528b149feb2660d5b3c03485.
  8. Team, Writer Profile Of “How Artificial Intelligence Is Changing the Insurance Business.” Medium. February 14, 2017. Accessed July 18, 2018.
  9. Sun, Alex. “How Chatbots Can Settle an Insurance Claim in 3 Seconds.” VentureBeat,VentureBeat, 28 May 2017,  settle-an-insurance-claim-in-3-seconds/.
  10. “Lemonade Renters & Home Insurance | Protect The Stuff You Love.” Lemonade. Accessed July 18, 2018.
  11. Fromm, Jeff. “How Startup Lemonade Is Redefining Insurance For Millennials.” Forbes. July 12, 2017. Accessed July 18, 2018.
  12. Moodie, Alison. “How Artificial Intelligence Could Help Make the Insurance Industry Trustworthy.” The Guardian. January 28, 2017. Accessed July 18, 2018.
  13. Morgan, Blake. “How Artificial Intelligence Will Impact The Insurance Industry.” Forbes. July 25, 2017. Accessed July 18, 2018.          intelligence-will-impact-the-insurance-industry/#1daeb20a6531.
  14. Kumar, Krishna. “AI’s Huge Potential for Underwriting.” Insurance Thought Leadership. December 17, 2015. Accessed July 18, 2018.
  15. “What Is Tribal Knowledge? Definition and Meaning.”   Accessed July 18, 2018.
  16. “Young Consumers Willing to Let Insurers Spy on Digital Data – If It Cuts Premiums.”     Insurance Journal. June 21, 2018. Accessed July 18, 2018.
  17. “Insurance Fraud Prevention Gets Help From Artificial Intelligence.” Samsung Business Insights. January 19, 2018. Accessed July 18, 2018.
  18. “AI and Insurance: Are Claims Jobs in Danger?” Carrier Management. March 14, 2017. Accessed July 18, 2018.
  19. “Insurance Fraud.” FBI. March 17, 2010. Accessed July 18, 2018.
  20. “RegTech and Cognitive Risk & Compliance | IBM.” IBM Cognitive Advantage Reports.             Accessed July 18, 2018.   markets/risk-compliance.
  21. Howard, Caroline. “Disruption Vs. Innovation: What’s The Difference?” Forbes. June 20, 2016. Accessed July 18, 2018.
Continue reading...

OSHA Reporting Deadline – Update

December 19, 2017


You may recall our recent blog post on OSHA’s new online reporting requirements. Last Friday, December 15th, had been the cut-off date for submitting your information. On Monday December 18th OSHA issued a press release indicating they would continue to accept electronic reporting of the mandatory information until midnight on December 31, 2017. OSHA will not take action against employers who submit their logs between now and the 31st. However, effective January 1, 2018 you will no longer be able to submit your 2016 data.

Working with various clients over the past few days, a few questions consistently came up among several:

What is an establishment?
For recordkeeping purposes OSHA defines an establishment as “a single physical location where business is conducted or where services or industrial operations are performed” for one year or longer. For online recording, this establishment is also required to exceed 20 employees at some point in the reporting year. You will need to report your required information for EACH INDIVIUAL ESTABLISHMENT.

If the establishment is fewer than 20 employees AT ALL TIMES during the year, do I need to submit my information online?
No. However, you continue to keep a log for any facility that is in operations for longer than 1 year.

What if I am part of a state OSHA program?
To further complicate matters, OSHA approved state plans have not yet adopted the requirements. It is our understanding the state plans will adopt the requirements within 6 months of publication of the final rule.

Where do I create an account and submit my data?
On the Injury Tracking Application Page.

As always, if you have any questions regarding this information please reach out to the J.W. Terrill Loss Control department at

Continue reading...

Medical Requirements of the OSHA Silica Rule

December 6, 2017


The new OSHA rule governing respirable crystalline silica calls for medical surveillance screenings to allow for identification of silica exposure-related health effects in your workers. But who exactly must be surveilled, when and how often do you conduct the surveillance?

For purposes of this article, our focus is the construction industry.  This new rule requires that medical surveillance be made available to employees who use respirators for 30 or more days per year in situations where those respirators are required by OSHA for protection against silica hazards.

Of course, our first question is – how do you count a day?  OSHA offered some clarification of this in their enforcement guidelines issued earlier this fall.  These guidelines stated that even on days that employees wear a respirator for only a portion of the day; are counted as full days towards the medical surveillance requirements.   It should be noted that progression toward the 30 day rule resets with every new employer.  The only exception is when you hire, release, and re-hire the same employee for several short-term assignments during a year, with a day count totaling 30 days or more.

Now, you have an employee who you know needs to be included in the medical surveillance and you ask yourself – what does that entail?

First, you must select a medical provider who is capable of providing an exam which will include the following components –

  • A review of the patient’s history – work and medical
  • A physical examination with an emphasis on the respiratory system
  • A chest x-ray interpreted and classified according to the International Labour Office (ILO) International Classification of Radiographs of Pneumoconiosis by a NIOSH-certified B Reader
  • A pulmonary function test administered by a spirometry technician with a current certificate from a NIOSH-approved course
  • Testing for latent tuberculosis
  • Any additional tests deemed appropriate by the provider

It is your responsibility as the employer to provide the physician with –

  • A copy of the exposure standards in the OSHA respirable crystalline silica rule
  • A description of the employee’s former, current, and anticipated duties as they relate to the employee’s occupational exposure to respirable crystalline silica
  • The employee’s former, current, and anticipated levels of occupational exposure to respirable crystalline silica
  • A description of personal protective equipment used or to be used by the employee, including when it will be work and for how long the employee
  • Information from records of employment-related medical examinations previously provided to the employee and currently within the control of the employer

Once the exam is completed, you will obtain a written medical opinion from the physician which contains:

  • The date of the exam
  • A statement that the exam has specifically checked for silica exposure according to the requirements of the standard
  • Any recommended limitations on the employee’s exposure to respirable crystalline silica

Remember, this baseline examination must be made available within 30 days of initial assignment, unless the employee can show they received an examination that meets the requirements of this section within the past three years.  In addition, you must also conduct this same exam at least every three years and more frequently if recommended by your healthcare provider.

If you have any questions regarding this information or any other safety and health topic please contact the Loss Control Department at J.W. Terrill –

Continue reading...

OSHA Reporting Deadline Approaching

November 29, 2017


The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has extended the deadline for submitting OSHA 300 form information, required under the Improved Tracking of Workplace Injuries and Illnesses rule.

The new enforcement date of December 15, 2017 is quickly approaching. The Injury tracking Application (ITA) is accessible from the ITA launch page. This application is where you can provide OSHA the required elements of your 2016 OSHA forms.

As a reminder, establishments with 250 or more employees who are required to keep record of injuries and illnesses and establishments with 20-249 employees in high hazard industries must participate in this new rule. If you have 250 or more employees you must submit your OSHA 300 log, 300A summary and associated 301 forms for 2016. If you have 20-249 employees in a referenced high hazard industry you must only submit your 300A summary for 2016. Moving forward, employers will be required to submit their information each year by July 1st.

You can access detail directions and frequently asked questions regarding this new rule on the ITA launch page or feel free to contact the Loss Control Department at

Continue reading...

Cyber Risk: Get In Front of It

October 9, 2017


Today’s news headlines are never short on high-profile cyber breaches that illustrate how devastating a breach can be to a company’s revenue, reputation and even its bottom line. Given the severity of the exposure, data security and privacy are now boardroom governance concerns.

To help you manage the risk, Marsh & McLennan Agency will hold an AudioCast on October 19 and October 20, 2017. We will discuss how to evaluate your organization’s preparedness for a cyber-attack and cover best practices on breach prevention and response.


FBI Special Agent, Judy Eide | Private Sector Coordinator

Marc Schein | Marsh & McLennan Agency, Cyber Champion




Eastern | 10-11 AM Eastern | 1-2 PM Eastern | 11 AM- 12 PM
Cental | 9-10 AM Central | 12-1 PM Central | 10-11 AM
Mountain | 8-9 AM Mountain | 11 AM-12 PM Mountain | 9-10 AM
Pacific | 7-8 AM Pacific | 10-11 AM Pacific | 8-9 AM

You are invited to participate in this interactive discussion on the date and time that is most convenient for you.

Presenter Bios:

FBI Special Agent, Judy Eide, Private Sector Coordinator

Special Agent Judy Eide is currently assigned as the New Haven Divisions as Private Sector Coordinator. After graduating from the FBI Academy in July, 1990, SA Eide was assigned and still remains in the New Haven Division. She has worked primarily on White Collar Crime/Public Corruption, Cyber, and JTTF squads. SA Eide was the divisions Training and National Academy Coordinator. She has served as the Senior Evidence Response Team Leader 1996-2012. SA Eide has been the Connecticut InfraGard Coordinator since 2012.

InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure.

Marc Schein, CIC, CLCS – Marsh & McLennan Agency Cyber Champion

Marc has positioned himself well as a thought leader in the cyber space. He is a part of several professional organizations, including the Ponemon Institute, a research center focused on privacy, data protection and information security policy, where he serves on the RIM (Responsible Information Management) Council Board. Marc is frequently asked to share his expertise at numerous cyber conferences, seminars, counting education platforms for attorneys and accountants, webinars, industry gatherings and roundtables.

Continue reading...

Construction Safety Update: Crystalline Silica Standard

September 25, 2017


Recently a memo was released from Thomas Galassi, Acting Deputy Assistant Secretary, regarding the enforcement of the new Silica Regulatory Standard which became enforceable on September 23, 2017 in the construction industry.

You can find the memo here-

In summary, OSHA will take into consideration all good faith efforts taken by contractors to attempt to meet the new requirements.  OSHA will work with employers to ensure the use of all aspects of the Table 1 requirements in the field and provide guidance as needed to reach full compliance with the standard.  OSHA will only pursue citations if it appears that the employer is not taking efforts to implement controls.

For any questions or concerns regarding compliance with this silica standard please contact J.W. Terrill’s Loss Control Department at:

Continue reading...

Dynamic Insurance, Cyber Security, and the Internet of Things

August 4, 2017


The internet of things is advancing rapidly, and frankly so is insurance. We can assure you that the heated debates in congress and confusing jargon won’t be going away anytime soon. In fact, it will probably get a lot more complicated, but insurance companies have their analytics department to lean on in these times of chaos. The world around us is more connected now than ever before and this gives us more accurate data to look forward to. Let’s start with drones. The rising use of drones will present both opportunities and risks for many industries. We have seen this technology become a natural part of many markets. For example, filming a scene that requires aerial view becomes a lot less expensive with a drone, and inspecting the exterior of buildings becomes a lot less dangerous when the life of an employee is not at risk. According to the U.S. Bureau of Labor, 38.8% of total deaths in construction occur from falls in just one calendar year. Falls are the number one cause of death in the construction industry and the third largest cause of death across all industries (Drones Create Safety). A $1,000 piece of equipment becomes priceless when it can transfer the risk of a life. But who is responsible for the misuse of a drone, and is there liability coverage for your commercial drone? This article will address how innovative technologies can improve current industries or potentially disrupt them and what role insurance companies will play in the near future.

Do we really want more healthcare data?

Wellness technology is advancing rapidly with untapped data. Not long ago, insurance companies started compiling data on teenage drivers. Soon enough they found a strong correlation between a student’s grades, and their likelihood to get in an accident. Of course, grades do not depict how well you can drive, but a strong correlation can help save the insurer a lot of money. Soon came the “good student” discount. If you can provide proof that your teenage driver will get grades above the threshold that the carrier believes has a statistical impact on the amount of accidents the insured will experience, you can save some money. Because of the historical data, companies can now better underwrite their clients and the insured is awarded with a discount and another reason to nag their kids about grades. The good student discount isn’t the only way insurance companies use correlation data. They also use it to responsibly insure smokers. The insurer can better predict their client’s health issues based on employee lifestyles (Tech-Enabled). Insurance companies have been adapting to data since the inception of insurance. Even recent policy such as the Affordable Care Act, is still making major changes to the health insurance market.

Correlation is everywhere. The law of large numbers explains that the more information on the consumer side, the more accurate the underwriting becomes. Obviously, client wellness and the data behind it is very important to insurance companies. Fitbit started out in 2007 as a small group of people with an idea of a fashionable activity-tracking bracelet. Now, Fitbit is publicly traded on the New York Stock Exchange, selling over 22.3 million devices in the past year with reported revenue of $574 million (Fitbit Reports). Not only did Fitbit just go international with Vector Watch UK Limited, but they also acquired FitStar Labs, a private company that develops software applications for games, social networking platforms, and mobile devices. Fitbit has quickly gone from an interesting concept, to a full-blown technology powerhouse collecting very sensitive data.

With all the recent advances in wellness data and wearable technology, getting the data to companies that want it is probably just a few lawsuits and a small acquisition away. Who stores and can obtain this information is being questioned more every day. According to the HuffingtonPost, prosecutors obtained data from Chris Bucchere’s activity bracelet to prove that he was speeding before his accident. Bucchere was convicted with a felony for vehicular manslaughter (Weinstein, Mark). While many argue a breach of policy, others are taking advantage of the information while they can. For example, John Hancock Life Insurance Company is offering their clients a 15% discount if they permit their Apple Watch to monitor their activities (IoT Insurance). Data like this has the potential to disrupt consumer information in many industries, especially current healthcare data. It is important to keep in mind that access to personal data is a topic that is already highly controversial and debated in the litigation community. Innovations like smart watches and activity bracelets can increase the accuracy of current data and lower consumer cost, but these advances in wellness technology need to be monitored for their disruptive nature and potential for abuse.

My car can now drive itself, should I switch insurance providers?

Ford, Chevy, Volkswagen, Buick, and Honda are all reputable household names making major moves towards autonomous vehicles. Even Teslas are quickly becoming more affordable as recent innovations in self-driving technology are leading to rapid industry expansion. The Insurance Institute for highway Safety is anticipating about 3.5 million self-driving vehicles by 2025, and 4.5 million by 2030 (Self-Driving). Recent improvements such as the rear-view monitor, blind spot sensors, and self-parking technology are being integrated into the factory design of many popular cars. These improvements in design and safety have led to a lower fatality rate. “The likelihood of a driver dying in a crash of a late model vehicle fell by more than a third over three years, and nine car models had zero fatalities per million registered vehicles,” (Insurance Institute for highway Safety). There is no question that our ability to prevent crashes will greatly reduce the number of fatal accidents. What is unclear, however, is how liability laws might evolve to insure autonomous vehicle technology. Insurers will have to determine how to underwrite policies where accident medical bills are lower than ever, while replacing vehicle cost may be higher than usual. It may also become common to see a higher percentage of product liability claims as the insured blame the suppliers for mistakes made on the car’s behalf and fight for subrogation. Need for liability coverage will become more important. As suggested by the 2014 RAND study on autonomous vehicles, “…product liability might incorporate the concept of a cost-benefit analysis to mitigate the cost to manufacturers of claims.” This could relieve pressure on the healthcare and disability cost related to automobile claims.

As of right now, there are basically two types of liability systems. There is the no-fault concept in some states, while in others liability is based on the tort system. The arrival of self-driving cars will have an impact on policy, but for now there isn’t much of a direction. Will the systems align to be more uniform, or will the states pass on the torch to the federal government asking them to play a larger role? The more that car manufacturers are blamed, the more likely we are to see the federal government getting involved. RAND Corporation did a study of the benefits of self-driving vehicles in 2016 and concluded that personal liability will decrease while manufacturer liability is likely to increase (Self-Driving). Car manufacturers are starting to look more like computer manufacturers. Patrick Lin, a writer for Forbes, believes that with this shift in technology, “…hard ethical decisions in programming and new product liability cases will surely challenge law and disrupt the insurance industry…” (No Self-Driving).

Smart cars, what’s next smart homes?

Companies like Vivint and The SOHO Shop are bringing the future closer by integrating smart home technology. The SOHO Shop, founded in St. Charles Missouri, was created with the idea of a trusted and reliable home/commercial automation. Their products range from automated shades and central VAC, to industrial building automation, IT, security and video surveillance. These companies are bringing their software and skills to individual homes along with bigger living areas like retirement communities. Introducing products such as intelligent window and door monitors can make people living alone feel safer. They also offer products that can monitor oven temperatures, water use, bed, chair, and bathroom usage for those living by themselves that may need assisted care. This technology is helping keep patients with medical need comfortable and safe, but what does this mean for insuring the modern home?

The insurer, American Family, has a model home where they are testing out the automated features such as water and temperature sensors. These sensors prevent leaks and notify homeowners before a pipe burst or an appliance malfunctions causing damage. Data from these sensors may eventually be used to profile some customers as being more/less likely to let small disasters occur. American Family and USAA are both exploring this technology. State Farm and Liberty Mutual both offer discounts on your home policy if you decide to begin transforming your home into a smart home (Home Automation Giant). The federal government has already started designing a functional way to access utility data. The Green Button Initiative is a nonprofit project that allows businesses and homeowners to access their energy use data in an industry standardized format (The Green Button). This initiative was a response to a 2012 White House call-to-action to provide utility customers with easy and secure access to their information (Giving Consumers Access).

Senior Managing Director, at Accenture, Jogn Cusano claims that turning customers’ homes into data hotspots will increase the risk of data breaches. Cusano believes that underwriting will change to reflect the new risk of cyber-attacks (Why Insurance Companies). Only time will tell if insurers will save enough by preventing leaks to make up costs from ransomware.

We have drones and reinsurance, what can possibly go wrong?

Being ahead of the game means taking the proper precautions to keep changing technology from disrupting your business. While we now have the ability to lock office doors without relying on the janitor, and send flying robots to do our dangerous jobs, we are also becoming more vulnerable to cyber-attacks than ever before. According to The State of SMB Cybersecurity Report, “…a staggering 50 percent of small and midsized organizations reported suffering at least one cyberattack in the last 12 months…” (State of Cybersecurity). A cyber-attack on a large company can ruin their reputation, but a cyber-attack on a small business or a household can cause detrimental financial damage. The worst part is that many people don’t know what to do about it: “52% of organizations that suffered successful cyber-attacks in 2016 aren’t making any changes to their security in 2017” (Barkly Blog). Companies need to find innovative ways to address this. Limited access and cut ties are a great place to start. No one person in the company should have access to everything. There should also be fewer passwords and more identity verification requirements. If someone knows your email, what city you live in, and your birthday, it is not difficult to gain access to one of your online accounts (banking, social media, email, etc.…), which will only make it easier to gain access to the rest of your accounts.

On May 17th 2017, the House of Representatives passed the Modernizing Government Technology Act (115th Congress). This legislation will allow the federal government to improve and replace existing information technology systems to strengthen cyber security. Not only does this affect individuals but it is also a national problem. A study performed by the Ponemon Institute in June of 2016 shows that the average cost per stolen record is $158 (2016 Cost of Data). Multiple government agencies have been breached, releasing vital information about government employees and programs. In a recent preventative measure, the Department of Homeland Security decided to increase its Federal Cybersecurity programs by expanding EINSTEIN and Continuous Diagnostics and Mitigation programs. In Missouri, these laws are interpreted to require that any company notify every individual that is affected by a cyber breach and must offer one year of credit monitoring for the individuals.

What is your company doing? In today’s world, multi-factor authentication is a must. It simply adds another layer of security by texting a code to your mobile device after you sign in with a password. Many companies have created software like the Google Authenticator app that gives you a randomly generated code. This generated code regenerates every ten seconds, adding another level of security. Every company should also have a policy in place to deal with cyber-attacks when they occur, along with a way for employees to report any problems anonymously. According to a study done by Pricewaterhouse Coopers, “the most widely used advanced-authentication technologies are hardware and software tokens, followed by biometrics such as fingerprint and iris scanners” (Global State of). Smartphone tokens are becoming more popular due to security compromises of business phones and work tablets. If a password-less authentication is the route you wish to go, your organization may want to rethink your approach to identity management. Most important is an intuitive process for the end user. PwC recommends the IAM, Identity and Access Management, a web service by Amazon Web Services that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization). Although products like Google Cloud IAM and AWS IAM are not a replacement to Active Directory or OpenLDAP, they are becoming a necessary add-on.

Cyber Insurance is a special product that addresses the emerging coverage gaps in traditional insurance policies that result from our increased use of technology and reliance on the risk that comes with storing sensitive data. Cyber perils range from network outage, data theft, and even cyber extortion demands. Although you may not think it is necessary yet, a paper released from the R Street Technology Policy Fellow Anne Hobson, argues that it’s in the governments best interest to hold vendors and contractors that do business with the federal government, financially responsible for any cybersecurity issues on their part that costs U.S. taxpayers (Aligning Cybersecurity Incentives).

Old industries tend to lag in financial technology. “67% of risk professionals are not aware of their organization having processes and procedures in place to trigger a risk assessment of a modern technology before it is actually used. And more than half of the correspondents said their company had not undertaken risk assessments around disruptive technologies (technology innovation).

Blockchain technology is almost here.

On July 24th of 2017, innovative leaders from across the states got together at Washington University in St. Louis to talk tech. The topic was trade and everyone was talking about how blockchain technology can revolutionize supply trade management. Brigid McDermott from IBM was on stage explaining how inefficient and unprotected most supply chains are. She explained how every company, every port, and every person along a supply chain has a unique way of recording and securing a transaction which leaves too much room for corruption. “Less than 0.5% of all data is ever analyzed and over $130 billion is spent on bid data and business analytics globally.” Supply chains being inefficient and expensive, seemed to be the theme. “Blockchain creates the trust necessary to address the end-to-end process,” she exclaimed. Being able to sort through a common ledger would save supply chains millions. Next in line was Soumak Chatterjee from Deloitte, who explained that a blockchain based system not only beats any other centralized ledger with its ability to authorize, and audit transactions, but excels in many fundamental security aspects. Next up was Kate Lybarger from Monsanto. Then was Farron Blanc from RGA to talk on blockchain in the Insurance world. But it wasn’t until Nick Williamson from brought out a demo of his software that could be used as a decentralized ledger for shipping warehouses. He showed the audience how this blockchain based software could read, compile, and organize data from thousands of shipping containers with extreme accuracy. The goal is to stop fraud, counterfeit prescriptions to be exact, and Nick is going to do it with the support of smart contracts on the blockchain.

In the past month, Promoting Good Cyber Hygiene Act of 2017, a piece of cybersecurity legislation, was introduced into congress. This legislation would mandate the National Institute of Standards and Technology (NIST), the Federal Trade Commissions (FTC), and the Department of Homeland Security (DHS) to outline the steps necessary to establish baseline practices for good cyber security. A couple year back the National Cybersecurity Protection Act of 2014 became law to direct the goals of the DHS and stakeholders. This law pushed the private sector to provide incident response and cybersecurity information with public entities to enhance overall security. Reluctance from companies to share their security analysis lead to the Promoting Good Cyber Act. This highlights, regardless of location or industry, nine critical updates:

Critical Updates:

  • Old or unpatched networks
  • Quarterly cyber security training
  • Multifactor authentication
  • Regular backups
  • Extra security with older systems
  • Cloud or blockchain migrations
  • Detection and prevention system analysis
  • Manage service providers
  • Cyber insurance

These updates are mandatory with expanding connectivity. People often overestimate how much popular companies really know. For example, Wired released a video of two hackers remotely disabling a Jeep and killing the engine while it was on the highway. Not many understand that the computers in our cars are connected to the internet. Even recently Toyota has turned to MIT’s blockchain experts to explore possible systems for safer autonomous vehicles (Toyota Tech).

Advances in technology are great for our society in many ways. We can expect to see fewer accidents, greater connectivity, and more wireless freedom. We have already seen great reduction in fatal accidents including falls and car crashes. While the Internet of things is expanding our abilities, it also carries a wake of disrupting characteristics and unpredictable events. Last year the Department of Homeland Security met to discuss interest in forming a cybersecurity data repository to better understand and visualize emerging cyber incidents. (National Protection) A secure repository would help collect and aggregate cyber incident information, acting as a reliable source for the cyber risk community. Disruptive technologies have a big influence on the way industries form and collapse and properly analyzing the data is important, but lagging regulation often prevents swift movements in the right direction. Although cyber risk is still a foreign territory for many, it is important to stay progressive through these changing times. Creating a more robust and efficient cyber insurance market has the potential to strengthen current industries by greatly reduce the number of cyber-attacks and steering clear of the many societal threats our nation has already faced.

About the Author

Brandon Bradshaw: Analytics Intern attending Missouri State University pursuing a Computer Information Systems degree. Plans to continue his education in the Management and Information technology Department Cybersecurity Graduate Program.

Works Cited

Castro, Daniel, and Henry Sherwin. “Giving Consumers Access to Water Data Promotes Smarter Use.” Brink – The Edge of Risk. N.p., 24 Sept. 2015. Web. 17 July 2017.
Comstock, Jonah. “PwC: 1 in 5 Americans Owns a Wearable, 1 in 10 Wears Them Daily.” MobiHealthNews. PwC Study, Mobihealthnews Article, 21 Oct. 2014. Web. 26 July 2017.
Coopers, Pricewaterhouse. “Global State of Information Security Survey 2017.” Toward New Possibilities in Threat Management, 2017, pp. 8–10.,
“2016 Cost of Data Breach Study: Global Analysis.” 2016 Cost of Data Breach Study: Global Study. Ponemon Institute & IBM, 17 June 2016. Web. 21 July 2017.
CyberAvengers*, The. “Cyber Hygiene and Government–Industry Cooperation for Better Cybersecurity.” Brink – The Edge of Risk. N.p., 11 July 2017. Web. 17 July 2017.
Danzon, Patricia M., and Mark V. Pauly. “Insurance and New Technology: From Hospital to Drugstore.” Health Affairs Org. N.p., 2001. Web. 17 July 2017.
“FACT SHEET: Cybersecurity National Action Plan.” National Archives and Records Administration. National Archives and Records Administration, n.d. Web. 17 July 2017.
Famakinwa, Joyce. “Drones Create Safety Opportunities, Raise Privacy Concerns.” N.p., 31 May 2017. Web.
“Fitbit Reports $574M Q416 and $2.17B FY16 Revenue, Sells 6.5M Devices in Q416 and 22.3M Devices in FY16.” Fitbit, Inc. N.p., n.d. Web. 18 July 2017.
Gale, Melissa. “Technology Innovation Is Disrupting Risk Management.” Brink – The Edge of Risk. Brink The Edge of Risk, 26 June 2017. Web. 17 July 2017.
Gammons, Brianna. “6 Must-Know Cybersecurity Statistics for 2017 | Barkly Blog.” Barkly Endpoint Security Blog. N.p., n.d. Web. 17 July 2017.
Gautham. “It Is Time for the English Insurance Sector to Adopt Blockchain Tech?” SafeShare Insurance. N.p., 18 May 2016. Web. 17 July 2017.
Gertrude Chavez-Dreyfuss. “Toyota, Tech Firms Explore Blockchain for Driverless Cars.” Reuters, Thomson Reuters, 22 May 2017,
“The Green Button – the Standardized Way to Get Your Energy Usage Data.” The Green Button – the Standardized Way to Get Your Energy Usage Data. N.p., n.d. Web. 17 July 2017.
Higginbotham, Stacey. “Why Insurance Companies Want to Subsidize Your Smart Home.” MIT Technology Review. MIT Technology Review, 12 Oct. 2016. Web. 17 July 2017.
Hurd, Will. “H.R.2227 – 115th Congress (2017-2018): MGT Act.” N.p., 18 May 2017. Web. 17 July 2017.
Institute, Ponemon. “Introduction.” 2016 State of Cyber Security in Small & Medium-Sized Businesses, doi:Sponsored by Keeper Security.
Laycox, Sandy. “Tech-enabled transparency is a major step in regaining control of healthcare costs.” Medical Exam pg 45, Leader’s Edge Magazine June 2017.
Lin, Patrick. “No, Self-Driving Cars Won’t Kill the Insurance Industry.” Forbes, Forbes Magazine, 25 Apr. 2016,
Meola, Andrew. “IoT Insurance: Trends in Home, Life & Auto Insurance Industries.” Business Insider, Business Insider, 20 Dec. 2016,
Miller, Ron. “IBM Unveils Blockchain as a Service Based on Open Source Hyperledger Fabric technology.” TechCrunch. TechCrunch, 19 Mar. 2017. Web. 17 July 2017.
“Missouri Data Breach Laws: Notification Requirements.” TechInsurance. BIN Insurance Holdings, LLC, n.d. Web. 26 July 2017.
“National Protection and Programs Directorate; National Protection and Programs Directorate Seeks Comments on Cyber Incident Data Repository White Papers.” Federal Register. N.p., 28 Mar. 2016. Web. 17 July 2017.
Rader, Russ. “Death Rates Fall as Vehicles Improve.” IIHS, Status Report, Vol. 50, No. 1, 29 Jan. 2015,
Ralph, Oliver. “AIG Sets up Blockchain Policy for Standard Chartered.” Financial Times. N.p., 15 June 2017. Web. 17 July 2017.
Rorke, Catrina, et al. “Aligning Cybersecurity Incentives in an Interconnected World | R Street.” R Street Institute | R Street, R Street, 16 Feb. 2017,
“Self-Driving Cars and Insurance.” Insurance Information Institute. N.p., July 2016. Web. 17 July 2017.
Shabat, Matthew. “National Protection and Programs Directorate; National Protection and Programs Directorate Seeks Comments on Cyber Incident Data Repository White Papers.” Federal Register, Department of Homeland Security, 28 Mar. 2016,
Vivint. “Home Automation Giant Vivint Partners with Liberty Mutual Insurance to Offer Its Customers Savings on Auto and Home Insurance.” PR Newswire: News Distribution, Targeting and Monitoring, PRNewswire, 3 Aug. 2017,
Weinstein, Mark. “What Your Fitbit Doesn’t Want You to Know.” The Huffington Post,, 21 Dec. 2015,


Continue reading...

NSC State-by-State Report

July 14, 2017


The National Safety Council (NSC) is conducting a year-long project that rates each state within the U.S. on how well they prevent work-related injuries. This project called “The State of Safety: A State-by-State Report,” shows the strengths and weaknesses of 3 aspects of each state: road safety, home and community safety, and workplace safety. NSC tracked the specific programs, policies, and practices that can impact safety within each state, and scaled them from 1-5 on the level of effectiveness that these programs have. These were then converted to a percentage, and a grade was given to each state based on these percentages – similar to how schools and universities grade their students.


​B ​C ​D ​F
​No state received an overall “A” grade. Maryland Illinois Washington, D.C. Maine Oregon Connecticut California Washington Hawaii Louisiana Kentucky New Jersey Minnesota North Carolina Massachusetts Delaware New Mexico Rhode Island Indiana Colorado Tennessee West Virginia New York Michigan Vermont ​Texas Pennsylvania Wisconsin Virginia Utah North Dakota Alabama Nevada Georgia New Hampshire Nebraska Alaska Ohio Iowa Florida

Kansas Oklahoma Arkansas Arizona South Carolina South Dakota Montana Wyoming Mississippi Idaho Missouri

 From this grading project, the NSC has concluded that 0 states earned an “A” for safety, 8 states earned a “B”, 18 states were given a “C” rating, 15 states were given a “D” rating, and 11 states earned an “F”. Missouri was included in the states that were given an “F” for preventing accidents and injuries. From this grading report, it is obvious that a change is needed for the safety culture of many states, including Missouri. Click on a state above to view its grading report.

According to the NSC, fatalities from poisonings, motor vehicle crashes, falls, drowning, choking, and fires have increased 7% since 2014. More than 140,000 lives are lost in the U.S. each year due to these threatening incidents. To show how much each state can reduce the amount of fatalities in these categories, the NSC created the State-by-State report. The NSC believes that this grading report will give states an incentive to begin implementing programs and policies that protects citizens from injuries. The goal is to have every state achieve an “A” grading, which will then lower fatalities and improve the wellness of families throughout the entire nation.


Information contributed by John McGoon, the 2017 Loss Control Intern for J.W. Terrill. John is currently studying at The University of Central Missouri and is spending his 2nd summer at J.W. Terrill learning about the safety services that are provided by the Loss Control Department.

Continue reading...

OSHA Proposes to Delay Compliance Date for Electronically Submitting Injury Data

July 12, 2017



The U.S. Department of Labor’s Occupational Safety and Health Administration proposed a delay in the electronic reporting compliance date of the rule, Improve Tracking of Workplace Injuries and Illnesses, from July 1, 2017, to Dec. 1, 2017. The proposed delay will allow OSHA an opportunity to further review and consider the rule.

The agency published the final rule on May 12, 2016, and has determined that a further delay of the compliance date is appropriate for the purpose of additional review into questions of law and policy.  The delay will also allow OSHA to provide employers the same four-month window for submitting data that the original rule would have provided.

Under the Occupational Safety and Health Act of 1970, employers are responsible for providing safe and healthful workplaces for their employees. OSHA’s role is to ensure these conditions for America’s working men and women by setting and enforcing standards, and providing training, education and assistance. For more information, visit

This bulletin is strictly advisory. It should not be intended as, nor should it be construed as legal advice.

Continue reading...

Construction Safety Update: Crystalline Silica Standard

May 2, 2017


OSHA has announced that they will delay enforcing the crystalline silica standard on the construction industry. This delay is due to the need of additional training for employers to understand the complexities of the new standard. The original date of enforcement was set to be June 23, 2017, but has now been changed to September 23, 2017.

Since employers have the responsibility of providing safe and healthy workplaces for their employees, construction employers should continue to take steps to be in compliance with the new allowable exposure limit. This can be done through training as wells as employee supervision.

For any questions or concerns please contact J.W. Terrill’s Loss Control Department at:

Continue reading...

Employee Handbook Misconceptions

January 27, 2017


Does an Employee Handbook Really Matter? Yes it really does.

This is just one example of the many misconceptions employers may have about their company handbook. For so many reasons, handbooks do matter.

It’s no surprise that handbooks and employment laws create a level of confusion. As we say in the HR world, we are living in a state of grey until a determination is made in the courts. We want to stay several steps ahead of that and avoid the courts altogether.

In light of that, we thought it would be helpful to point out some of the common misconceptions we have come across when it comes to employee handbooks. The following is a list of our top three.

Misconception #1 – We Can Get By For Now

As long as we have something pulled together that resembles a handbook, we’ll be fine for now.

– When we have time, we’ll take a look and make sure the book corresponds to what we actually do in practice.

– We used this handbook at my last employer and it worked fine.

– I’ve heard having a handbook just opens the door to more lawsuits.

Issues to Consider

  • How difficult would it be to discipline an employee for something if your handbook contradicts your practice?
  • Would you be prepared if you had to turn over the company handbook in a lawsuit?
  • Could it appear discriminatory if supervisors are applying policies differently throughout the company?


  • If faced with a lawsuit, a thorough and compliant employee handbook will help show the company exercised “reasonable care” towards its employees. This goes a long way as a defensive posture.
  • Supervisors should be trained on the policies within the handbook and how to apply them. A handbook is only as strong as your weakest supervisor.

Misconception #2 –Were A Small Organization, This Doesn’t Really Affect Us

– We have 40 regular employees and use 10 employees from a temporary agency, so we don’t technically have 50 employees.

– We don’t really need to worry until we reach 50 or more employees.

– We only have 15 employees, I don’t think many laws and regulations apply to us.

Issues to consider

  • Do you have a joint employer relationship? For example, if you are using temporary employees from a staffing firm, the answer might be yes, depending on which regulation you are looking at and arrangements with the staffing firm.
  • The joint employer relationship can affect employee headcount under protections afforded by the Fair Labor Standards Act (FLSA), the Family Medical Leave Act (FMLA) and the Affordable Care Act (ACA) to name a few
  • Many state and federal laws come into play, even for employers with just a small number of employees. For example, Title VII is a federal law that prohibits gender discrimination by employers with 15 or more employees. However, the Missouri Human Rights Act (MHRA) and the Illinois Human Rights Act (IHRA) also prohibit gender discrimination. The MHRA applies to employers with 6 or more employees and the IHRA forbids gender discrimination by all employers, even if they only have one employee.
  • These regulations will affect what employers will want to espouse in their handbooks.


The chart below indicates a just a few of the federal employment laws that are enacted by a small number of employees:

Federal Employment Laws

Number of EEs


Fair Labor Standards Act



Equal Pay Act



Occupational Safety and Health Act



Health Insurance Portability Act



Fair Credit Reporting Act



Uniformed Services Employment & Re-employment Rights Act



Americans with Disabilities Act



Pregnancy Discrimination Act


Title VII Title VII of the Civil Rights Act


Many states will also have very specific laws that apply to small employers. These include things like jury duty leave, voting leave, pay requirements upon termination and many more.

Misconception #3 – We are an Employment At-Will Organization, We Don’t Need a Bunch of Policies

We are an at-will employer, we can hire and fire at will.

– As long as we state we are an at-will employer in our handbook we are covered.

– Just because a supervisor promises an employee a job, that doesn’t imply a real contract.  

Issues to Consider

  • If handbooks are not drafted properly, they can actually become enforceable contracts between employees and the company.
  • While it is true that an at-will organization can hire and fire at will, it should not fire in violation of workplace rights laws, such as those prohibiting discrimination and retaliation.
  • Supervisors should be trained on the dangers of an implied oral contract.


  • Organizations will want to include a carefully drafted at-will statement in their handbook as part of their legal protections against employment claims.
  • Avoid any language that could be interpreted to promise job security in the handbook’s disciplinary policy, performance and raise policies, layoff policy, probationary policies, and so on.


Employment laws are a tightly woven web of complex concepts that can not only overlap but can sometimes appear to be in conflict with each other. Truthfully, handbooks can be your best defense when it comes to employment related issues. Or your worst enemy if done incorrectly.

If you would like to rewrite your employee handbook and avoid these misconceptions and risks, please contact J.W. Terrill’s HR Consultants at We offer a comprehensive process that will help you with the strategic development and implementation of your final handbook. To learn more about our process, check out our overview here.

Continue reading...

California Rating Bureau Announces Changes in Reporting of Small Medical Only or First Aid Claims

January 25, 2017


The Insurance Commissioner recently approved amendments to the California Workers’ Compensation Uniform Statistical Reporting Plan—1995 (USRP) effective January 1, 2017, to clarify the reporting requirements for small medical only or “first aid” claims. The Insurance Commissioner’s Decision (CDI File No. REG-2016-00018), dated October 14, 2016, approved amendments that specifically reference first aid as defined in California Labor Code Section 5401(a), to clarify that insurers must report the cost of all claims for which any medical care is provided and medical costs are incurred, including those involving first aid treatment, even if the insurer did not make the payment.

ALL injuries for which medical care is provided and medical costs are incurred MUST be reported to your insurance carrier – including reporting any and all amounts paid directly by the employer for medical expenses – so that your insurance carrier can (a) reimburse the employer for any covered medical expenses that the employer has paid directly and (b) fulfill their statutory reporting obligations.

Continue reading...