In This Issue


4th Annual Risk & Insurance Symposium

Parking Enforcement: Chalking Tires

Springfield Gas Simulated Gas Main Strike

The Power of One

Promoting Workplace Professionalism to Decrease Liability Risks

Understanding Patches and Software Updates


Tennessee Trivia

Q. What year was Tennessee’s first “Workmen’s Compensation Act” passed by the General Assembly?

Click here for the answer

Message from the President

Dawn Crawford


Dear member,

Last month we announced a new cyber-extension coverage for eligible members. As cyber risks have evolved over the years, we wanted to be able to provide additional coverage and assistance for these exposures.

As you review the coverage questionnaire and eligibility requirements, please do not feel overwhelmed. We realize this process can seem intimidating, but want to assure you that securing this coverage is an achievable goal. We know this because when we first inquired about obtaining cyber coverage from our commercial carrier, we received a seven-page, fine-print questionnaire that, quite frankly, intimidated us. We forwarded the application to our director of information technology and explained that we needed to strive toward completing the items listed in the application. We then set out to do just that.

We identified the highest-priority items on the list and started tackling them. Within a couple of years, we were able to complete the application and obtain coverage. Although we did not meet all of the conditions on the questionnaire, we had put systems and processes in place for our most vulnerable areas and were eligible. Since then, we have continued to improve our security, staff education and processes.

We know from experience that this process can seem daunting. However, as more and more entities have increased exposures related to the digital world, we feel it is a key coverage for members to consider.

In addition to the cyber coverage, we want to help provide options for you to start and/or continue down the path of systems, security and education improvement. In the months ahead, we will be providing lists of vendors that may be of assistance in the various areas for protecting your data and systems.

Please let us know if we can help you as you move toward obtaining cyber coverage.

All the best,

Dawn Crawford signature
Dawn R. Crawford
President/CEO

 

4th Annual Risk & Insurance Symposium

Registration is now underway for the 4th annual Risk & Insurance Symposium, scheduled for August 21 - 23 at the Franklin Marriott. Last year’s event brought almost 200 local government officials together to network, gain valuable continuing education credits and refresh their outlook on safety and risk management.

This year’s event will provide participants with quality risk management educational opportunities in multiple areas of interest. In addition to general risk management courses, we are offering specific law enforcement and cyber security tracks for local government employees who have an interest in those particular topics.

Also, for the first time, this year’s conference will provide multiple types of continuing education credits (CEC). In addition to sessions that earn Certified Municipal Financial Officer (CMFO) credits, we will offer sessions eligible for utility commissioner CECs, as well as Peace Officer Standards and Training (POST) credits. While the agenda is still being finalized and some continuing education credits are still pending, approved sessions already include up to 15.5 CMFO credit hours, with 12.5 CMFO credit hours in the financial category! POST credits are expected to be finalized soon.

Agenda topics include:

  • Drug and Alcohol Testing
  • The Open Records Act and How it Applies to Social Media
  • How I Hacked You (in 10 minutes or less)
  • Protecting Your Entity from ADA Lawsuits
  • Internal Investigations
  • Cyber Security
  • Active Shooter Preparedness

Participants may register for the entire three-day event or for the days that best match their areas of interest. Please visit http://pepartners.oakridgeamc.events/ to register, learn more about the agenda and reserve your hotel room.

Public Entity Partners has reserved a room block with a negotiated conference room rate of $153 per night. Once the block is full, Marriott will charge per-night room rates based on market rates. Please reserve your room early!

During the symposium, participants are invited to attend the Excellence in Risk Management Awards Lunch, where we will honor Public Entity Partners members who exemplify excellence, innovation and commitment to the risk and insurance field. More information about the Excellence in Risk Management Awards, including the nomination form, is available here.

Thursday evening participants are invited to attend dinner and a showing of “All the Queen’s Horses,” a documentary about Rita Crundwell, the perpetrator of the largest case of municipal fraud in American history. This award-winning movie investigates how the former comptroller for the City of Dixon, Illinois, was able to embezzle $53.7 million of public funds across a span of 22 years, and outlines the failures of the city's internal controls and separation of duties. Participants will be able to earn 2 CMFO credit hours in the financial category and utility commissioner continuing education hours.

For additional information about this event, please contact Halie Gallik at 800.624.9698 or hgallik@PEpartners.org.

Return to the top

Parking Enforcement: Chalking Tires

When it comes to parking enforcement, many cities and towns use the practice of marking a car’s tires with chalk to measure how long the vehicle has been parked in a particular location. A recent lawsuit out of the 6th Circuit may change that, as the court has now ruled that the practice can be considered a violation of the Fourth Amendment, which protects against unreasonable search and seizure.

To chalk tires as a part of parking enforcement, the city must first meet an exception to the warrant requirements laid out by the Supreme Court. In this case, the 6th Circuit concluded that the City of Saginaw (Michigan) failed to show the applicability of a warrant exception to the facts.

Here is a brief summary of the court’s findings in Taylor v. City of Saginaw:

 

Saginaw monitors parking by chalking the tires and ticketing cars that remain in the parking spot beyond the permissible time. In concluding that chalking tires is a search, the court relied on the Supreme Court of the United States’ property-based approach to analyzing Fourth Amendment search questions. See United States v. Jones, 565 U.S. 400 (2012). In Jones, the Court held that placing a tracking device on a car violated the Fourth Amendment. Because placing a GPS tracking device on a car to obtain information is a trespass upon a constitutionally protected area to obtain information, the Court found that placing the device on the car was a search under the Fourth Amendment. The Sixth Circuit applied Jones and held that chalking tires is a search because it is a trespass upon a constitutionally protected area, i.e., the car, to obtain information, i.e., how long the car is parked in the space. The city failed to establish an exception to the warrant requirement.

 

To read the case in its entirety, click here. If your entity monitors parking by chalking tires, Public Entity Partners recommends that you immediately discontinue this practice until you have fully discussed this case with your city attorney.

Generally speaking, to establish an exception to the warrant requirement, police must obtain consent from the owner of the vehicle, or devise a way of keeping track of how long a vehicle is parked in a particular location without physically touching a vehicle. Taking a time-stamped photo of vehicles may be a reasonable option.

Return to the top

Springfield Gas Simulated Gas Main Strike

Is your entity ready to respond in the event of a gas main rupture? Springfield Gas System recently hosted a Simulated Main Strike and Safety Awareness Day that drew participants from around the state. Springfield Gas System and Tennessee 811 invited public officials and emergency, utility and excavation personnel, along with the general public, to experience this real-life training scenario in a controlled environment.

During the simulated gas main strike, participants were able to witness what occurs during an actual gas main rupture. Jason Fryer, damage prevention liaison with Tennessee One Call, guided participants through the event, which demonstrated what can happen when utility lines are not properly located prior to a dig. During the simulated event, contractors arrived at a worksite and notified 811 of plans to excavate, utility line locators marked various utility lines, the contractors and locators discussed questions about the markings with the utilities, and excavators demonstrated digging using both correct and incorrect methods. According to Fryer, this was the third event of this type ever hosted in Tennessee, with previous events held in Nashville in 2017 and Johnson City in 2016.

“A gas line strike is something most gas companies have experienced,” said Sam Andavazo, safety and training manager with Springfield Gas System. “Finding unique training opportunities, such as a simulated line strike, gave us an opportunity to experience emergency planning, something we all feel is crucial to our profession.”

Every day, utility districts experience the risks of damage to utility lines from employees or third parties digging in a right-of-way. It is critical to follow proper procedures for excavating around utility lines. In addition to the costs associated with the replacement of utility lines, not following proper protocol can result in injury to a local government employee or citizen.

“We hope everyone can learn from these types of events,” said City Manager Gina Holt, who attended the event with Ann Schneider, mayor of Springfield. “I know I certainly did. We want our employees to remain safe and help educate others.”


Pictured from left are Langly Adams, Drew Appleton and
Ashton Hopper of Pulaski Natural Gas.

Sam Andavazo, Springfield Gas System safe and training manager, pictured in front of the arena where
the simulated gas main strike was held.

Spectators at the simulated gas main strike.

 

Return to the top

The Power of One

How much impact can just one person make on the safety culture of a local government? Michelle Kelley, senior accounting clerk and chairman of the safety committee for the City of Kingston, attended last year’s Risk & Insurance Symposium. She came back energized to reinstate the city’s safety committee and renew Kingston’s focus on risk management.

 

“Before attending the symposium, I had been to lots of training, but never a risk management and safety training. I was impressed by the quality of the speakers. I attended the symposium as the backup workers’ compensation contact for our city. I have since become the primary claims and loss control contact after our previous contact retired.

After returning from the symposium, I felt very strongly that Kingston needed a renewed focus on risk management. I wrote a letter to David Bolling, our city manager, that outlined what I had learned and stating that I felt Kingston should be more safety focused. The presentation last August by Kayla Rath really spoke to me. I hadn’t considered the impact a work-related injury could have on our employees’ families. I wanted to work to protect the well-being of our employees and their families.

David encouraged me to work with the safety committee and I now serve as chairman of that committee. Our entire organization has been hard at work, and last month our city council passed a return-to-work/light-duty policy. We are also working on applying to the Tennessee Drug Free Workplace Program.”

 

This year, the City of Kingston is hoping to send all eight representatives of the safety committee to the Risk & Insurance Symposium. The city is actively seeking out safety-related training. They recently held a 10-hour OSHA class at city hall to help employees identify hazards with their jobs and work to meet basic safety standards.

Kingston recently took advantage of the annual Safety Fest held in Oak Ridge, provided through the combined efforts of federal, state and local agencies, including the U.S. Department of Energy, along with numerous businesses and non-profit organizations. Several Kingston employees attended the event earlier this month, and the city plans to send even more next year.

“It’s a free resource, but we just learned about it,” Kelley said. “Any training helps us as we work to create a culture of safety within our organization.”

The Kingston safety committee is also reviewing on-the-job accidents experienced by city employees, with a goal of reducing the number each year through the city’s renewed focus on safety.

Registration for the 4th Annual Risk & Insurance Symposium is now open. To register, view the agenda or learn more about the event, please visit http://pepartners.oakridgeamc.events/.

 


“We want to take any measures we can to reduce injuries. I think our employees and the members of the safety committee understand that our goal is to keep them safe. You must have a heart for people and their families. I never want to inform a family that something has happened to their loved one. This is the first time I’ve been involved in safety. I’ve always been a bookkeeper, but the symposium really opened my eyes to the dangers our employees can face. I want to make sure all our employees understand those dangers and work as safely as possible.”

Michelle Kelley
Senior Accounting Clerk
Safety Committee Chairman
City of Kingston

 

 

Return to the top

Promoting Workplace Professionalism to Decrease Liability Risks

In its 2018 Performance and Accountability Report, the Equal Employment Opportunity Commission (EEOC) shared that it “secured approximately $505 million and other relief for over 67,860 victims of discrimination in the workplace. The EEOC's legal staff resolved 141 merit lawsuits, filed 199 more in FY 2018, and filed 29 amicus curiae briefs on significant legal issues in employment discrimination cases.”

One of the many responsibilities of the EEOC is to prevent and remedy unlawful employment discrimination. These illegal behaviors not only have negative effects on mistreated employees, but also on a local government agency’s ethical environment and productivity, and can be very costly to investigate and litigate.

Employee training on harassment, ethical behaviors and diversity in the workplace are excellent tools for Public Entity Partners members for reducing employment discrimination cases. Setting clear expectations for what is and is not tolerated will lay a foundation of professionalism and respect.

The Local Government Risk Academy online training platform allows you to assign training to each individual employee. Your entity’s designated learning administrator can assign courses, track completed courses and download reports.

The top courses utilized by our members include:

  • Diversity in the Workplace
  • Sexual Harassment in the Workplace
  • Sexual Harassment for Managers
  • Ethical Behavior for Local Government

If you do not have an account already established for your city, agency or department, click here to register. Requests for training access will be granted once your account has been verified, usually within 24 to 48 hours. Public Entity Partners’ online training program is provided by LocalGovU. A customer success representative from LocalGovU will assist you in adding additional personnel to your account. The training platform allows you to upload employees and assign courses to them. To view the list of available courses, click here.

 

Return to the top

Understanding Patches and Software Updates

By: The National Cybersecurity & Communications Integration Center (NCCIC)
Original release date: July 14, 2009 | Last revised: September 28, 2018
https://www.us-cert.gov/ncas/tips/ST04-006

When vendors become aware of vulnerabilities in their products, they often issue patches to fix those vulnerabilities. Make sure to apply relevant patches to your computer as soon as possible so that your system is protected.

What are patches?

Patches are software and operating system (OS) updates that address security vulnerabilities within a program or product. Software vendors may choose to release updates to fix performance bugs, as well as to provide enhanced security features.

How do you find out what software updates you need to install?

When software updates become available, vendors usually put them on their websites for users to download. Install updates as soon as possible to protect your computer, phone, or other digital device against attackers who would take advantage of system vulnerabilities. Attackers may target vulnerabilities for months or even years after updates are available.

Some software will automatically check for updates, and many vendors offer users the option to receive updates automatically. If automatic options are available, NCCIC recommends that you take advantage of them. If they are not available, periodically check your vendor’s websites for updates.

Make sure that you only download software updates from trusted vendor websites. Do not trust a link in an email message — attackers have used email messages to direct users to websites hosting malicious files disguised as legitimate updates. Users should also be suspicious of email messages that claim to have a software update file attached — these attachments may contain malware (see Using Caution with Email Attachments for more information).

If possible, only apply automatic updates from trusted network locations (e.g., home, work). Avoid updating software (automatically or manually) while connected to untrusted networks (e.g., airport, hotel, coffee shop). If updates must be installed over an untrusted network, use a Virtual Private Network connection to a trusted network and apply updates.

What is the difference between manual and automatic updates?

Users can install updates manually or elect for their software programs to update automatically.

Manual updates require the user or administrator to visit the vendor’s website to download and install software files.

Automatic updates require user or administrator consent when installing or configuring the software. Once you consent to automatic updates, software updates are “pushed” (or installed) to your system automatically.

What is end-of-life software?

Sometimes vendors will discontinue support for a software program or issue software updates for it (also known as end-of-life [EOL] software). Continued use of EOL software poses consequential risk to your system that can allow an attacker to exploit security vulnerabilities present that could result in malware attacks. The use of unsupported software can also cause software compatibility issues as well as decreased system performance and productivity.

NCCIC recommends that users and administrators retire all EOL products.

Best Practices for Software Updates

  • Enable automatic software updates whenever possible. This will ensure that software updates are installed as quickly as possible.
  • Do not use unsupported EOL software.
  • Always visit vendor sites directly rather than clicking on advertisements or email links.
  • Avoid software updates while using untrusted networks.

New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep your software up-to-date. This is the most effective measure you can take to protect your computer, phone, and other digital devices.


The National Cybersecurity and Communications Integration Center’s (NCCIC) mission is to reduce the risk of systemic cybersecurity and communications challenges in their role as the nation’s flagship cyber defense, incident response and operational integration center. Since 2009, NCCIC has served as a national hub for cyber and communications information, technical expertise and operational integration, and by operating their 24/7 situational awareness, analysis and incident response center. Visit their website to access tools, techniques, research and guidelines. You can also sign up to receive security alerts, tips and other updates.

Return to the top

Tennessee Trivia

Q: What year was Tennessee’s first “Workmen’s Compensation Act” passed by the General Assembly?

A. 1919