In This Issue
Safety and Liability
Electronic Liability Policies
Racial Profiling Policy
Ransomware is Booming
Q. The Bonnaroo music festival welcomes tens of thousands of fans each year and takes place on more than 500 acres of farmland, making it one of the largest festivals in the world. Which Tennessee city is home base for Bonnaroo?
Click Here for the Answer
Message from the President
With Christmas only a month away, it is hard to believe the holidays are once again upon us. This fall has been very busy with numerous association conferences across the state, and Public Entity Partners’s staff members have enjoyed networking and learning at the various meetings.
At the recent Tennessee Public Risk Management Association (TnPRIMA) conference, Judy Housley, loss control consultant from Public Entity Partners, and Honna Rogers from the University of Tennessee’s Municipal Technical Advisory Service (MTAS), presented a session on ADA Compliance. We received a number of requests for their PowerPoint slides to be placed on our website, and you can now find these under the Loss Control Guidelines and Resources section of the member-secured portal. If you do not have a log-in username and password, you may sign up by clicking here. You may either complete and submit the form, or contact your member services representative for assistance.
Featured in this month’s PartnersNews is an article published in the November/December 2016 issue of “Public Risk,” a national magazine published by PRIMA. This article was written by Michael G. Fann and George D. Dalton of Public Entity Partners’s Loss Control Department on the topic of community engagement. The article provides useful steps to building community relations and reducing exposure to costly claims.
With more of our business operations taking place in the digital realm, Public Entity Partners is continuing its transition toward electronic document delivery. Beginning January 2017, we will be distributing liability policies electronically, similar to the way we now distribute workers’ compensation policies. Please read the article in this month’s PartnersNews for more information.
Dawn R. Crawford
Engaging Your Community:
Addressing Safety & Liability Concerns While Improving Customer Relationships
by: Michael G. Fann, ARM-P, MBA
George D. Dalton, ARM-P, MCM
What do you do when the "perfect storm" of socio-economic stress, cultural differences, and political drama come together with catastrophic results? ... risk management, of course. And risk management would have had you prepare for the catastrophe long before it occurred with contingency thinking, enterprise-wise preparation and discussions, and an intentional engagement of your entity's diverse stakeholders such that your entire community feels "a part of" your public entity instead of "apart from" your entity. Community Engagement... do it... now.
The great and always entertaining Yogi Berra, favorite son of Missouri and New York Yankee Hall of Famer, is famously quoted as saying, “The future just ain’t what it used to be.” This is an appropriate mantra for the public sector and its relationships with its citizens and stakeholders going forward.
The relationship that law enforcement has with your community certainly grabs the headlines and the lead story on the six o’clock news, but adverse and negative encounters with members of the general public can happen within any department or discipline when you’re responsible for providing public services. Most people know why effective land use regulations are important to building a good quality of life in your community… until it’s YOUR piece of property that you can’t get re-zoned. Most people know why appropriate building and fire codes are important to home values and life safety in your community… until it’s YOUR new deck or garage that is having to be rebuilt because the construction doesn’t meet code. And most people know why having effective speed limits are important to life safety and quality of life in a community… until it is YOU being pulled over for speeding when you are late for a meeting with your boss. And this potential negative “lean” when providing public services can occur in every department or functional service area.
Governmental and other public entities impact, influence and even control many aspects of community life. Perceptions of how public services are being provided shape citizens’ opinions about its local government or service provider. Perceptions will get shaped… so the public entity had better be about doing its best to help shape them in a positive manner. In other words, a negative event is coming. It may be a zoning request turned down, a failed fire inspection, a traffic accident that is the fault of one of your entity’s maintenance workers, a severe injury at a city park, or a tragic use of deadly force by one of your law enforcement personnel. To think in terms of a balance sheet or ledger, the big “debit” is coming… so what are you doing daily to create “credits” on your side of the ledger?
Community Trust Account
The absence of adequate credits on the entity’s side of the ledger feeds a natural development in any organizational relationship of “us versus them” or “in versus out.” The natural development of a negative “lean” when public services are being provided is exacerbated during adversarial relationships and tragic encounters. Therefore, the public entity must be about developing emotional capital within its community, building credits on its community ledger, and maximizing its “community trust account.”
When the perception of the public entity is that it provides poor service on the front end, poor customer service on the back end, a lack of transparency regarding its operations, and/or that it simply will not listen to citizens/customers, the response from those depending upon those services tends to manifest as disengagement, indifference, apathy, frustration, and even anger. And the results of that anger have been making the headlines in recent years in the form of riots, vandalism, serious injuries, liability lawsuits, and destruction of property. Your “community” is better than that… for truly, “we are all in this together.” An assertive community engagement effort will help in addressing these tragic losses.
Managing the Interpersonal Transaction
The vast majority of your citizens/customers value and appreciate the services public entities provide. Given an equal set of circumstances, the reasonable members of your community will line up behind their public entity. Obviously, you’re not going to reach everyone and there are some within your community who will oppose you no matter what. But that is a small percentage of most every community.
We all know that it doesn’t take much to make a first impression. This can either be positive or negative. Most interpersonal interactions are neutral until one party or the other assigns either a positive or negative value to that interaction or transaction. Even if one of your organization’s employees continues to assign a positive value to an interaction with a member of your community, this does not preclude them from remaining diligent to the possibility that this interaction could turn negative (or even dangerous) based upon the actions/values of the other party.
To paraphrase noted police training expert, Lt. Col. (ret) Dave Grossman, the public is made up of wolves and sheep. Law enforcement’s calling (and to a degree, public servants in general) is to serve as sheepdogs… to stand between the sheep and the wolves who would do them harm. And we depend upon a public servant’s ability to know the difference. A public servant can’t treat the wolves as though they are sheep for their own safety… but they absolutely can’t treat the sheep as though they are wolves. As Grossman points out, the primary difference between the wolves and the sheepdogs is compassion for the sheep.
The bottom line is this: if we are asking our community to see things from the service provider perspective and not rely on assumptions, the organization should at least make an effort to understand the citizen/customer perspective and not rely on assumptions. Let us resolve to interact with our citizens/customers with respect as far as it is within our power to do so.
Internal Engagement Plan
Leadership must make community engagement an organizational priority. An engagement coordinator should be appointed, and then the organization should begin to build its engagement team. That engagement team should then begin to develop a comprehensive engagement plan that seeks to educate internally and inform externally to draw input from the diverse elements within your community or customer base. The plan must be intentional about identifying every stakeholder segment within your community and create multiple avenues for each segment to be engaged. The plan should also be intentional about trying to shape the perceptions of the services being provided and the people that are providing them.
The internal engagement plan must address how to keep customer/citizen efforts current and fresh. Further, the plan must include multiple methods of infusing the appropriate engagement culture into the organization.
External Engagement Plan
Out of the internal engagement plan comes a natural cultivation of the external engagement plan. The engagement team (and by extension, the entire organization) needs to study and know the community, citizens and customers. Assess and understand their needs. Again, the foundation of engagement is that citizens/customers feel “a part of” the community and the services being provided, not “apart from” the community. Seek greater opportunities to engage citizens, customers and community groups to build relationships and trust. Provide multichannel avenues that include a comprehensive array of communication vehicles, such as telephone, mail, email, social, mobile, web-based, etc. The external plan should contain methods of identifying and then developing relationships with civic groups, homeowners associations, clergy, and other community leaders. In short, community engagement must be deliberate, inclusive, intentional, ongoing, and NOT simply in response to a crisis. The crisis response approach will be perceived as disingenuous and condescending.
Remember, each employee must serve as a “Good Will Ambassador” for your organization. In employee evaluations, personnel should be evaluated on their ability and performance to that end. When citizens/customers think about your organization, they think of their experiences with the individual employees of your organization with whom they’ve been in contact: the maintenance person; the building inspector; the receivables clerk; the sanitation collector; the police officer. This is your daily opportunity to draw the reasonable members of your community to you, as opposed to building a wall between you… or worse, pushing them away.
A proactive community engagement effort will go a long way toward creating preemptive, constructive “action” that builds community… instead of creating an environment ripe for explosive “reaction” that tears a community apart when that tragic, adverse and/or negative event occurs. What every community needs when that tragic event occurs is an objective evaluation of the facts surrounding the event, and the degree to which your organization has engaged its community and built “credits” in its community trust account will go a long way toward a reasonable resolution of any conflict… and help mitigate the loss exposures to your people, the public, and your property.
Michael G. Fann, ARM-P, MBA, serves as Director of Loss Control for Public Entity Partners, a risk management pool specializing in providing workers compensation, liability and property coverage for municipalities and municipal agencies in Tennessee.
George D. Dalton, ARM-P, MCM, serves as Assistant Director of Loss Control for Public Entity Partners.
Return to the top
Ransomware is Booming and Companies are Paying Up
Publication Date 10/27/2016
Source: Dow Jones News Service
By Nicholas Elliott
For companies concerned about the soaring number of ransomware attacks — in which hackers take control of data or systems and demand payment to release them — the good news is such ransoms are typically small, often in the hundreds of dollars.
The bad news list is longer: These attacks are growing in number and sophistication, encouraged by a high payment rate, while regulators still will scrutinize victim companies for data-management and disclosure practices.
Insurance underwriter Beazley released a report in which it said ransomware attacks will be four times higher in 2016 than last year. An attention-grabbing case involved a Los Angeles hospital that paid $17,000 to hackers to be able to bring its computer network back up.
Most ransomware attacks seek smaller amounts, sending out large-scale "phishing" emails in which some recipients are duped into clicking on links that download malicious software that compromises data or systems. "It's a spray and pray mentality" among such hackers, said Austin Berglas, head of cyberdefense at risk consulting firm K2 Intelligence, speaking at the Advisen Cyber Risk Insights conference held Thursday in New York.
When such attacks are successful, Berglas said the victims usually pay up. Hackers show "good business judgment" in improving the chances of payment by keeping the demands modest, said Jason Rebholz, director of professional services at the Crypsis Group, a security firm.
Companies that are victims of these attacks aren't given a pass by the authorities. They still may have to report such incidents to regulators and may have to issue data breach notifications, even if no data are removed, said Lisa Sotto, a partner at law firm Hunton & Williams. "I wouldn't expect regulators to be terribly forgiving," she said.
In terms of protection, it's important for companies to segregate data and back it up, especially the most valuable data. "You should understand where your most important assets are," said Berglas.
With many ransoms being requested in bitcoin, according to the Beazley report, it may be a good idea to designate someone to learn how to acquire the virtual currency should a decision be made to pay, said Berglas.
"From what we are seeing, it appears that many hackers are finding it easier to make money by holding companies to ransom for bitcoin than through selling personal data on the dark web," Katherine Keefe, global head of Beazley's breach response business, said in a press release.
Return to the top