It seems not a week goes by these days without news breaking of another massive data breach affecting hundreds of millions of people. At the end of November 2018, Marriot, the global hotel chain, announced they had been hacked and the personal information of five hundred million preferred customers had been exposed to criminals. What’s worse, Marriott announced the original data breach occurred over four years ago, leaving people unknowingly at risk for identity theft during that time.
Commercial general liability policies provide insurance on a per occurrence basis. What constitutes an occurrence, though, is an area of significant debate. This is an issue that constantly arises in construction cases, especially construction defect. The commercial general liability standard language defines an occurrence as an “accident . . .”. Yet courts have divided on whether faulty workmanship in the course of construction constitutes an “accident” and therefore an “occurrence” triggering coverage under a commercial general liability policy.
In 1986, responding to a host of industries that struggled to find acceptable coverage in the traditional insurance marketplace, Congress passed the Liability Risk Retention Act. The Act authorized the creation of risk retention groups – liability insurance companies owned by its members. Entities in an industry suffering through a liability crisis can form a risk retention group to provide them with the coverage they need when the wider insurance market is unwilling to.
Within the context of cyber security, one most always discusses the subject in exponentials; Whether considering the number of breached records, the amount of damage, or the size of data leaks. What was groundbreaking three years ago in volume will seem quaint by the end of the year. A host of news stories regarding the 2013 and 2014 data breaches at Yahoo Inc. over the past few months have underlined this aspect of the conversation about cybersecurity. It serves as a stark reminder that companies need to keep an eye on their cyber risks and seriously consider purchasing cyber insurance if they have not done so already to survive this increasingly harsh ecosystem.
The #MeToo movement is proving how social media affects the workplace, in this case the culture. While some commentary is concerned with the validity of claims or support of victims, there is no question that it has significantly increased the pressure on employers to prevent sexual harassment in the workplace. Many employers have responded by increasing workplace training and updating their employment policies.
The clash between the stringent privacy requirements of HIPAA and the known vulnerability of most cyber systems creates a host of anxieties for most modern medical care providers. The Health Insurance Portability and Accountability Act requires that medical providers and insurers take reasonable precautions to ensure that the medical information of their patients remains private. At the same time, it is increasingly apparent that almost all cyber information systems have at least a few vulnerabilities, even if only through their users, and few systems can withstand a dedicated, concentrated cyber assault.
Developments over the last few years in federal labor law have generated a lot of discussion and analysis. Regulations and decisions affecting joint employer liability and the definition of employees at the federal level obviously draw the attention of employers. Its easy to overlook though that each state is often free to establish their own standards and tests for determining these questions; those standards may sometimes conflict with federal law.
The classification of workers as independent contractors or employees continues to draw aggressive state action. These classifications can significantly impact a host of employment-related areas, but the reason why states involve themselves so much in these determinations often center around taxation issues. To this end, New Jersey recently updated its regulations to make it significantly harder for companies seeking an exemption from unemployment taxes to classify their workers as independent contractors, and it will have a big impact on trucking companies.
Wire transfer fraud claims resulting from cyber attacks have increased dramatically over recent years, and companies are losing millions of dollars in these attacks. As is common when a new business risk develops, organizations look to their insurance policies to help cover their losses. As we have shared in previous examples, the coverage is not always adequate.
The extent of coverage for a company that has been a victimized may be sparse, and the costs of any breach are ongoing. Consequences of a fraudulent wire transfer depend not just on the specific wording in the policies a business has purchased, but as seen in the following instances, also being upheld differently in different states.
The next step in the long running saga over the Browning Ferris rule has finally arrived. After the National Labor Relations Board issued its decision in Browning-Ferris in 2015, a wave of lawsuits, regulatory challenges, and attempted legislative overrides put the future of that decision into doubt. An overturning of the rule became a key focus of the new administration in charge at the National Labor Relations Board. The board even issued a decision that purported to overturn the rule only to have that decision retracted due to an ethics issue. Now, on September 13, 2018, the Board has issued a new proposed regulation that seek to overturn the Browning-Ferris decision.