Articles

PART 1 OF 3: Construction Industry Risks: Data Privacy and Cyber Security Basics

Rarely does a week pass when we don’t hear about another major cyber breach, computer virus, or social engineering scam. Healthcare, financial institutions, retail, and governmental networks tend to experience the highest frequency of attacks. However, that does not mean that the construction industry is immune to cyber attacks. The truth of the matter is that any business connected to the internet is a potential victim. This is the first in a three part series discussing cyber events as they relate to the construction industry. Below we discuss why contractors need to address the risks associated with cyber exposures. In part two, we will discuss cyber risk management basics: what you can do to prevent a cyber event from occurring and how you can minimize damage if and when they do occur. Finally, in part three, we will discuss risk transfer and how outsourcing, contract management, and insurance can protect your firm from loss.

Read more

Form 1095 Deadline and Penalties

As part of the ACA employer reporting requirements, certain employers must provide a Form 1095-C or 1095-B to all applicable employees by March 31, 2016. Employers subject to employer reporting requirements who fail to provide the required Form 1095s by the deadline may face penalties similar to those imposed for W-2 reporting.
Background

Read more

Proposed Revisions to SBC and Uniform Glossary

On February 22, 2016, the Departments of Labor, Treasury, and Health and Human Services (“the Departments”) released proposed updates to the Uniform Summary of Benefits and Coverage (SBC) template, instructions, and Uniform Glossary (“glossary”). The proposed documents build largely on the revisions first proposed in December 2014. However, they incorporate additional stakeholder feedback—primarily from the NAIC—and the Departments are requesting public comments through the end of March before the documents are finalized.

Read more

Does Your Firm Have a Network Breach Plan?

Your IT Department has assured the latest updates and patches are in place for your firm’s network and your technology consultants are confident the system is set to prevent a hacking attack. But, just in case, your firm has recently purchased “cyber liability” insurance. It is time to sit back and forget about those headlines of security breaches that occur for other professional services firms. Belt and suspenders have now been added to the network with insurance, right? Unfortunately, understanding the firm’s network exposure is only the beginning of the risk management process – you’re still at step 1. To complete the risk management process, professional services firms should familiarize themselves with network security procedures and insurance, ensure stakeholders are aware of the coverage purchased, and incorporate the correct consultants into a breach response plan.

Read more

Social Engineering Criminals May Be Targeting Your Organization: Are You Vulnerable?

What is social engineering fraud?
Human-based social engineering fraud (sometimes referred to as human hacking) is defined as the art of influencing people to disclose information and getting them to act inappropriately. The consequences of social engineering fraud usually manifest when an employee is intentionally misled into sending money or diverting a payment based on fraudulent information. In 2014, over 100,000 new social engineering attacks were attempted every day against businesses of all sizes. This represented a 91% increase from the previous year, and has continued to rise. Often, the attackers utilize cleverly disguised phone calls or emails based on well-researched personal and company information, available in the public domain. An attacker may even pose as a trusted vendor or spoof your internal email addresses to resemble an internal email from a co-worker.

Read more

Form 1095 – Employee Communications

Many employers want to provide some type of communication along with or before the distribution of Form 1095s to relevant employees. Although any employee communication must be tailored to meet the employer’s specific circumstances, some general concepts are addressed here that can be adjusted as appropriate to help employees understand why Form 1095s are being provided, what type of information they provide, and how they are to be used.

Read more

Preparing For The Snow

That preparation should include a review of the business’ insurance portfolio, specifically the ingress & egress coverage, and civil authority coverage of the business’s property policy.
Most standard property policies usually only cover loss “caused by direct physical loss of or damage to property.” Therefore, if a company has a roof collapse due to heavy snow load, it is likely the building and the resulting interruption of business would be covered by the policy. However, if the building or property is not damaged, and the business cannot operate due to the inability of access to the plant, building, or facility due to the weather, is that a covered loss under the property policy? The answer is, “It depends.”

Read more

How to Prepare for a Data Breach in Healthcare

To ensure proper data breach response preparedness (and to show proper due diligence), your directors and leadership staff should be asking I.T. and key partners the pertinent questions now, before a breach occurs:
Have we ever had system penetration testing done, and have we reviewed the results?

Read more

Cadillac Tax – Delayed

In December, the Consolidated Appropriations Act, 2016 was signed into law which, amongst other provisions, effectively delayed the excise tax on high-cost health coverage (also known as the “Cadillac Tax”) until January 1, 2020. In addition, the law made the excise tax deductible and provides for a study to determine whether appropriate age and gender benchmarks are being used to determine the Cadillac tax threshold adjustments.

Read more

IRS Released Additional §4980H Guidance

In mid-December, the Internal Revenue Service (IRS) released further guidance on a variety of Affordable Care Act (ACA) provisions that affect employer-sponsored group health plans via Notice 2015-87. The notice was provided in a Q&A format, with several of the responses clarifying §4980H (“employer mandate”) requirements, including guidance in regard to determining affordability, counting hours of service, and 2016 penalty (assessable payment) amounts.

Read more

IRS Extends Deadline for Employer ACA Reporting

The IRS has issued Notice 2016-4 extending the due date for employers to complete their 2015 ACA Form 1095 and 1094 reporting. The deadline for employers to provide a Form 1095 (C or B) to applicable employees and other covered individuals has been extended from February 1, 2016 to March 31, 2016. The deadline to provide the IRS with an employer Form 1094 (C or B) transmittal form and individual Form 1095s has been extended from February 29, 2016 to May 31, 2016 if the employer is not filing electronically, and from March 31, 2016 to June 30, 2016 if filing electronically.

Read more