Credential Stuffing

If and when you get hacked, it’s easy to think cyber criminals used some high-tech program or code to gain access to your accounts. The truth is, however, that data breaches aren’t always this sophisticated, and all malicious parties need is a little trial and error to steal your personally identifiable information. This tactic is known as credential stuffing, and it’s becoming a common tool for cyber criminals of all kinds.

Simply put, credential stuffing attacks are when a malicious party takes a stolen username and password and tries it on a variety of different websites. For example, a hacker may have purchased your Google username and password from the dark web. Assuming that you use the same password for multiple accounts, the hacker would test these credentials on other platforms (e.g., banking or social media websites) using botnets (groups of computers tasked with various commands). Essentially, by using information from one account, criminals can potentially access data from a variety of platforms, draining bank accounts or gathering information they can sell to other malicious parties.

Credential stuffing can affect everyone, from individual users to the biggest companies. In fact, a Yahoo breach that impacted approximately 500 million users was largely carried out using credential stuffing. Thankfully, because credential stuffing relies on victims having the same password for multiple accounts, there are some simple ways to protect yourself:

 

  • Avoid using the same password for multiple accounts—Credential stuffing works because many users use the same password for multiple accounts. To avoid becoming a victim, it’s important to change your passwords often and never use the same password.

 

  • Use two-factor authentication—While complex passwords can deter cyber criminals, they can still be cracked. To prevent cyber criminals from gaining access to your accounts, two-factor authentication is key. Through this method, users must confirm their identity by providing extra information (e.g., a phone number or unique security code) when attempting to access corporate or personal applications, networks and servers. This additional login hurdle means that would-be cyber criminals won’t easily unlock an account, even if they have the password in hand.

 

  • Create strong password policies—For employers, ongoing password management can help prevent attackers from compromising your organization’s password-protected information. You’ll want to create a password policy that requires employees to change their password on a regular basis, avoid using the same password for multiple accounts and use special characters. Long passphrases are becoming increasingly popular as well, and may be a good option for your organization.

 

  • Provide security training—Even the most robust and expensive data protection solutions can be compromised should an employee click a malicious link or download fraudulent software. As such, it’s critical for organizations to thoroughly train personnel on common cyber threats and how to respond. Your employees should also know your cyber security policies and know how to report suspicious activity.

Workplace Wellness Programs to Reduce Workers’ Compensation Costs

By implementing workplace health initiatives, many companies are taking proactive measures to help with decreasing health issues affecting their employees. This is particularly important because of the following:

  • The working population is aging, with the national average around 42 years old.
  • There is a decreasing number of skilled workers, increasing the number of on-the-job injuries.
  • Obesity rates are astronomical and continue to rise.
  • There is a steady increase of inactivity among Americans.
  • Medical care costs continue to rise.
  • There is an increase in stress-related illnesses.
  • Approximately 10 percent of Americans are living with major limitations from chronic conditions, such as diabetes, asthma or thyroid disorders.

Most importantly for risk managers, non-work-related health issues directly increase the risk of work-related injuries.

Getting Employees Healthy

To assist your employees in getting healthy, staying healthy and consequently reduce their risk of a workplace injury or illness:

    • Create an employee safety education committee devoted strictly to health problems that correlate with injuries.
    • Teach employees how to properly investigate accidents and determine ways in which they could be prevented. This may include the following:
      • Ergonomics evaluations
      • Lift equipment evaluations
  • Offer personal health profile screenings for employees to identify their risk factors. This should include screenings for cholesterol, bone density, glucose, body mass index and other essential tests.
  • Provide personalized health coaching and self-help materials.
  • Offer quarterly corporate challenges to promote weight loss and activity.
  • Offer quarterly educational safety and health seminars.
  • Consider implementing a cross-promotional safety and health program with your health care provider.
  • Provide incentives to employees who fulfill health-related goals, or remain free from injuries for an established amount of time.
  • Refer all employees who suffer a work-related injury to the wellness program coordinator for a consultation.
  • Incorporate a safety presentation in your wellness seminars.
  • Workers’ compensation managers and risk managers should provide health and wellness referrals to injured employees.
  • Distribute monthly safety, health and nutrition tips to employees.

For more information and resources on how you can create an effective safety and health program, contact The Unland Companies today at (309) 347-2177.

Distracted Driving Prevention for Commercial Fleets

For many commercial fleets, driver and public safety is a top priority, and organizations take great care to prevent costly and potentially deadly accidents. While a number of factors can lead to a crash (e.g., impaired driving, poor road conditions and adverse weather), distracted driving is a common, preventable cause of accidents. Data from the National Highway Traffic Safety Administration (NHTSA) indicates that every year, up to 391,000 people are injured and 3,450 people are killed in crashes involving distracted drivers.

The NHTSA defines distracted driving as any activity that diverts attention from driving.

Distracted driving is an ongoing safety concern for commercial fleets. However, the widespread increase in cellphone use over the past decade has brought the issue to the forefront.

Studies have shown that many collisions and near-collisions involve some form of driver inattention, often just three seconds prior to the event. These statistics are particularly noteworthy for fleets, as many commercial vehicles have poorer driver visibility than personal cars and are much more difficult to control or stop in the event of an emergency. For commercial fleets, distracted driving can lead to increased insurance premiums, costly repairs, decreased productivity, reputational damage, and driver injury or death.

TYPES OF DISTRACTED DRIVING

Any time a driver reaches for an object or gets distracted by outside stimuli, the chances of an accident drastically increase. In fact, studies show that simply by dialing a cellphone, the likelihood of a crash is six times greater.
To remain safe on the roads, drivers need to be aware of common distractions that can put them and the public in danger:

  • Using electronic devices such as a GPS, MP3 player, radio, cellphone or laptop
  • Reading maps, books, texts or printed directions
  • Combing hair, putting on makeup, shaving, brushing teeth or performing similar grooming activities
  • Eating, drinking or smoking
  • Talking with passengers or tending to children or pets
  • Focusing attention on visual distractions outside the vehicle, such as collisions, police activity, street signs, pedestrians, construction or billboards
  • Multitasking
  • Daydreaming

TIPS FOR EMPLOYERS

RESPONDING TO DISTRACTED DRIVING

In order to maintain safe driving practices, organizations must take a top-down approach to combating distracted driving. Only through effective policies and training can commercial fleets identify and respond to potentially harmful driving behaviors. Organizations and fleet managers can also help reduce the risk of distracted driving by doing the following:

  • Create a driver safety program and a distracted driving policy. Regularly communicate your policies using things like emails, blogs and posters.
  • Use applications to detect when your drivers are on the road. Many of these applications prevent individuals from contacting a driver while their vehicle is in motion.
  • Instruct drivers to pull off the road and park if they need to use their phone or an electronic device.
  • Equip vehicles with lockboxes that drivers can use to store potential distractions, like smartphones and tablets.
  • Educate your drivers on the risks of driving while distracted. Use real-life examples and stories to explain how dangerous distracted driving can be.
  • Update your organization’s handbook, noting any disciplinary actions you will take if you identify unsafe driving behavior.
  • Ask your employees to sign a pledge form indicating their willingness to drive in a safe and courteous manner.
  • Work with drivers to plan trips. This ensures that drivers have a clear understanding of their routes, which can reduce the need for GPS and other potentially distracting navigation devices.
  • Manage driver schedules to ensure employees are well-rested between trips.
  • Use telematics, driver monitoring programs and in-cabin camera systems to evaluate individual drivers. Whenever possible, reward positive driver behavior to encourage a culture of safety.
  • Perform a safety audit, which will give you a high-level overview of distracted driving risks and other concerns.

CREATING A DISTRACTED DRIVING POLICY

While the specifics of policies may differ from fleet to fleet, a good distracted driving policy should include the following:

  • A policy statement that clarifies your organization’s stance on distracted driving. This statement should specify the purpose and goals of the policy.
  • A definition of distracted driving. This definition should highlight the dangers of distracted driving and the ways it affects your organization.
  • A summary of whom the policy applies to. In general, your policy should account for all company employees, even if driving a vehicle isn’t a regular part of their daily duties.
  • A list of what constitutes as distracted driving and actions that are strictly prohibited to ensure driver safety.
  • A list of suggested practices to reduce the risk of distracted driving.
  • A list of potential consequences if the terms of the policy are breached.
  • A space for the employee’s and fleet manager’s signatures.

INSURANCE TO PROTECT YOUR BOTTOM LINE

Managing distracted driving will only become more difficult as technology advances and individuals become more reliant on personal devices like cellphones and tablets. Regardless, commercial fleets have a duty to ensure a safe workplace and combat all forms of distracted driving.

Commercial fleet accidents caused by distracted drivers can damage reputations and claim lives. To protect your drivers and your organization, it’s important for fleets to work alongside a qualified insurance broker. Not only can they provide advice on your company’s risk management needs, but they can also recommend specific insurance policies to keep you protected on and off the road. To learn more, contact The Unland Companies today.

Workplace Wellness: County Benchmark Data For Wellness Initiatives

County Benchmark Data for Wellness Initiatives

Benchmarking data can be a beneficial tool for gaining a better understanding of your employees’ risk factors and their health needs. This data is useful for designing a workplace wellness program that will better meet the needs of your employees and increase your return on investment.

County Benchmark Data

County benchmark data can be a valuable tool for learning about your employees’ health risks. If you assume that your employee population has the same general health risks, behaviors and habits as your county’s population, you can use benchmark data to shape your wellness initiatives.

The Centers for Disease Control and Prevention (CDC) offers reliable health benchmark data broken down by county. The following are some of the health metrics provided for each county:

  • Adult smoking
  • Adult obesity
  • Physical inactivity
  • Excessive drinking
  • Alcohol-impaired driving deaths
  • Diabetes
  • Mammography screening
  • HIV prevalence
  • Uninsured rates
  • Access to exercise opportunities

Put it into Practice

Below is an example for applying these benchmarks to your own wellness initiatives. According to the CDC, 30 percent of adults in Madison County, Mississippi, are obese, which is higher than the national average.

So if your business is based in Madison County, Mississippi, and assuming the individuals analyzed by the CDC are representative of your employee group, you might presume that your employees (and their spouses and dependents) have a higher than average rate of obesity. Since obesity is a risk factor for many significant health problems like heart disease and strokes, you may want to implement wellness initiatives that encourage employees to eat healthier and exercise more.

To access the CDC county benchmarks, visit www.countyhealthrankings.org. Then, simply select your state and county to get started.

Want more information or need help applying county benchmark data to your company’s workplace wellness initiatives? Contact The Unland Companies today.

25 Most Commonly Stolen Passwords

person lifting up rug to reveal set of keys

How clever is your password? If it’s on the list below, your password is just as easily stolen as it is remembered. Protect yourself by making sure you’re not using one of the top 25 most commonly stolen passwords of 2018, as determined by IT security firm SplashData.

To create a more secure password, make sure you are not relying only on numbers, and try to avoid simple keyboard patterns. You may also want to avoid easy-to-find information such as birthdays, favorite sports teams and addresses. Attempt to create a password that is eight or more characters long, and avoid using the same password for multiple access points.

  1. 123456
  2. password
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567
  8. sunshine
  9. qwerty
  10. iloveyou
  11. princess
  12. admin
  13. welcome
  14. 666666
  15. abc123
  16. football
  17. 123123
  18. monkey
  19. 654321
  20. !@#$%^&*
  21. charlie
  22. aa123456
  23. donald
  24. password1
  25. qwerty123

Cyber Risks & Liabilities – Top Cyber Predictions for 2019

cyber security internet and networking concept.Businessman hand working with VR screen padlock icon on computer background

The average global cost of a data breach has risen to $3.86 million, magnifying the need for companies to be aware of all potential threats. Here are just a few of the threats that cyber security experts have forecast for 2019.

Artificial Intelligence (AI) as a Weapon

With AI being so young, it is still vulnerable to attacks that can affect its operations. However, AI could also be used defensively to identify new threats and better protect systems from attacks.

A Lack of Security in the Cloud

As organizations are adding more data to the cloud, they’re not practicing good enough housekeeping to secure that data, making them a top target for cyber criminals.  

5G Network Vulnerability

As 5G takes the place of 4G, the market for 5G infrastructure is expected to grow by 118 percent annually through 2022. Although that rate of growth may be profitable for cellular networks and providers, it creates new vulnerabilities as well. Instead of connecting to a Wi-Fi router, 5G devices are expected to connect directly to a 5G network, making those networks more appealing targets to hackers while also making it more difficult for home and office users to monitor their devices.

Biometric Hacking

Despite being the most secure method of authentication, biometric data can be stolen and altered. And sensors on smart devices can deteriorate with excessive usage, making them less reliable and easier to hack.

Skimming Magnified

Criminals are targeting bank networks with malware, similar to the way they use credit and debit card skimmers to steal banking information and passcodes from unsuspecting customers. The result can be millions of dollars in losses and a lack of trust in major financial institutions. 

Online Gaming 

The online gaming industry has seen massive growth and is expected to hit $2.2 trillion by 2021. This is an attractive target for cyber criminals who can easily pose as gamers and gain access to their credit card information. 

More Targeted Spear Phishing 

Devious cyber criminals are using tactics that involve breaking into an email system and learning as much as they can about their targeted victims. They use that information to take advantage of the trust built with another person and scam them out of money. 

New Sanction Retaliations from Iran Worry U.S. Banks

After the Trump administration reimposed the sanctions lifted as part of the 2015 Iran nuclear deal, U.S. banks are expecting retaliation in the form of cyber attacks.

The Treasury Department added 700 entities to the list of reinstated sanctions, including Iranian banks, aircraft, vessels, individuals and the country’s energy sector.

According to recent reports, a major U.S. bank, which chose not to be identified, listed Iranian hackers as the top trending cyber threat, even ahead of North Korea. 

The entire banking industry is on alert after the Iranian government issued public statements intending to defy the sanctions. When asked about the threat, the CEO of the Financial Services Information Sharing and Analysis Center—the privately run group that coordinates defenses against cyber attacks—stated that he was more confident in the organization’s ability to ward off Iranian cyber attacks than when Iran targeted U.S. banks in 2011.

From 2011-2013, Iran launched a series of cyber attacks, jamming the internet services of major U.S. banks with garbage computer traffic. Instigated by seven Iranians on behalf of the Islamic Revolutionary Guard Corps, the cyber attacks were unprecedented in size.

Experts at cyber security firm CrowdStrike worry that the Iranian hackers’ skills have grown since the 2011-2013 attacks. Although banks are at the top of the radar, every type of business is vulnerable to cyber attacks, magnifying the need for adequate cyber security. 

How to Secure Office IoT Devices

An internet of things (IoT) device is any smart device that is connected to the internet. Many of these devices are everyday objects—like watches or thermostats—that connect via Wi-Fi, allowing users to control them remotely or even collect data.

Employers pride themselves on using IoT technology to make their workplaces more modern and help them stand out from their competitors. Things like smart desks, video conferencing systems, security systems, smart TVs and intelligent HVAC systems are becoming more commonplace. Unfortunately, these same gadgets, as well as other IoT devices, can create a growing security threat for businesses who aren’t prepared. 

There is a lack of consistency between manufacturing companies who make the IoT devices. They have different operating systems and different security measures, and some aren’t even capable of software updates. This makes it difficult for IT departments to prevent hackers from accessing IoT devices and gaining access to company networks. 

That’s not to say that your organization shouldn’t use IoT devices altogether. You just need to take extra precautions. Here are a few ways to protect your valuable data while reaping the benefits of IoT devices:

  • Consider multi-factor authentication or use certificates.Both are able to stall hackers who’ve managed to crack your password. 
  • Create a separate Wi-Fi network specifically for all IoT devices.If hackers access the IoT network, your separate business network should still be safe.  
  • Limit access to sensitive data.For example, IoT security cameras can expose sensitive information to hackers. Therefore, it is important to consider what the device has access to before setting it up. Be sure to also clear its storage on a regular basis. In addition, it’s important to never store critical business or personal data on these devices.
  • In the event of a hack, be prepared to disable your devices and reset the factory settings at any time.If you regularly back up your devices, it should be easy enough to restore them and reconnect.
  • Avoid installing third-party software. It’s easy to add functionality to IoT devices simply by installing additional applications. However, you should never install software from an untrusted source. Doing so can open the door to hackers.
  • Turn off IoT devices when they aren’t in use.This may seem like a simple solution, but active devices are vulnerable to attacks. Just by switching off unused devices, you can improve network security overall.

Although IoT technology is likely here to stay, it is important to remember that it is still in its infancy. By taking proper precautions, you can enjoy its conveniences instead of letting it threaten your business operations.  

This Compliance Bulletin is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel for legal advice. © 2018 Zywave, Inc. All rights reserved.

Advantages of Benchmarking Your Benefits Program

man looking at graphs on computer

An attractive benefits program is vital for your recruiting and retention efforts, but it is also a significant expense. To ensure you are providing a package that is both competitive and economical, you need to know how your offerings compare to others in your industry. Benchmark data can provide valuable insight for evaluating your benefits package, something that is more important than ever in light of health care reform.

Employer interest in benchmark data has grown over the past decade, as the cost of providing health care benefits continues to skyrocket and companies look for new ways to manage costs. Analyzing how other companies are structuring their plans and the strategies they are using to cut costs may make your own benefit plan decisions a bit easier.

What Data Can You Benchmark?

There is information available for almost any aspect of a benefits program, including total costs, cost-sharing measures, plan design, voluntary offerings, workers’ compensation and paid leave.

Whether you are curious to know how your voluntary disability benefits stack up or are wondering if your paid leave program is comparable to competitors, there is likely benchmark data available. We at The Unland Companies would be happy to provide you with a variety of benchmark data—simply let us know what you are interested in learning.

Health Care Reform Implications

Interest in benefits benchmark data has grown since the introduction and ongoing implementation of health care reform. The regulations and provisions of health care reform require significant changes to benefit plans, and, in many cases, tough decisions for employers.

Knowing how other employers are approaching these issues could be beneficial in helping you reshape your benefit program for this new health care insurance landscape.

Employers are responsible for implementing many new rules and absorbing their costs, which will likely mean cutting or shifting costs elsewhere. These decisions can make the difference between maintaining a competitive benefits package and seeing a decline in recruiting and retention of quality employees.

Knowing how other employers plan to address these benefits decisions can be incredibly advantageous for your company. Contact The Unland Companies for more information on benefit plan benchmark data.

The ACA Remains in Place After Being Struck Down by a Federal Court

aca compliance bulletin logo

OVERVIEW

On Dec. 14, 2018, a federal judge ruled in Texas v. United States that the entire Affordable Care Act (ACA) is invalid due to the elimination of the individual mandate penalty in 2019. The decision was not stayed, but the WhiteHouse announced that the ACA will remain in place pending appeal.

This lawsuit was filed by 20 states as a result of the 2017 tax reform law that eliminates the individual mandate penalty. In 2012, the U.S. Supreme Court upheld the ACA on the basis that the individual mandate is a valid tax. With the penalty’s elimination, the court in this case ruled that the ACA is no longer valid under the U.S. Constitution.

ACTION STEPS

This ruling is expected to be appealed and will likely be taken up by the Supreme Court. As a result, a final decision is not expected to be made until that time. The federal judge’s ruling left many questions as to the current state of the ACA; however, the White House announced that the ACA will remain in place pending appeal.

Background

The ACA imposes an “individual mandate” beginning in 2014, which requires most individuals to obtain acceptable health insurance coverage for themselves and their family members or pay a penalty. In 2011, a number of lawsuits were filed challenging the constitutionality of this individual mandate provision.

In 2012, the U.S. Supreme Court upheld the constitutionality of the ACA in its entirety, ruling that Congress acted within its constitutional authority when enacting the individual mandate. The Court agreed that, while Congress could not use its power to regulate commerce between states to require individuals to buy health insurance, it could impose a tax penalty using its tax power for individuals who refuse to buy health insurance.

However, a 2017 tax reform bill, called the Tax Cuts and Jobs Act, reduced the ACA’s individual mandate penalty to zero, effective beginning in 2019. As a result, beginning in 2019, individuals will no longer be penalized for failing to obtain acceptable health insurance coverage.

Texas v. United States

Following the tax reform law’s enactment, 20 Republican-controlled states filed a lawsuit again challenging the ACA’s constitutionality. The plaintiffs, first, argued that the individual mandate can no longer be considered a valid tax, since there will no longer be any revenue generated by the provision.

In addition, in its 2012 ruling, the Supreme Court indicated(and both parties agreed) that the individual mandate is an essential element of the ACA, and that the remainder of the law could not stand without it. As a result, the plaintiffs argued that the elimination of the individual mandate penalty rendered the remainder of the ACA unconstitutional.

The U.S. Justice Department chose not to fully defend the ACA in court and, instead, 16 Democratic-controlled states intervened to defend the law.

Federal Court Ruling

In his ruling, Judge Reed O’Connor ultimately agreed with the plaintiffs, determining that the individual mandate can no longer be considered a valid exercise of Congressional tax power. According to the court,“[u]nder the law as it now stands, the individual mandate no longer ‘triggers a tax’ beginning in 2019.” As a result, the court ruled that “the individual mandate, unmoored from a tax, is unconstitutional.”

Because the court determined that the individual mandate is no longer valid, it now had to determine whether the provision is “severable” from the remainder of the law (meaning whether other portions of the ACA can remain in place or whether the entire law is invalid without the individual mandate).

In determining whether the remainder of the law could stand without the individual mandate, the court pointed out that “Congress stated three separate times that the individual mandate is essential to the ACA … [and that] the absence of the individual mandate would ‘undercut’ its’ regulation of the health insurance market.’ Thirteen different times, Congress explained how the individual mandate stood as the keystone of the ACA … [and,] ‘together with the other provisions’ [the individual mandate] allowed the ACA to function as Congress intended.” As a result, the court determined that the individual mandate could not be severed, making the ACA invalid in its entirety.

Impact of the Federal Court Ruling

Judge O’Conner’s ruling left many questions as to the current state of the ACA, because it did not order for anything to be done or stay the ruling pending appeal. However, this ruling is expected to be appealed, and the White House announced that the ACA will remain in place until a final decision is made. Many industry experts anticipate that the Supreme Court will likely take up the case, which means that a final decision will not be made until that time.

While these appeals are pending, all existing ACA provisionswill continue to be applicable and enforced. Although the individual mandatepenalty will be reduced to zero beginning in 2019, employers and individualsmust continue to comply with all other applicable ACA requirements. This rulingdoes not impact the 2019 Exchange enrollment, the ACA’s employer shared responsibility(pay or play) penalties and related reporting requirements, or any otherapplicable ACA requirement.

© 2018 Zywave, Inc.

Maximizing Open Enrollment for Employees

Big company Top managers attending business session of a professional coach trainer at big studio interior

Open enrollment can be an overwhelming time for both employers and employees. Employees are given the opportunity to re-evaluate their current benefits and make changes for the coming year, while employers must choose a benefits package that balances cost and value and facilitate the enrollment process. Due to a variety of factors, benefit offerings are changing, placing new demands on employees and employers during open enrollment. To make the enrollment process as smooth as possible, it is important that employers educate and communicate with their employees effectively.

The Open Enrollment Process

As employer-sponsored benefits transition to more voluntary, employee-paid or employee-subsidized offerings, employees must assume more control in making smart decisions. Accordingly, employers should provide benefit information in an easy-to-understand format that provides employees with essential information, along with additional resources to help them make decisions.

Here is a typical open enrollment process:

  • Notification – Employers send out an organization-wide announcement alerting employees that open enrollment will begin shortly. 
  • Receipt of Information – Employers distribute information about benefit plans, selection information and the appropriate forms to their workers. Employees may also receive personal information based on their elections from the previous year.
  • Employers may direct their employees to the company website, invite them to attend HR seminars, offer a benefit fair with the insurance company or offer access to interactive decision-making tools. 
  • Making Decisions – Employees research their various benefits options and discuss with family to determine which benefits they will elect for the coming year.
  • Enrollment – Employees select their benefits.

Open Enrollment Strategies

The following suggestions, based partially on an employee survey conducted by MetLife®, can improve the open enrollment process for both employers and their employees:

  • Establish solid communication between the HR department and employees. To do so effectively, conduct meetings and seminars and offer calculators, intranet education information and benefit fairs. If your organization is smaller, conduct one-on-one meetings with employees to determine exactly the type of information they need.
  • Survey your employee population to determine their priorities—product importance, preferred method of communication, etc. By doing so, employers can identify exactly what their employees want, and workers feel their needs have been heard by decision-makers.
  • Customize benefits and information resources to the life stages of your employees. For instance, if you have a large older population, feature more retiree benefits and long-term care insurance.

Communication

It is also wise to communicate with your employees in the same way that they communicate on a regular basis. For example, if messages are received via postings in a common area, consider placing benefit information in that area as well.

  • By customizing your benefits to your population, you can increase employee satisfaction without increasing your spending.
  • Employees have an easier time selecting the benefits that are best suited for them and their families.
  • Provide easy-to-understand tools. This will lessen employee confusion and the feeling of being overwhelmed while trying to make tough decisions.
  • Consider offering new benefits, even if they are voluntary, such as dental insurance, vision insurance or benefits for prescription drugs. Employees tend to make more changes when they receive new options.
  • Even if employees must pay 100 percent for such voluntary options, they can still be attractive offerings. Since the benefits are negotiated by the employer, employees typically receive a group rate, which is significantly lower than purchasing them individually.
  • Offer a second, off-cycle enrollment period when new benefits are featured. This can be a time for employees to focus on voluntary benefits and other offerings that are not traditional. These benefits are typically overshadowed by health insurance and retirement options, so a second off-cycle enrollment is a great time for employees to focus on their other needs. 
  • Make plan information as simple as possible, while also being interactive. Employees should be able to understand their offerings to make more knowledgeable decisions.
  • Maintain all Summary Plan Descriptions on your website, rather than directing employees to the insurance carrier site for information. This provides easy access to information and makes the company appear more in control of the information.

Overall, a successful and effective open enrollment process can have a dramatic impact on the relationship between employers and their employees. By catering to their needs and wants, employers will ultimately make the experience more enjoyable and worthwhile for their workers. As a result, they will feel more secure in their benefits decisions throughout the plan year.

Switching Health Plans

Stethoscope and pen on report pad ,health and medical concept ,selective focus.

The thought of changing your health insurance plan may be daunting. But when you learn your employer is making changes, it provides you with the opportunity to review your health care needs and possibly select a better-suited plan.

The first thing that many people think about when picking an employer-sponsored health care plan is price. What are the plan’s premiums and out-of-pocket expenses (e.g., deductible, copayment and coinsurance)? While price is undeniably an important factor when choosing a new plan, there are several other criteria that should be examined before electing new coverage.

Reviewing Provider Networks
When weighing your new plan options, it is important to check out each insurer’s website to determine if your current physician is within the plan’s network. Knowing which physicians are in-network can help reduce costs, since receiving out-of-network care typically will result in higher out-of-pocket expenses.

Prescription Drug Coverage
Some insurance plans have certain drug formularies, or a preferred list of medications, and step therapy requirements, which require individuals to try more cost-effective treatments before “stepping up” to more costly drugs.

If step therapy requirements are not followed or if your medication is not on the carrier’s formulary, your prescription could cost more, or it may not be covered at all. If you regularly take a certain medication, you will want to visit your new carrier’s website to view the plan’s drug list. A drug requiring step therapy, for example, may be marked with an “ST.” If a medication you take is on this list, contact your physician to determine the best course of action. Reviewing prescription drug coverage before selecting a plan helps ensure you are financially prepared for any adjustments to prescription drug coverage and can reduce confusion at the time of pharmacy pick-up.

Mental Health and Substance Abuse Coverage

Although mental and behavioral health treatments are one of the 10 essential benefits required by the Affordable Care Act (ACA), individual insurance policies may vary on the extent to which these services are covered. For instance, some plans may cap reimbursement at 20 therapy visits while others may not have an annual limit. Being aware that limits for these services may change between your old and new plan is essential when planning for and managing your health care expenses.

Upcoming Scheduled Medical Procedures

If you have already scheduled a medical procedure for the new plan year, it is important to contact your physician’s office to ensure you are still covered under your new plan. For example, a pre-authorization for surgery may be required by your new insurer, so by communicating insurance changes with your physician’s office prior to receiving services, you can avoid any billing surprises after the procedure.

Tax-advantaged Options

Lastly, some plans may feature tax-advantaged options like a health reimbursement account (HRA) or health savings account (HSA). While these programs vary in requirements and structure (for example, HSAs must be tied to a high deductible health plan), their end goal is to help minimize health care expenses. Reviewing new plans to see if an HRA or HSA is offered may be one way to potentially reduce your financial responsibilities.

Call 800-747-3241 or email us directly if you have any questions.