June 2009

Phone fraud costs American businesses billions of dollars every year. How much is it costing you?

Although computer hackers might break into telephone systems for thrills, thousands of criminals make a living at it by selling their services to “retailers,” who offer stolen phone-access numbers to drug traffickers or illegal immigrants.

To protect your business against phone fraud, experts recommend taking these basic proactive measures:

• Adopt a prevention program. Use the security measures that your system provides and change passwords and/or access codes frequently.
• Block calls to countries where you don’t do business. Most phone thieves are interested in making international calls.
• Eliminate direct inward system access or remote access systems, which allow employees working remotely to access an outbound line with an 800 number. Issue phone credit cards instead.
• Review call-accounting reports to identify fraudulent usage. Check for repeated failed password attempts, long calls, calls after certain hours, and other patterns.
• Secure your voice mailbox and auto-answer attendant system to prevent an inbound caller from getting an outside line via these automated devices. Change passwords to access mailboxes monthly.
• Discuss security measures with your long-distance phone carrier. The phone company might have informational materials for your staff.
• Educate all employees about phone fraud. Instruct your switchboard operator not to transfer incoming calls to an outside operator. Make sure that employees working on the road don’t have anyone listening or watching when they read or key in their calling-card number. Tell employees not to give their PIN to any caller (phone companies never call customers to verify a PIN).
• If you have a PBX system, do a monthly security audit and check authorization codes. Consider buying a PBX protection package that can help you monitor potentially fraudulent activity, such as repeated searches for a dial tone, and can limit your liability for unauthorized calls. You might be eligible for a discount on toll-fraud insurance if you have a PBX security package.
• Buy Toll Fraud insurance. If you have a PBX security package, you might be eligible for a discount.

Our specialists can help you create a comprehensive phone fraud protection program. Just give is a call.

With the coming of summer, more and more workplaces will be turning up their air conditioning — and that might well trigger an outbreak of “dry eye syndrome” (DES) among your employees. The symptoms of DES include redness, itching, extreme sensitivity to light, excessive tearing, and a scratchy or filmy sensation in the eye.

More and more cases have been cropping up in the working population, with the condition becoming so common that it’s easy to ignore. Some 9 million to 10 million Americans have been diagnosed with chronic DES, while millions of others suffer occasional symptoms. The American Academy of Ophthalmology reports a “staggering” increase in DES, with one ophthalmologist treating an average of 10 cases a day, mostly caused by prolonged exposure to air conditioning systems.

The cases are concentrated in specific work environments. Research by the National Women’s Health Research Center shows a strong percentage of cases among accountants, software engineers, executive assistants, and customer service reps — all professions tied to computer screens in air-conditioned offices. This conclusion dovetails with a survey which found that of some 300 workers suffering from DES, more than two in three reported that their work involved extensive computer use in air conditioned (or low humidity heated) workspaces.

However, the problem is also found outside the office, among such groups as long haul truckers and airline flight crews that spend their workdays in confined, highly air-conditioned spaces, with little influx of fresh outside air.

As summer heat forces many of us to spend more time indoors and motivates building engineers to turn up the air conditioning, your workers might be increasingly vulnerable to DES — leading to lost work time and falling productivity. It makes sense to educate employees about this exposure. Let them know that although the symptoms are unpleasant, painful, or frightening, the condition is usually easy to treat. You can also take such preventive measures as varying the temperature and giving workers breaks in areas with the air conditioning turned down.

For guidelines on dealing with DES in the workplace, please get in touch with us.

Exposure to mold remains a hot topic in workplace safety and health. Experts recommend these guidelines for handling this widespread exposure:

• You can’t avoid it! Mold is present on all types of surfaces, and even in the air. Because mold is a living organism (fungus), it’s in a constant state of flux: Growing, reproducing, and dying.
• Dry out the problem. Because a lack of moisture will limit the growth of mold inside buildings, removing excess water in your facility can eliminate the fungus.
• Don’t sample from the get-go. This can get expensive if you’re not sure you have a mold problem — and most mold problems require multiple samples. Ask yourself: Can you see mold? Smell it? Do you have a water problem? Are you susceptible to flooding or water damage? What are the seasonal variations of your area? Do you live by a body of water that puts excessive moisture in the air? Do you have a poor or outdated ventilation system in your facility? If you come up with any “yes” answers, talk to an expert about sampling.
• There are no exposure levels for mold. Because humans are exposed to such immunosuppressive drugs as prednisone and chemotherapy and disorders like diabetes, no permissible exposure levels have been set for mold. There’s no proven correlation between mold exposure and health effects.
• Don’t waste your time with bleach! Although bleach will kill actively growing fungi, including the spores, the dead spores can still cause an allergic response.
• Don’t terminate a sick employee because of a mold-related illness. If a worker is convinced that they have a workplace mold allergy and a doctor supports them, it might be more cost-effective to accommodate them. Terminating the employee might leave you wide open to a lawsuit. Because there’s little legislation on mold, a claim can easily get down to a “battle of the experts” that could get pricey. If possible, offer such options as telecommuting to accommodate the worker. If you can’t reach an accommodation, have a competent expert combat the claim and speak to your attorney before terminating them.

Our risk management specialists would be happy to help you develop a mold control program — just give us a call.

The most sophisticated security systems can often be breached by rummaging through the company trash for a discarded password. Banks sometimes find customers’ ATM cards with the “secret” PIN code written on the card itself. And how often have you overheard a supposedly “confidential” conversation by someone shouting into their cell phone in public?

Have you ever considered how much of your customers’ private information might be left lying around the office? Fellow employees, cleaning crews, other customers, and repair people can easily walk by an absent employee’s desk and see confidential information scattered about or left on the computer screen. While you’re spending thousands on software barriers to protect files against hackers, those same files could be sitting open in your office for all to see. And don’t overlook the most obvious and massive security breach in any business — human error

Walk through your office after hours or while employees are at lunch and see for yourself how much information is left openly accessible. For example, you might be surprised by how many employees put their passwords on Post-it notes attached to their computer screen. Sit in the middle of the office (or at the next booth or table at lunch) and listen for how much of your employee’s conversations (and possible confidential customer information) you can overhear.

Then decide what you can do to minimize this risk. Make sure that desktops are clear at night; add password-protected screen savers to your computers (and change the passwords often); and remind employees to be sensitive about what they reveal in public conversations.

It’s far better to clean up this problem now than to have it clean you out later.

If you’d like our risk management professionals to review your information privacy protection plan, just give us a call.

High turnover, sexual harassment, violence in the workplace, employee theft — when you hire the wrong person, you’re risking a lot of problems. Avoid these common errors:

1. Failing to Identify Company Needs
   Define requirements for the position in terms of skills, character, competency, and experience. Test the assumption that you need a certain type of employee
2. Failing to Test Employee Skills
   Unless you assess an applicant’s skills, you’re gambling that they can perform — a bet you might well lose.
3. Hiring out of Desperation
   Hire in haste — and end with waste. If you can’t hire in a timely manner, bring in a temporary or leased employee, or borrow a worker from another company.
4. Hiring out of Laziness
   If you don’t like to hire people, outsource this function to a reliable professional third party.
5. Hiring out of Infatuation
   Just because someone “looks” right for a job doesn’t mean that they will be. To avoid infatuation, use follow-up meetings and joint interviews.
6. Letting Baggage Get in the Way
   The best and brightest don’t always look and act the way you think they should. Seeking diversity is not only important to placate the EEOC — it’s essential in today’s competitive economy.
7. Hiring Based on Recommendations
   Just because someone thinks somebody they know is a great worker doesn’t mean they are. Go through the same hiring process with every potential employee.
8. Blindly Using Internal Promotion
   Promoting solely from within can create inbreeding and stagnation. Fill at least one third of your new positions from the outside.
9. Skimping on Background and Reference Checks
   Don’t let concern for EEOC and legislative privacy guidelines keep you from investigating backgrounds extensively. Poor hiring decisions are caused by not asking the right questions.
10. Failing to Recognize a Poor Hiring Decision

Do your best to keep bad hires on their feet by putting them in at least the same position that you found them. Help them with outplacement and a small severance package, so you don’t end up with a bitter ex-employee or, even worse, a lawsuit.

Every business needs to maintain a secure workplace. To protect yourself against a wide variety of potential dangers — from armed and deranged employees to the threat of a terrorist act in the post-9/11 environment — means integrating a comprehensive security policy into your daily operations, rather than seeing it as an afterthought.

Business expert and motivational speaker John Di Frances stresses the need for companies to “ruffle complacency feathers [and] realize that catastrophic events are all too possible.” Di Frances advises business to create an “organizational awareness” of security issues by setting procedures to identify and deter everything from maliciously planted computer programs to embezzlement. Training managers to heighten their security awareness should play a key role in this process.

How much are you doing? To assess your readiness, and what your business needs to do to become and remain prepared, use this checklist:

• Do you have written policies covering employee theft, workplace violence, drug trafficking, and other criminal activities that might occur in the workplace?
• Do you check references and conduct background checks when hiring new employees?
• Are employees told to report any strangers they see in the facility or on company property?
• Are employees instructed never to lend their security badge, keys, access cards, etc. to anyone?
• Do you use surveillance cameras to monitor high-risk areas of your facility, such as loading docks, warehouses, and outdoor storage areas?
• Are keys and access codes or cards given only to company employees and only to employees who need them to gain access to their work area(s)?

Security risks aren’t likely to disappear; face this new reality and plan for it!

Our risk management experts would be happy to help you and your employees keep your business safe. Just give us a call.