What NOT to Ask Employees or Applicants

written by Rebecca Gomez

The California Fair Employment and Housing Act (FEHA) prohibits employers from untitledmaking non-job related inquiries of employees or job applicants, either verbally or through use of an application form.

Employers are generally prohibited from making the following types inquiries:

  • mental or physical disability or medical condition
  • If the applicant has ever filed a workers’ compensation claim
  • Arrest (s) that didn’t lead to a conviction
  • Criminal conviction history [Unless a conditional offer has been made]
  • Minor marijuana offenses that are more than two years old
  • Salary history [including compensation and benefits]

While conducting background checks or running applicant credit checks is not prohibited, employers should use caution and ensure that they are not being used for discriminatory purposes and that are related to a business requirement.

In order to mitigate employment related claims, discuss hiring practices with your HR administrator and employment attorney. In California, Employment Liability Insurance (EPLI) policies exclude wage and hours claims; however, some carriers do provide a defense sublimit coverage.

Let us know if you have any questions regarding EPLI or would like us to provide a quote. We are here to help.

Do NOT Make This Safety Program Mistake!

training-3185170__340written by Rebecca Gomez

Having an effective safety program is crucial for creating a safe work environment and keeping workers’ compensation premiums low. Some employers have used a reward system (reward employees when there are no work-related accidents) as motivation to create a safe work environment. This can be a costly mistake. A reward system actually does the opposite. The reward system discourages employees from reporting injuries, which exposes your organization to liability and increases the cost and chances of repeated injuries.

There are other simpler and better methods to motivate your employees to create a safe work environment. The most effective way is to keep the topic of safety at the front and center and continually discuss safety to instill this culture in your work environment.

Here are some tips you many use to remind your employees to be mindful of safety:

  • Monthly or quarterly newsletters: Have each newsletter contain an article on a specific safety or wellness topic, and include a reminder of important company safety policies and emergency contacts.
  • Promote Employee’s involvement: It is important to make employees feel comfortable bringing concerns to their managers and it is important for the employees to feel confident that their concern will be addressed and taken seriously. Provide employees with a form on which they can document and report safety concerns.
  • Safety trainings: offer monthly trainings discussing safety or wellness. Be creative and get employees engaged. Promote employee involvement by asking various employees to assist in facilitating the trainings. Attendance to safety trainings should be mandatory

These are just a few ways to create a safe work environment without incentivizing employees to hide their injuries. A safer workplace can be established by continually discussing safety at every step, reviewing safety manual, and promote employee involvement.

Baker Romero provides our clients with free safety videos, articles, and brochures tailored to their industry and loss control/claims review.

Let us know if you have any questions regarding risk management or would like us to provide a quote for workers’ compensation. We are here to help.

Are You Ready for the New Year?

Be Prepared or it Can Cost You! 








As the New Year begins, it is important for every organization to review their risk management procedures by addressing any weaknesses to prevent potential accidents that lead to costly claims. One risk management tool to assist in mitigating the costs of claims arising out of your organization’s operations is to have adequate insurance coverage in place. Without proper insurance coverage, one lawsuit or a catastrophic loss can close down your operations.

While there are numerous insurance coverages available in the marketplace, the following are basic coverages that every organization should consider:

  • Commercial Property Insurance covers your building, personal property, and equipment in the event of a fire, theft, storm, and other perils outlined in the policy. Consider adding Business Interruption and Equipment breakdown coverages to the property policy. Make sure that you insure your buildings and personal property/equipment to reflect the replacement cost value [cost to restore or replace damaged property without deduction for depreciation]. The failure of adequately insuring your property (at least 80%) can result in a co- insurance penalty. Co-Insurance penalty reduces the amount of recovery that you may expect to recover if you under report the value of your Consider purchasing flood and earthquake insurance, since most property policies exclude damage or losses resulting from earthquake and flood.
  • General Liability Insurance provides coverage for liability claims from a third party (such as a client, vendor, visitor, etc.) for Bodily Injury and Property damage due to negligence. Most General Liability policies include liability coverage for Products/Completed Operations and Personal Injury (i.e. slander or libel).
  • Volunteer-Accident Insurance covers individuals who donates their work to your organization without pay. Coverage is triggered when those individuals are injured while performing duties related to the conduct of your business.
  • Workers’ Compensation covers the medical treatments, disability, and death benefits of employees who are injured or killed during the course of employment. In California, employers must carry worker’s compensation if they hire employees. It is imperative that every organization ensures their work environment is safe as claims history is one of the factors that determines
    Directors & Officers Liability and Employment Practice Liability Coverage: Coverage for Directors and Officers liability can be stand alone or coupled with other coverages such as Employment Practice Liability. It is important to read the policies terms, conditions, and exclusions of your policy and review the coverage with your attorney. It is also important to check if your policy’s defense limits is inside or outside the liability
    1. Directors & Officers Liability- the Board of Directors is ultimately responsible for the nonprofit organization. It is therefore important that they are informed of their legal liability, risk management program, and the organization’s insurance coverages. Directors and officers liability protects the individuals who serve on an organization’s board of directors against claims brought by employees, vendors, or other parties for alleged “wrongful acts” in the management of the organization. There is no standard coverage policy form. Therefore, it is important to read the terms, conditions, and exclusions of the policy. For example, the definition of “insured” differs among insurance
    2. Employment Practices Liability – Employment Practice Liability protects the organization against claims made by employees alleging discrimination, wrongful termination, harassment, and employment related issues. Most carriers do not insure Wage and Hour claims in California but some may offer a defense sublimit for wage and hour
  • Umbrella policy’s purpose is to protect your organization against a catastrophic liability loss. The Umbrella policy is a form of liability coverage protecting the policyholder for claims in excess of the limits of the primary General Liability, Automobile, or Workers’ Compensation. Umbrella policies may also include a few other liability coverages, such as: Professional Liability, Employee Benefits Liability and Abuse & Molestation.
  • Crime (Fidelity Bond) Insurance provides a source for recovery of funds embezzled by employees or volunteers. If your CPA or Bookkeeper is an independent contractor, make sure they provide you with proof of their insurance (General Liability, Professional Liability, Bond, and Workers compensation policies). If they do not carry their own insurance, discuss this exposure with your attorney, as most crime policies will not insure the acts of independent
  • Professional Liability Insurance coverage that indemnifies the insured for third-party liability claims due to negligence in the performance of professional services. Professionals include Doctors, Lawyers, Therapists, Social Workers, Engineers, etc. The Professional Liability coverage can be purchased as a separate policy or included under a General Liability policy form. However, most standalone professional liability policies are written on a claim made policy form. Therefore, be aware of the retroactive date listed on the policy.
  • Abuse and Molestation Coverage can be critical for social service organizations, especially those who work with children and vulnerable adults. There are no “standard” coverage form and before purchasing coverage make sure to read the terms, conditions, and exclusions carefully. Make sure to screen and supervise prospective employees and volunteers and review with your attorney to make sure your organization carries the adequate limits to protect your
  • Cyber Insurance is a special form of commercial insurance created to protect businesses against cyber (internet) risks, such as hackers and other breaches of computer system security. Also, check other insurance policies (such as General Liability and Directors & Officers) to determine if those policies carry cyber coverage, before purchasing a cyber policy. Claims resulting from cyber losses are on the rise and it is imperative to ensure that your organization has the proper controls in place to protect your data from a Most cyber policies are written on a claims-made basis, it is important to be aware of the retroactive date listed on the policy.
  • Automobile Liability covers organizations who use vehicles as part of their Company vehicles should be insured under a comprehensive commercial liability with limits high enough to protect the organization. If employees use personal vehicles for business, organizations should add hired and non-owned auto liability coverage to protect the business in the event the employee is in an accident.
Start the New Year off right by reviewing your risk management procedures. It is important that you review your current insurance coverages with your broker and attorney. Also, make sure your organization is in compliance by having your broker and attorney review your contracts.

Baker Romero offers an annual review of coverages as well as risk management and loss control services. Let us know if you have any questions regarding any of the coverages listed above or would like us to provide a quote. We are here to help and we wish you a happy and prosperous New Year.

**This article is intended only for informational purposes and not to be construed as legal advice.

Tips to Help Prevent Employee Theft

A recent report shows that the majority of employee thefts occur in small businesses burglar-157142_960_720with less than 150 employees. In most instances, trusted employees perpetuate employee theft.

The following are a few of the more common embezzlement myths, which fool administrators into complacency:

  • “Everyone who works here is a trusted employee.”
  • “Nonprofits rarely have to deal with embezzlement issues.”
  • “We are protected because the Audit will catch any embezzlement problems.”

Below are practical tips to help minimize employee theft within your organization:

  1. Establish best practices in the accounting department that include dual signature requirement or dual review of disbursements. There should be a separation in key business processes. Do not allow one person, including high-level employees, to have control over any function from start to finish.
  2. Provide training sessions for all employees to spot fraudulent activity and illustrate the damaging impact of fraud.
  3. Surprise audits are effective because fraudsters will not have time to destroy or misplace records.
  4. Thoroughly screen prospective employees (and volunteers) with a background check.
  5. If you contract with a bookkeeping service or an independent contractor, they should provide you with proof of their insurance including General Liability and Professional Liability.
  6. If fraud is suspected, immediately retain legal counsel to conduct an internal investigation. You should consider hiring a law firm with an expertise in embezzlement.
  7. Obtain the appropriate Crime Policy to protect your organization, as most liability and property policies will not cover employee theft. Make sure to carry high enough limits to protect your organizations’ crime exposure.

Crime policies (or Fidelity Bonds) can be purchased as a separate policy or included under the commercial business package. Crime policies require that you cooperate with the insurance company in the event of a loss. Proof of a crime usually requires a full investigation. A Crime Policy provides coverage for loss or damage of money, securities, or other property resulting directly from theft by an employee. Most policies exclude electronic data, unless covered by endorsement. Another option to consider is adding the Volunteer Endorsement in the event you hire volunteers to help in your accounting/bookkeeping department of if they handle funds.

According to the 2017 Hiscox Embezzlement Study, bookkeepers are the most common positions who commit theft followed by managers.  The most common embezzlement schemes include:

  1. Funds theft – employee takes cash or bank deposits, or employee transfers money into their own account.
  2. Check Fraud – Employee alters or forges check.
  3. Credit Card Fraud – Employee fraudulently uses employer credit card/
  4. Payroll Fraud – Employee uses payroll system to divert funds to themselves or family members.
  5. Vendor Fraud – Employee creates fictitious invoices.

A few warning signs of embezzlers include:

  1. Disgruntled employee.
  2. Diligent and ambitious employee who appears to be extremely involved in company matters.
  3. Employee with extravagant lifestyle.

Employers should not be complacent about instituting preventive measures. The reality is people steal from their employers work in an organization with an attitude of blind trust. Having strong internal controls and effective hiring practices will go a long way toward mitigating employee theft risks.

Call us if we can be of assistance or if you would like a quote for crime coverage.

**This is intended to be used for informational purposes only and should not be construed as legal advice. Consult with your attorney and CPA for advice on appropriate controls and policies. 

Risk Management Basics: Preventing Slips, Trips, and falls

Written By: Rebecca Gomez


One of the most common incidents that nonprofits face are slips, trips, and falls. These claims can be costly for many nonprofits and implementing an effective slip and fall incident prevention method will help prevent future claims and keep insurance premiums low. Your organization should establish a risk management policy that focuses on both prevention and procedures in the event an injury occurs. Some good practices include documenting the incident, collecting witness statements and any video surveillance (if possible). These practices can make a huge difference in defending your organization from fraudulent claims as well.

A basic “walk through” of your premises to find potential problems should be implemented daily. Below are a few tips to include in an effective slip, trip, and fall prevention risk management program:

  • Conduct a daily facility safety survey to look for common problems such as wet or greasy floors, loose mats, torn carpeting, bad lighting, clutter, cables or wires and uneven surfaces.
  • Immediately attend to any problems by putting up warning signs and/or closing an area off and taking steps to eliminate the hazard.
  • Maintain all floors and walkways on a consistent basis, using the recommended cleaning products and methods. Fix all uneven surfaces if possible by recoating or leveling the floor. You should mark or illuminate areas that cannot easily be leveled.
  • Train your employees and volunteers in slip and fall safety, and establish guidelines on how they should report problems and respond to customer injuries or hazardous situations
  • Make sure you have secure handrails for all stairs and balconies.
  • Take care of your outdoor areas, including sidewalks and parking lots. Potholes, snow and ice all create potential problems.
  • Additional or dry replacement entrance mats should be available on site during wet weather.
  • Document all of your efforts by keeping records of your daily safety inspections and any maintenance work to improve walking and working surfaces.

Best practice is to have a written policy in place and to train managers, employees, and volunteers on all safety procedures. Safety is everyone’s business!

Your organization should also have a written incident report form to document any such events. It is every employer’s responsibility to provide a safe environment. Be sure you are doing all that you can to recognize and reduce the risk. Slips, trips, and falls have the potential to be a major cause of injury for your employees, volunteers, vendors, and visitors. Be Prepared.

Let us know if you have any questions or would like more information. We are here to help.

Back to Basics: Cyber Risk Management and Your Employees

By Rebecca Gomez

cyber lock

Addressing cyber security risk management procedures to all staff is critical to every organization. A recent report indicated two-thirds of all cyberattacks against organizations (large and small) result from employee negligence or malicious activities. The same report also indicated that external breaches only caused about 18 percent of cyberattacks. Human error, according to many studies, is the leading cause of cyber-attacks. Therefore, administrators and employees need regular training on how to identify and prevent cyber-attacks.

Minimizing cyber threats requires a cyber security plan that includes effective policies and procedures that account for legal compliance and data protection. These policies should include (not an exhaustive list):

  1. A bring your own device (BYOD) policy: governing whether or not an employee can use their own device to conduct business and the circumstances that deem whether or not personal cell phone use for business is appropriate.
  2. A password policy requiring the use strong and unique passwords that change at least every 6 months.
  3. Personnel policies that enhance security
  4. A network tracking policy requiring regular monitoring of network traffic for evidence of suspicious access.

Organizations should also have an incident response plan in place which outlines how a company will respond to suspected events. Implementing an incident response plan will help your organization to quickly investigate and remediate cyber-attacks. It will also outline the leaders of the response team and their responsibilities implementing the response plan.  The board of directors should be informed of the organizations cyber security program and exposure, as they are ultimately responsible.  Brown & Streza offers a unique proactive approach to a Data Security Breach plan that can help your organization prepare in the event of a breach.

Cyber Risk Insurance should be considered as part of your risk management plan (and not your only plan). A Cyber Risk Insurance policy can offer nonprofit organizations with affordable protection. There is no “standard” cyber policy form and administrators should review their cyber policies to understand what coverage their policy provides. Most standalone Cyber policies offer forensic investigation coverage, system restoration costs, defense and indemnity costs associated with litigation resulting from the loss of personal information, or other sensitive data and defense costs and penalties associated with regulatory investigations. Most General Liability policies now exclude coverage for cyber-related claims.

Please let us know if you have any questions regarding cyber risk management or would like us to provide you with a quote. (see attached application)

Does Your Organization Have a Robbery Prevention Strategy?

downloadBy Rebecca Gomez

Crime is a continuous problem for many organizations. Several studies have proven the direct correlation between available cash and likelihood of a robbery. The best strategy an organization can have to prevent robbery is limit the amount of cash available. This strategy will not only reduce the likelihood of a robbery but will also reduce the possibility of employees or clients injury that can result from a robbery. Organizations that have retail operations are especially vulnerable to robbery.

To protect your organization, administrators should implement a robbery prevention program. The Occupational Safety and Health Administration (OSHA) developed a set of questions that can help administrators assess their exposures to a potential robbery. These questions include:

  • Is cash on- hand or in cash drawers kept at a minimum? Interviews with robbers have indicated that when the amount of available cash drops from $100 to $50, fully half the robbers lose interest in the store as a robbery target.
  • Is cash, especially large bills, removed from cash registers and deposited in drop safes?
  • Are signs posted noting that only limited cash is available and employees do not have access to the safe?
  • Is cash transferred to the bank regularly, but not on a set, predictable schedule?
  • Has consideration been given to using an armored car service or having a guard accompany bank messengers (especially for night deposits)?
  • Has consideration been given to closing the business at night, especially if other neighborhood businesses close? Robbers prefer targets that allow them to escape unseen.
  • Are posters and displays, which obstruct the view into the premises or block the employees’ view of the outside areas, not placed on windows?
  • Have employees been advised to observe and report suspicious persons?
  • Have employees been trained in procedures to follow during and after a robbery?
  • Have employees been advised not to take any actions that, during a robbery, could jeopardize personal safety?
  • Are “buddy” procedures used for opening (such as one employee waiting outside while another searches for the premises) and closing (having one employee leave and go to the safety of a car before the other employee locks up) the business?
  • Without conflicting with life safety code requirements, are side and rear doors kept locked at all times? In some robberies, access is gained through the side or rear door.
  • Are security devices, such as holdup alarm systems and closed circuit television, provided and employees trained in their use? If a holdup alarm is provided, employees should be advised not to attempt to actuate it while the robber is on the premises.

Being proactive is an effective risk management strategy to prevent your organization from becoming victim to crime.  If you would a quote for crime coverage or have any questions, please contact our office. We are here to help.

Managing the Remote Worker

Is your organization considering telecommuting for its employees?  Perhaps you allow your office to telecommute from work once a week and are considering extending from one day to a full work week.  If your organization is considering offering this option to your employees you will still need to consider and implement a risk management programs for remote employees.

Here are a few things to consider when implementing a risk management program to your organization.  These tips were provided by Melanie Lockwood Herman, Executive Director of the Nonprofit Risk Management Center.  As a client of Baker Romero & Associates you have access to their policy creation forms and to their webinar vaults.  Contact us for more information. We are here to help.


Wrangle Remote Worker Risk
  •  Prevent Overload with Work Hour Boundaries – Whether your staff members are Millennials, GenXers, Baby Boomers or a mix of these and other generations, remember that team members prize a boss who cares about their wellbeing. Research on tele commuting suggests that many–if not most–office workers telecommute by taking work home and answering late night business emails, even after putting a full day in at the office. Make it clear that you do not expect regular after-hours work, and that your nonprofit’s commitment to ‘work life balance’ is real, and not imagined. To reinforce your policy on after-hours work, be as kind to yourself as you are to your direct reports.
  •  Use a Communications Lasso – Some remote working arrangements fail because far-off staff members are left out and become disengaged. Resolve to make your communications loop a powerful lasso that will reach around the entire team. When in doubt, include all staff in communications, from meeting plans, to out-of-office and vacation schedules. Share and share again.
  • Embrace File Sharing – Just as communications should flow freely, so should materials that represent works in progress and finished products. There are a number of tools for easy sharing, such as Dropbox and Google Drive. At the Center we adopted Dropbox as our file saver/server and realized a substantial cost savings and immediate benefit to teamwork. As Dropbox syncs and updates our files, we’re made aware of what others are working on. This helps us offer timely support–or give needed space–to our colleagues.
  • Update your Nonprofit’s Staff List – During a recent site visit to a client we learned that the staff directory wasn’t made available throughout the organization. Some staff told us that despite being employed for a year or more, they still don’t know the names of colleagues in nearby departments. Obscuring staff names, roles, locations and contact information squashes potential collaboration, and fertilizes the seeds of paranoia and discontent. Resolve to keep your staff list or organizational chart–with relevant contact information, time zones and photos–up-to-date and available to staff at all times.
  •  Get Ready for Your Close Up -If you’ve ever suggested video conferencing for staff or client meetings, you’ve probably witnessed a few negative reactions to the idea. Some staff may resist video conferencing due to their lack of familiarity, while other staff may simply dread their ‘close up’ digital encounter with others. Despite society’s growing comfort with FaceTime for personal video chats, many professionals dread video conferencing, although they welcome face-to-face meetings. According to FOXDEN, an online meeting platform powered by ReadyTalk, “The best form of communication, especially for tough conversations, is face-to-face. With a face-to-face meeting, you can see reactions. You can hear tone and see body language. That’s why it’s the go-to choice for savvy communicators. CEOs, HR personnel, and more use this tool to give feedback and get buy-in.” (Source: FOXDEN powered by ReadyTalk). When face-to-face isn’t possible, video conferencing is the next best thing–offering relative intimacy and the nuances of communication described above. Help your staff members realize the benefits of video conferencing, and after a few tries, they might warm up to it. Another key benefit is the increased opportunity for telecommuters to feel connected and build collegial relationships through video conferencing, which might never happen if the relationship is relegated to email.

As the world turns, our missions, operations, and our work environments must turn as well, to remain relevant to our staff and service recipients. Keep up with the modern age by offering your staff the option to telecommute, and by embracing technology and communications innovations that support that work style. You might find that staff members who can choose their work environment become happier and more productive employees, who respect you for measuring their performance based on their work–not their schedules or time spent at their desks.


*Intended for informational purposes only.  Consult with your attorney or HR professional

What to Consider When Terminating An Employee

Before the decision is made to terminate an employee, there are a number of issues an Employer will want to consider. With employment related litigation on the rise employers should be aware of the issues at stake. Attached is information about termination issues you should consider from Shannon Jenkins, esq. at Tredway, Lumsdaine, & Doyle, LLP. Click to review the checklist

Note that most General Liability Insurance will not cover employment related lawsuits. Consider purchasing an Employment Practice Liability Insurance (EPLI) to protect your organization against costly litigation. There is no standard liability insurance policy form. You need to review and understand the terms and conditions of the EPLI policy. Call us for more information.
~This is for informational purposes only and should not be construed as legal advice. Consult with your attorney and HR Professional for advice on appropriate controls and policies

Protect Your Organization: Cyber Risk

Protect Your Organization: Cyber Risk 

By: Rebecca Gomez

“A company’s cybersecurity is only as strong as its weakest link“-Nicole HungDow Jones News Service 2015

According to a recent article in Rough Notes (March 2014), cyber-attacks against smaller businesses (with fewer than 250 employees), have increased significantly over the past two years. Criminals have learned that small businesses have valuable data and is relatively easy to get because often small business owners skimp on security measures. A company which obtains confidential information (Social Security Numbers, Drivers’ License numbers, bank account numbers of employees or clients, etc.) carries a significant cyber risk exposure when they rely on a computer network, allow laptops or access to their network from a remote location, and/or provides online access to sensitive data.

A more recent report by The Dow Jones News Service indicates that employee error is one of the most common reasons for data breach at companies. For example, an employee can make a mistake by accidentally sending an email with sensitive information to someone outside the company. According to the article, thirty percent of breaches have occurred as a result of employee error. Another reason for a data breach is when third parties send spam emails designated to trick employees into giving their personal information.

There are many misconceptions when it comes to Cyber Security, below are just a few examples:

  • “I’m a small organization so I am not a target for hackers.”
    Statistics show that breaches affect organizations of all sizes. In fact, Organizations under 100 employees accounted for thirty-one percent of the breaches in 2013, according to the Verizon Data Breach Investigation report.
  • “I outsource my data to a 3rd party vender (data center/cloud provider).”
    Most data centers/cloud providers do NOT accept liability in their service agreements. Check your contracts.
  • “My IT security is top notch.”
    Even the most sophisticated IT security systems cannot protect against human error or intentional acts of employees. This is not just an IT issue, but an issue for other stakeholders within an organization (HR, Finance, Operations, and Board of Directors).
  • “My funding sources do not require that I purchase cyber coverage so it must be covered under one of my other policies.”
    Most commercial General Liability and Property policies will not cover data loss suffered by a non-profit because electronic data is excluded from most policies. Some insurance companies are now adding limited coverage to their policies.

The following are a few basic tips for businesses to protect themselves against cyber criminals:

  1.  Continually train employees in security principles
  2. Protect information, computers, and networks from viruses, spyware, and other malicious code
  3. Provide firewall security for your internet connection
  4. Make backup copies of important business data and information
  5. Secure your Wi-Fi networks (make sure that it is secure and hidden)
  6. Regularly change passwords and make sure they use strong passwords that will not be guessed easily (such as “1234” or “password”)

What security measures does your organization have in place to protect your data from a breach?

Do you have a Crisis Management plan?
Who is going to deal with the regulatory requirements?

Review/ Update H.R. Policies:

  • Document Retention:
    Having a document retention policy and procedures in place to properly discard and destroy files containing Personally Identifiable Information (PII)
  • Equipment Usage
    Develop an effective E-mail and Internet User Policy. Employers should monitor use of system and devices to maintain the policy’s integrity. Employers should consider requiring employees to acknowledge in writing that they have received and reviewed these policies and procedures.
  • Bring Your Own Device (B.Y.O.D.)
    There are risk management concerns when employees bring their own devices (smart phones, laptops, tablet) for business use.Employers can fail to protect organizational data by:Losing a device that contains sensitive data. (employee error), Exposing the business’ network to malware located in the employee’s device
    Retaliating against the organization by destroying essential data (Employee intentional act).Develop a B.Y.O.D. policy that outlines which devices and operating systems the organization will support and require all devices to be accurately password protected. Determine which functions employees can access from their personal devices (email, word documents, etc.)  Note that some Cyber Liability Insurance excludes B.Y.O.D. claims.

Cyber Insurance

A special form of commercial insurance created to protect business against cyber (Internet) risks, such as hackers and other breaches of computer system security. However, there is no standard policy form for Cyber Insurance, so look for a policy that provides broad and comprehensive coverage and includes Crisis Management Services.

Cyber Insurance should be considered part of your overall risk management plan.

If you have any questions regarding Cyber Insurance please do not hesitate to ask.