Public entities today face an extremely challenging and complex risk landscape. From cyber hackers looking to steal sensitive data and freeze government systems, to greater social media scrutiny, liability issues surrounding the #MeToo movement, active shooter risk, natural catastrophes, heightened civil liability litigation, not to mention the current coronavirus pandemic that has forced the world into an induced coma – the list of exposures keeping public entity risk managers up at night goes on and on.
Effective risk management plays a key role in meeting and mitigating the emerging challenges that public entities face. To help risk managers, brokers and agents better understand the broad coverage needs, underwriting expertise, and risk management resources needed to fully address public entities’ complex exposures, Risk Placement Services (RPS) has published a free white paper entitled ‘Rising Risk in Public Entity,’ which is available to download here.
Current coronavirus situation aside, it has been a challenging few years for public entities. Bob Lombard, area president of RPS-PNP, a national program administrator for the public entity sector, told Insurance Business: “We live in a world that is constantly being videotaped by mobile phones and cameras. Any action taken by anybody from a public entity perspective is being scrutinized, especially when it comes to law enforcement, and that is driving the legal environment, claims and risk management concerns.
“Property insurance has been a nightmare for public entities in recent years. These challenges have been widespread regardless of whether it’s a coastal exposure, or it’s tornado, fire exposure, or earthquake – it seems like no state is immune. Plus, public entities are also subject to what’s going on in the greater world with respect to property insurance rates, and the ability to acquire adequate property insurance like they enjoyed three or four-years-ago.”
There has also been a significant uptick in cyber incidents involving public entities in recent years. Why? Because they often have the “perfect mix of large volumes of highly sensitive data coupled with […] inadequate budgets from an information security standpoint,” explained Steve Robinson, area president & national cyber practice leader at RPS. There’s also a general lack of education and training surrounding cyber hygiene, and some bureaucratic ownership issues around who is responsible for making sure data is protected in the way it should be. In a large city or municipality, for example, each department might have its own way of managing data, meaning there are often a lot of disparate systems and a lack of congruity when it comes to cyber security – two things cyber hackers are all too keen to exploit.
With ransomware demands exploding from the low thousands of dollars to six or seven figures, it’s time for public entities to place more importance on information security, according to Robinson. He said: “This should be spoken about and addressed by public entities in similar ways that they’re addressing other extremely important things such as sexual harassment, or active shooter or other things like that. These are all major issues facing public entities, but cyber tends to get put off to the side a little bit still when it can have equally catastrophic impacts on their budgets.”
You can learn more about public entity cyber liability by downloading this free whitepaper.
The challenges faced by public entities on a normal day are only exacerbated by the global COVID-19 pandemic. Public entities will likely suffer down the road because of the lack of tax dollars to support their services, which could lead to them being more heavily reliant on state government subsidies. According to Lombard, there will also likely be a push on the workers’ compensation side when physical distancing restrictions are lifted and people get back into work. Sometimes, people use insurance by the public entity as a means to recover their personal financial loss because they’ve been out of work, so public entities might see an uptick in claims (workers’ compensation-related or otherwise) that are false.
“As the coronavirus situation evolves, public entities need to step back and consider the basic definition of liability as it’s defined by the courts, which is that there’s got to be some form of proven negligence,” said Lombard. “Public entity risk managers have to focus on areas where they could be construed as negligent. For example, are they negligent in creating a social environment that allows more than X amount of people in a small location? They should think about limiting the amount of people that have access and they should increase online access to the typical daily services, like vehicle registrations, paying your property taxes, paying your parking registration, and so on, so that they can limit public interaction and reduce potential liability.
“Moving forward, public entities need to think about lessons learned from this COVID-19 situation in case we have a second wave of it. The insurance industry has a long history of changing policy language to react to claims that are emerging, and they have a tendency to be more restrictive in coverage during some of these times. So, risk managers for public entities need to ensure they address any coverage changes so that they remain adequately protected. And then, in our world, we may need to look at how we buy back that coverage for some of these entities, and how creative we can be with respect to offering that [buy back] to them at least as an option and doing our due diligence.”
There are all sorts of emerging risks for public entities to contend with today. Download this free RPS whitepaper to get up to speed on key risk and coverage considerations.