Marijuana is one of the hottest topics being discussed today. Currently, 24 states and the District of Columbia have legalized medical marijuana in some form and four states and the District of Columbia have legalized the use of recreational marijuana. However, due to these changes in legislation in many states, employers are left feeling hazy. Often, employers are unclear about whether they can still enforce a drug-free environment. That answer depends on where you live.

Under federal law, marijuana remains illegal and is classified by the Controlled Substances Act as a Schedule 1 drug. For that reason, employees cannot find federal protection for medical marijuana use under the Americans with Disabilities Act, which has an exception for “illegal drug use.”

Each state law is very unique. A majority of states do not address medical marijuana in the workplace and courts have been reluctant to provide these employees any protection against termination. In at least nine states (Arizona, Connecticut, Delaware, Illinois, Maine, Minnesota, Nevada, New York and Rhode Island), the medical marijuana statutes specifically provide job protection to employees who use medical marijuana. The specific state protections range from classifying medical marijuana as a “disability” and triggering the interactive process and possible reasonable accommodations to allowing an employer to enforce a zero-tolerance policy and discipline a medical marijuana holder for violating that company policy.

The most recent case attempt to find protection for employees in the majority of states that do not provide specific protections in the statute was the case of Coats v. Dish Network, LLC. The Colorado Supreme Court held that the Lawful Use Statute, a statute intended to protect workers who engage in legal activities during non-work hours that are not condoned by their employers, did not protect medical marijuana users. Marijuana remains illegal under federal law, without any exception for medicinal purposes, or any express allowance for a state to legalize it for any such purpose statute, and thus was not a “lawful” activity.

If you receive notice of a failed drug screen and your employee presents a medical marijuana card, do you know what to do? To clear the haze, work closely with the risk management, insurance and legal teams to ensure that policies and procedures comply with your specific state law and your options.

Maintaining clear policies and procedures is the most proactive way to address this emerging issue. Examine drug testing policies, any drug-free workplace rules, whether there is federal oversight on any of your operations or you have safety sensitive positions.

When you decide on the plan that is right for your public entity, ensure consistency by publicizing the adoption of the policies in your personnel manual or employee handbook.

For more information, the PRIMA Cybrary may include sample policies in which risk managers can refer to as a resource.

As a risk manager, you rely on “numbers” for many aspects of your job. You assume that numbers tell the story. You might think that numbers don’t lie, but actually they can.

I have found over the years that numbers generated by trustworthy people and institutions don’t really lie by themselves, but that their interpretation can often be misleading. Let’s look at a couple of examples.

One of my favorite running backs had what looked like a great game recently. He averaged 7.6 yards per carry, while both the rest of his team and the opposing team averaged about 3.5. Way to go! Well, only if your measure of “average” is the mean (the arithmetic average). Had we looked at an alternative measure of central tendency such as the median (the middle-most score), we would have concluded the opposite: his median performance was only 1.6 yards per carry, but he did have one (lucky?) 70 yard play? Awesome day or terrible day?

The mean - median argument impacts on almost everything we look at in disability. Historically, we almost always look at the mean, but keep in mind when looking at, for example, disability durations or costs, that a few individuals at the extreme end of the distribution will have an outsized impact on the mean but not on the median (with medians, every “person” is a data point, whereas with means every disability day or every dollar is a data point). So, “average” disability durations and costs are invariably much higher when reporting means than medians. So, which is right? Both and neither, depending on your interest or your customer’s interest. I personally always like to look at both to get a fuller picture.

One other example. Do you ever use Uber or Lyft? If so, after each ride you are asked to rate your driver on a 5-point scale, and the driver also rates you. Have you ever seen any driver with a rating below 4.8? Drivers will practically beg you to give them a 5, crying that they would lose the job if they average (mean) less than around 4.7. So, what do we do? Unless they end up in an accident, most people will just give a 5 and hope that the driver rates them likewise, and everybody is happy. But what about the 5-point rating scale? It’s a fake, it’s actually a 2-point scale (acceptable / unacceptable), but using a 5-point scale allows the use of a number manipulation (calculating the mean) that gives an outsized impression of quality (my driver averages 4.95, he / she must be awesome!). The scale used to present numbers is important, and it can be misleading.

Sometimes the underlying scale changes over time– a bit like moving the goal posts, which makes comparisons between numbers questionable. Numbers can be very useful, but they can also be manipulated to mislead you. Always be skeptical, and make sure they tell you the real story. One useful strategy is to ask yourself: Is somebody trying to sell me something with these numbers? If so, is there some other way I could look at the underlying data?

With tightening budgets and pressure to remain staffed, many public sector risk managers have taken an industrial athlete approach to their workers’ compensation programs. The term “industrial athlete” refers to any employee who makes a living using mental and physical talents to perform their job every day. These occupations frequently require strength, flexibility, coordination and endurance, just like a professional athlete. In municipalities, it is easy to determine who might fall into this category: police, fire, EMS, and corrections employees. But, even within the public sector, there are others who customarily exert themselves as part of their essential job duties. Consider school bus drivers – they have to climb stairs, have quick reaction time on the road and aid students who are unable to get in and out of buses.

Savvy risk managers consider their employees (such as deputies, firefighters and school bus drivers) industrial athletes, investing in strength training, setting expectations with medical providers and preparing for unavoidable injuries by setting protocol for prompt treatment and recovery. The outcome of these programs has resulted in fewer lost work days, lower claims frequency, and improved employee-employer relationships throughout the claims process, with a focus on the employee's well-being.

Elite athletes have robust and disciplined training programs to prepare them for the pitch, field or pool. When injured, there are protocols for getting the athlete back to health and minimizing absence from the playing field. However, not every employee in the public sector can conduct rehabilitation at an elite level. We can bring these concepts to the industrial athlete in the public sector. Leadership buy-in is crucial to the success of an industrial athlete program – and leaders love data-driven results. By demonstrating the effectiveness of the industrial athlete model on lost work days, you can help prove out ROI.

In 2016, with tightening budgets and temporary indemnity costs on the rise, one public sector client determined that a change needed to be made in their program to lower costs and remain suitably staffed to serve their constituents. Working with state and union leaders, the risk manager instituted an industrial athlete program, clearly defining light duty programming and expectations across departments, resulting in a 9% reduction on benefit days over the previous year. On average, the new model shaved 51 lost work days per 10,000 employees.

Once a light duty program has been implemented, the next step is to coordinate with the managed care provider to ensure that employees are directed to providers who have the best outcomes for return to work. Working closely with the medical community, and reinforcing a positive mentality regarding capability of the injured worker, the focus shifts from what the injured worker can't do to what they can do. By drawing the focus to the injured worker's capabilities, rather than restrictions, the organization is able to provide light duty tasks.

By establishing a philosophy that the occupational injury team is able to assist the employee to a recovered state through early medical intervention, understanding the return to work program, and supporting the employee post-recovery (and even pre-injury), public sector risk managers will successfully implement the industrial athlete model.

The primary objective of an ERM program is to make risk management an integral part of organizational strategic and business planning processes, as well as a regular part of decision making. ERM provides a framework for using quantitative and qualitative information to evaluate risks and opportunities. ERM can also help transform the organization’s risk culture from risk averse to risk optimized.

An ERM program can demonstrate value right away by broadening the conversations about risk. Beyond operational or insurable risks, ERM identifies risks and opportunities in various areas such as reputational risk, strategic risk, compliance, workforce and safety risks. These risks can be prioritized and evaluated in an Enterprise Risk Register. It can take the form of a heat map displaying significant challenges and opportunities. It’s a way to gather data to assess the risks and document countermeasures.

To ensure the Risk Register reflects the broader goals of ERM, the risks identified do not need to have a significant loss history or the protection of an insurance policy. For example, the risk of inadequate succession planning can be a high priority risk on an Enterprise Risk Profile. There is no significant loss activity associated with it, but the operational and strategic risks are clear – loss of institutional knowledge. There is also opportunity to be gained from retirements. An opportunity to increase diversity, to have the workforce reflect the community served and to find new and innovative ways to serve customers.

ERM is similar to traditional risk management when it comes to risk assessment (identify, analyze, select, implement, monitor). However, ERM aligns to the organization’s mission and objectives, and takes into account the amount of risk that leaders are comfortable taking. There are many helpful tools to reconsider how to think about risk. One such tool is the Risk-Value curve, which comes from the Consortium for Advanced Management International. It depicts the relationship between risk and value along four zones. In the first zone, risk is low but so is value. This area shows that too much emphasis is placed on mitigation and avoidance of risks. An organization that makes decisions in this zone is inefficient, prioritizing compliance and risk mitigation over opportunity and value creation.

In the second zone, risk is optimized. The organization is taking on risks up to its tolerance level and maximizing value. Once the high point of the curve has been passed, organizations are in a high risk-interaction zone and key risk indicators become extremely important. In the last zone, the organization may be in crisis mode and should actively seek risk management tools (insurance, crisis management, public relations) to pull itself out of the crisis and into a more optimized zone. Decisions need to be quick and creative.

Focusing on risk and value together starts to change attitudes about risk. Conservative behaviors around risk aversion and mitigation transform into a balanced and informed risk-taking culture. This can be the beginning of a risk culture change: attitudes shape behaviors which form culture.

ERM can help shift an organization’s risk culture away from risk-averse decision making by providing the tools and support for balanced risk taking. In this way, ERM can help an organization to meet objectives and make progress toward its mission.

Diversity issues or employee relation issues (among people who are different) typically involve two people. The perpetrator or the initiator of the behavior is one party and the target or the receiver of the behavior is the second party. The diversity issue or incident (sometimes it is one “moment of truth”) is defined as a behavior, an action, or a series of behaviors (a pathology or trend) that one party (the target) feels or concludes based on the initiator’s behavior(s). The target may interpret the initiator’s behavior(s) as wrong, inappropriate, disrespectful, discriminatory or illegal.

First – We Don’t Know the Intentions of Others

We all mean well. I never question the intent of any person’s actions. We actually don’t know the intentions of the other person but we assume their intentions based on the behavior we see, how we react or the kind of relationship we have with the perpetrator. This is the first mistake. We should look at the behavior(s) in question and only the behavior(s). Looking just at the face value of the behavior is a good start.

I tend to focus on the actual behavior and how that behavior might affect or influence other people. In other words, I focus on the impact the said behavior(s) has on other people. The consequences of any action, how the behavior might be received or perceived or experienced, is what I tend to scrutinize.

Second – “I Didn’t Mean It”

I find too many people will get defensive when the target confronts the perpetrator about the behavior(s). The perpetrator typically responds with, “I didn’t mean it the way you took it.” Often, in my travels, people don’t want to be held accountable for their actions. Unfortunately, this does not take the “sting” out of the behavior(s). What matters is what you said, not what you meant.

What Is Appropriate?

Don’t take it personally – apologize for your comment. Don’t try to avoid your responsibility – step up to the plate. Don’t focus on your intentions – no one knows your intentions. Try to put yourself in the target’s shoes and understand their feelings. Put your feelings aside. This is not about you – the perpetrator – this is about the target. Try to empathize with the target. Apologize and ask the target to always come and share with this person their feelings whenever they feel wronged. You want to be perceived as humble, approachable and “bigger” than any one incident. What you don’t want to do is seem defensive or stubborn. Reach out! This may be the wakeup call that you need to improve the relationship. Misunderstandings are more likely to arise among strangers or people who have strained or weak relationships.

A statement of values (SOV) is a declaration to insurance providers indicating which properties your entity intends to insure. For risk management professionals concerned about property risk exposures, an up-to-date, accurate SOV is critical.

Maintaining basic information and insurable values alongside detailed property data can help ensure your organization is receiving the proper insurance coverage at the best rates. Here are three ways you can ensure your SOV is working for you.

The Value of Basic Building Information

An SOV must include at least a name, address, square footage, occupancy and replacement cost for each property listed. To help ensure you are properly insured, there are a few things you can look for among this basic data.

At the highest level, make certain that all properties you wish to insure are reflected on your SOV and the properties you no longer wish to insure are removed. You’d be surprised how often these scenarios occur.

Taking a deeper dive, it is worth examining your data for replacement costs which are really low or really high as well as square footage numbers which are rounded significantly. Having erroneous information in these fields may mean you are over- or under-insuring your property.

ISO Construction Class Matters

ISO Construction Classifications correspond with the combustibility of a building. Two important factors in determining a building’s ISO Construction Class are the material used in the construction of the building and the amount of time a passive fire protection system can withstand a standard fire-resistance test.

Providing an underwriter with a building’s ISO Classification allows them to better estimate the potential for and the amount of damage that might be caused by a fire. In a building with a classification of 1 (Frame/ Combustible) a fire will spread more quickly and damage more of the building than in a building with an ISO Classification of 6 (Fire Resistive). Pair that with additional COPE (Construction, Occupancy, Protection, Exposure) data like nearest fire hydrant and an underwriter can really get a true picture of your fire-related exposures. Buildings which are less susceptible to damage from fire can be insured at a more favorable rate than a building which may sustain more damage.

Collecting Secondary COPE Data Can Help

COPE data includes characteristics such as type of construction material used, number of stories, fire protection and more. Secondary COPE characteristics relate to the building’s susceptibility to damage from windstorms or seismic activity. Both COPE and secondary COPE data help present the likelihood that an organization will experience losses due to a catastrophic event and quantify the potential property losses. In the absence of this data, some insurers and catastrophe modeling programs automatically assume a worst case scenario.

For example, providing underwriters with data like roof pitch, presence of roof straps, details about windows and presence of objects that may become missiles help these modeling programs better understand the likelihood that your building will sustain damage in the event of high winds. As with ISO Construction Class, buildings which are less susceptible to damage from windstorms or seismic events can be insured at a more favorable rate than a building which may sustain more damage.

In addition to helping secure the right insurance coverage at the best rate for your organization, an accurate statement of values supports informed decision making, provides proof-of-loss documentation, gives you more insight into your risk exposures, and can help speed up processes like renewals and claims.

In a world full of constant connectivity, the potential for risk continues to be on the rise. That’s why reactive response is no longer enough. Think about it: In this day and age, a simple photograph captured by cell phone at an inopportune moment can make or break a business.

Fortunately, there are proactive ways that organizations can deter risk from even happening. Here are the top 3 reasons why proactive tools are the new reactive solutions:

Anonymity is the leader - In the risk mitigation space, there are a number of tools in place that allow people to speak up when something may be wrong so that the situation at hand can be course corrected before it turns into an emergency. Anonymity is an important factor in the risk mitigation space because people share what they see more often when they do not fear retaliation or retribution.

While anonymous reporting is really the minimum threshold you need to get people to report, it can be flawed because there is no way to get more information. How many reports have you seen go to the “dead” pile to never return? Anonymous reporting that allows for anonymous two-way communication solves this issue as it allows for you to ask more questions and get answers so you can take action quickly.

Modern devices are king - Did you know that most people sleep with their phones within reach?* Whether we like it or not, we are a mobile-first society and as a result, it’s easier for people to reach for their phone to communicate than to meet face-to-face. That’s why mobile apps are becoming a quick and easy proactive risk mitigation tool.

While hotlines and web forms are still in use and provide value, the percentage of people who abandon reporting an issue via those formats far exceeds those who take advantage of it.

With so many tools having mobile integration as of late, it allows people to say something when they see something happening to themselves and others. When it’s easy for people to report--such as through a mobile app--it provides a seamless experience with little friction.

Incident Management has never been easier - Gone are the days of manilla folders and stacks of paper. Cloud-based incident management is how risk is mitigated proactively because situations are automatically visible for you in one system with paper trails categorized for you automatically. A cloud-based system designed to reduce your time monitoring and managing incidents reported is key.

Additionally, tools available to improve interdepartmental communication and make incident data available to admin users is a key component to being proactive.

At the end of the day, we need to find ways to make the connected world that we live in work harder for us and proactive tools are the answer. With screens and automation at our fingertips at every turn, this is clearly the way that we, as risk mitigators, can modernize the way that we work to our advantage.

I attended the 2019 Annual PRIMA Conference in Orlando, FL, from June 9th through June 12th as a student scholar. In attending this important professional conference, I had the unique opportunity to further my public risk management education through interactive sessions and workshops, as well as networking with experts in the field. As a result, I was able to learn more about the challenges risk managers face today.

This conference offered over 55 educational sessions focusing on numerous areas of the public risk management field; such as risk control, safety, leadership, workers’ compensation, employee benefits and human resources. As a human resources management and finance double major, I enjoyed having the opportunity to explore the different areas of risk management. My favorite session that I attended was “Workers’ Compensation: Building Relationships,” presented by Dan Hurley and Brad Wilson. This session discussed best practices while determining whether a claim qualifies for workers’ compensation. The speakers did a great job stating a problem, using real-world examples and following up with practical solutions. It was particularly important to me as a student that they gave examples and solutions because I was able to understand the subject on a deeper level.

There was a keynote speaker presentation each day at the conference. The first keynote presentation was about engaging millennials and improving retention rates within the workplace. The second discussed the importance of risk managers being aware of diversity and inclusion issues. The third included a panel of experts that spoke about a public risk management emergency that happened in their entity, what their response was, what they learned and policies currently in place to help mitigate the reoccurrence of a similar situation in the future. I enjoyed each one of these keynote presentations and valued what they all brought to the table.

PRIMA offered a lot of great chances to network directly with public risk management experts, including the PRIMA board, keynote speakers, risk and insurance consultants, attorneys and more. As a student scholar, I had access to two mentors throughout the conference. They were both experienced risk management professionals and avid conference attendees. They helped guide me with regards to which education sessions to attend and served as a resource I could go to with any questions I had. Our mentors were particularly beneficial because they knew my background and interests and were able to introduce me to other professionals that might have similar interests. This extra help really strengthened my networking experience. Everyone I met was very welcoming and shared insightful thoughts and examples about their experiences within the field.

I believe the conference theme, “Think. Share. Transform.” was accurately reflected through collaboration and learning opportunities at the conference. I was able to return from Orlando with better knowledge and understanding.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

As healthcare evolves, public entities are looking for new programs that promise savings and improved outcomes. However, if a change is initiated but poorly managed, it can have a detrimental effect—disrupting members’ access to care. It’s essential to consider the following best practices to ensure a change goes smoothly with minimal disruption:

A plan to track and manage tasks. Every significant change requires a project plan that outlines each action that’s required to implement the change successfully. This project plan should indicate who will be responsible for each activity, the sequence in which these tasks must be completed (with specific start and end dates) and any related dependencies. The project plan must also include critical checkpoints to ensure tasks are completed in a timely manner and that the project as a whole is on track.

Careful consideration for customizations. It’s important to consider and incorporate any unique factors into the project plan. For example, a public entity may have special requirements for managing member eligibility and getting this information to the plan administrator. This data may come from a payroll vendor, a previous administrator, paper-based enrollment forms or a combination of the three. You must flesh out unique requirements first and then incorporate them into the planning to ensure a successful transition.

Weekly meetings with all stakeholders. Communication is critical when implementing a change in health benefits. Public entities should consider hosting weekly meetings to review the status of the overall project. All relevant departments should be present during the meetings, including IT, HR and member services. These meetings help facilitate transparency regarding the overall status of the project. If issues arise, all parties can discuss them openly and agree on a mitigation plan. A weekly meeting cycle will ensure forward momentum toward project completion.

Communications playbook. Public entities should also consider developing a communications playbook, which would outline strategic touchpoints with members throughout the change-management process. Organizations can outline how they plan to keep members informed as the implementation moves forward. For example, when open enrollment nears, employees must understand how to use the enrollment system and where to access information on plan options. A welcome kit might include the member’s ID card, coverage details and information on how to login to the portal for the health plan. The process of building out a communications playbook can also spur discussions on what communication strategies work best with the public entity’s workforce. Some tactics may be more successful than others—for instance, email notifications may resonate more with younger, tech-savvy employees. The more detailed the playbook, the more effective it will be.

Managing Change into the Future

Change is inevitable in health benefits; especially as innovative programs emerge to help employers control rising healthcare costs. Introducing a change can be daunting for public entities, so you should have strategies in place to help navigate the changes that are made.

Best practices can standardize the change-management process. The result is public entities will be able to reap the benefits of savings, while providing improved care and an enhanced experience for their employees.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

Medical costs are expected to grow again in 2019 at a rate that will outpace inflation. As a result, many public entities are being pressured to consider new and innovative approaches to their health benefits. This type of change in strategy can help them achieve both quality and affordable care. However, organizations must also ensure that the value to employees will far outweigh any risk or disruption the change will bring. Here are three good reasons to consider such a change:

1. Reducing total health plan costs. Today, many public entities have self-insured their health plans for greater control over costs and quality. They can further reduce healthcare spending by identifying plan members who incur high medical costs and offer them the types of services that will help them address their specific medical needs. For example, members who have diabetes often incur high-cost medical services, especially when they’re not properly managing their diet and exercise. Public entity health plans can monitor members who are diabetic and promote regular HbA1c testing. For diabetic members, the higher an HbA1c, the greater the risk of developing costly complications. Those who aren’t measuring HbA1c levels or those who have high readings could receive disease management coaching and case management services – this is an example of a sensible change that could be instituted.
2. Improved experience for plan members. When public employees receive quality communications from their public entity health plan and they have access to concierge-level customer service, they don’t need to run to HR departments with questions and concerns. Public entities who self-insure their health benefits may consider switching administrators. They want a partner whose representatives are well trained in every aspect of their health plan and have the expertise to answer any and all questions from plan members.
3. Improved transparency. Public entities are also looking for transparency into how their health plans are performing. There are many analytics and reporting tools available today, but not all of them have the same sophistication and capabilities. Public entities may want to make a change to ensure they have access to real-time data, as well as the ability to identify high-cost claimants, compare employee populations with national standards, and forecast outcomes. All of these functions can significantly improve how public entities manage their healthcare spending.

Savings opportunities, an improved employee experience, and improved transparency are all compelling reasons to introduce a change to your health benefits. In Part 2 of our Change Management series, we’ll review best practices to make sure the transition is as seamless as possible, so public entities and their employers can reap the rewards with minimal risk and disruption.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*