Summer Home Maintenance Tips

Summer is finally here, and it’s a perfect time to catch up on home maintenance tasks, both inside and outside of the house. Putting in a little elbow grease now goes a long way toward future house upkeep–making that well-deserved rest even more enjoyable.

These summer maintenance tips will help keep your home looking great for all seasons:

  • Wash your windows. Wash all interior and exterior windows to let in light and maximize visibility.
  • Check your windows for leaks. Re-caulk the seals on all doors and windows. This practice can increase your home’s energy efficiency.
  • Clean your dryer vent and exhaust duct. Remove any clogged lint and dust from your dryer vent. Doing so can help prevent house fires.
  • Power wash any siding or brick. Get rid of any dust, dirt or mold that makes your home’s exterior look dirty.
  • Repair and repaint your home’s exterior features. Fix any chipped, cracked or faded exterior paint to protect your home from further damage from the elements.
  • Clean your gutters and downspouts. Clean any debris from your home’s gutters and downspouts. This debris can often appear after summer storms and high winds.
  • Clean your outdoor grill. Thoroughly clean your grill to make it ready for summer barbequing.
  • Get your roof inspected. Make your roof last as long as possible by having it checked for loose shingles or other damages and scheduling any required repairs with a qualified professional.
  • Care for your greenery. Inspect your plants and landscaping. Get rid of weeds, overgrowth or dead plants. Freshen up areas by adding new plants where wanted.
  • Inspect your deck or porch. Check outdoor spaces for any necessary upkeep—such as applying sealant or stain, or fixing loose boards.

Seasonal checkups are important for every house’s upkeep. Contact Cleary Insurance, Inc. for more home maintenance information.

Regulations Issued to Implement Ban on Surprise Billing

On July 1, 2021, the Departments of Labor (DOL), Health and Human Services (HHS) and the Treasury (Departments) jointly released interim final rules outlining certain requirements related to surprise billing. These rules implement certain provisions of the No Surprises Act, which is a ban on surprise medical bills effective in 2022 that was enacted as part of the Consolidated Appropriations Act, 2021, signed into law in late 2020.

Surprise Medical Bills
Surprise medical bills occur when patients unexpectedly receive care from out-of-network health care providers. For example, a patient may go to an in-network hospital for treatment, such as surgery or emergency care, but an out-of-network doctor may be involved in the patient’s care. Patients often cannot determine the network status of these providers during treatment in order to avoid the additional charges. In many cases, the patient is not involved in the choice of provider at all.

Overview of the Interim Final Rules
These interim final rules protect participants, beneficiaries and enrollees in group health plans and group and individual health insurance coverage from surprise medical bills when they receive emergency services, non-emergency services from nonparticipating providers at participating facilities, and air ambulance services from nonparticipating providers of air ambulance services, under certain circumstances. Under these provisions, providers will have to work with the group health plan or health insurance issuer to determine the appropriate amount to be paid by the plan or issuer.

The interim final rules generally apply to group health plans and health insurance issuers offering group or individual health insurance coverage. However, certain provisions apply to emergency departments, health care providers and facilities, and providers of air ambulance services related to the protections against surprise billing.

Cyber Risks and Liabilities

Ransomware Considerations for Board Members

Organizations of all sizes and sectors are facing increased cybersecurity risks. Specifically, ransomware attacks—which leverage malware to compromise a victim’s data and demand them to make a large payment to recover it—have quickly become a rising threat across industry lines. In fact, recent research found that these types of attacks have surged by 150% in the past year alone, with the average amount paid by victims jumping by over 300%. Such attacks have also become more sophisticated over the years as cybercriminals have developed a wide range of different ransomware-use techniques.

In light of these advancing cyber concerns, it’s important for board members to be actively involved in developing and promoting effective workplace cybersecurity measures—especially as it pertains to ransomware attacks. By involving senior leadership in such initiatives, organizations can foster a culture of cybersecurity awareness and bolster their preparedness against cyber threats. Here are five key questions that board members should discuss to help their organizations stay resilient against ransomware attacks.

How can our organization better detect ransomware threats?

Before a ransomware attack can occur, a cybercriminal has to gain access to their target’s network, systems or data. Once a cybercriminal gains this access, an extended length of time—also known as “dwell time”—typically passes before the ransomware is deployed and the attack actually begins.

With this in mind, organizations that are able to detect potential ransomware threats during dwell time rather than at the onset of an attack can stop such incidents before they even start. The following measures can help board members ensure the earliest possible detection of ransomware concerns within their organizations:

  • Keep updated records of all workplace technology to understand where ransomware threats could arise.
  • Equip all workplace technology with antivirus and malware detection software. Update this software regularly.
  • Have critical technology, systems and data consistently monitored for suspicious activity. Make sure the employees in charge of these monitoring procedures are properly trained to do so.
  • Establish thresholds for when employees should notify senior leadership of ransomware threats.
  • Provide all employees with clear ransomware reporting protocols.

What can our organization do to minimize the damages in the event of a ransomware attack?

When ransomware attacks occur, it’s vital for impacted organizations to do everything they can to limit the damages. In particular, board members should prioritize these procedures:

  • Keep data encrypted. This practice will make it significantly harder for cybercriminals to compromise data during a ransomware attack.
  • Restrict employee access to workplace technology, systems and data. Only allow access on an as-needed basis.
  • Require employees to use proper credentials and multifactor authentication when accessing workplace technology, systems and data.
  • Consider keeping different workplace networks separated to prevent cybercriminals from gaining full access after attacking a single network.

Does our organization have an effective cyber incident response plan in place?

Cyber incident response plans are one of the best tools for helping organizations react appropriately and mitigate losses amid cyberattacks. Board members should work closely with workplace leaders across departments to develop sufficient cyber incident response plans for their organizations. Generally speaking, an effective cyber incident response plan should outline:

  • Who is part of the cyber incident response team (e.g., board members, department leaders, IT professionals, legal experts and HR specialists)
  • What roles and responsibilities each member of the cyber incident response team must uphold during an attack
  • What the organization’s key functions are and how these operations will continue throughout an attack
  • How any critical workplace decisions will be made during an attack
  • When and how stakeholders should be informed of an attack (e.g., employees, customers, shareholders and suppliers)
  • What federal, state and local regulations the organization must follow when responding to an attack (e.g., incident reporting protocols)
  • When and how the organization should seek assistance from additional parties to help recover from an attack (e.g., law enforcement and insurance professionals)
  • Take note that cyber incident response plans should be evaluated and updated regularly to ensure effectiveness. Various activities can be implemented to assess cyber incident response plans—including tabletop exercises and penetration testing.

Does our organization’s cyber incident response plan adequately address ransomware attacks?

Cyber incident response plans should address a wide range of possible attack circumstances. That being said, it’s important for board members to ensure that ransomware attack scenarios are properly accounted for within their cyber incident response plans.

Specifically, board members must determine whether or not their organizations will make ransom payments to cybercriminals—particularly when the compromised data is sensitive in nature or critical to operations. Keep in mind that cybersecurity experts typically advise against complying with ransom demands, seeing as there is a chance that cybercriminals could take the ransom money and not recover the compromised data or leverage it in future attacks.

Further, board members must ensure their organizations are prepared for the lengthy recovery process that often accompanies ransomware attacks. In some cases, it can take several weeks or months to recover compromised data. During this time, board members must have plans for keeping their organizations functional and minimizing reputational damages.

Are all data backup protocols within our organization sufficient in protecting against ransomware threats?

Backing up important data can help organizations maintain access to key files and information during cyber incidents. However, poor data backup protocols can easily be exploited by cybercriminals, subsequently resulting in ransomware attacks. As a result, board members should ensure their organizations follow these data backup security procedures:

  • Conduct data backups on a routine schedule. Consider backing up critical data more frequently.
  • Store data backups offline and in a separate location from other workplace systems and networks.
  • Only allow trusted and qualified employees to perform data backups.

For more risk management guidance, contact us today.