Texas Connection - February 2014 by FYI Express

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

Texas Connection Has your agency ever been the victim of a data breach? Has your agency ever been the victim of a data breach?

Table of Contents HAS YOUR AGENCY EVER BEEN THE VICTIM OF A DATA BREACH? ............ 1 DO YOU SELL BOPS AND GLS?...... 2 WHAT DOES CYBER LIABILITY INSURANCE COVER? .................... 14 HOW MUCH DOES YOUR STATE FINE FOR TEXTING AND DRIVING? ........ 16 It could be anywhere from $20 to $10,000 for a first-time offender—or no ban at all. .. 16 The editorial content in Texas Connection is valuable information but as always you should do your own due diligence and evaluation. The content is meant to be for informational purposes only and does NOT warrant an endorsement by the Texas Professional Insurance Agents in any form or fashion Rooms only $99.00 at Menger Hotel for Texas PIA Convention in San Antonio on June 4-8

Does your agency … •Obtain social security numbers, personal health information, driver’s license numbers, bank account numbers of insureds? •Have access to confidential client records (financial statements, competitive information)? •Use an agency management system? •Store paper files or are considering going paperless? •Provide online access for payment? •Have a website? •Rely on a computer network on a daily basis? •Allow employees to use personal mobile devices for agency transaction?

Check it out at www.MengerHotel.com

If yes to any of the above, your agency carries a significant exposure to cyber risk.

A data breach is an incident that involves the unauthorized or illegal viewing, access or retrieval of data by an individual, application or service. It is a type of security breach specifically designed to steal and/or publish data to an unsecured or illegal location. The term “security breach” means a compromise of the security, confidentiality, or integrity of, or the loss of, computerized data that results in, or there is a reasonable basis to conclude has resulted in – “ (A) the unauthorized acquisition of sensitive personally identifiable information; or “ (B) access to sensitive personally identifiable information that is for an unauthorized purpose, or in excess of authorization. SENSITIVE PERSONALLY IDENTIFIABLE INFORMATION. — The term “sensitive personally identifiable information” means any information or compilation of information, in electronic or digital form that includes— “ (1) an individual’s first and last name or first initial and last name in combination with any two of the following data elements: “ (A) home address or telephone number; Continued on page 2

Texas PIA’s Texas Connection

Page 1

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

Data Breach Continued from page 1 “(B) Mother’s maiden name; “ (C) month, day, and year of birth; “ (2) a non-truncated social security number, driver’s license number, passport number, or alien registration number or other government-issued unique identification number; “ (3) unique biometric data such as a finger print, voice print, a retina or iris image, or any other unique physical representation; “ (4) a unique account identifier, including a financial account number or credit or debit card number, electronic identification number, user name, or routing code; or “ (5) any combination of the following data elements: “ (A) an individual’s first and last name or first initial and last name; “ (B) a unique account identifier, including a financial account number or credit or debit card number, electronic identification number, user name, or routing code; or

Texas PIA Members may download this booklet at www.PIATX.org

“ (C) any security code, access code, or password, or source code that could be used to generate such codes or passwords

Do you sell BOPs and GLs? If yes, can you answer the Top 5 Questions Clients Ask about Cyber Liability?

So, have you ever thrown away a completed application and printed a new one with corrections? It should have been shredded.

If no, do you have an E&O policy with maximum limits?

Have you ever had an employee leave and start soliciting policyholders? It is common for employees to deliberately take confidential information with them when they leave for a new job. That activity is considered a data breach.

If no, can you say “Would you like fries with that order?” 1. “Doesn’t my general liability policy cover me?” In a word, no. The ISO property form protects the physical presence of computers but not the data that is stored on them. The ISO general liability form specifically excludes claims of copyright, trademark and trade secret infringement. The personal injury provisions of a GL form generally rely on “publication”-- an undefined term. Although there have been limited instances of coverage for privacy breach under GL forms, relying on this for coverage is not in your client’s best interest.

They mistakenly feel they have an ownership in it. They helped create the data, and therefore they feel like it’s theirs. Did you notify all the policyholders of the data breach and offer credit monitoring? Do you always change the passwords to your companies’ websites as soon as an employee leaves your employment? Have you read the “intangible” exclusions in your agency’s BOP, fidelity bond or crime insurance policy? The above scenarios are usually not covered.

Business Interruption coverage, an essential part of any businesses risk management plan, will not respond to outages caused by computer viruses or hackers. In addition, 47 U.S. states now have laws requiring notification in the event of a potential loss of PII (personally identifiable information), as well as fines and penalties for not reporting the breach. Continued on page 10

Texas PIA’s Texas Connection

Page 2

February, 2014

www.MengerHotel.com Special Room Rate for Texas PIA Conventioneers Only $99.00 per night! Texas PIA Connections 2014 Invitation

more info at www.PIATX.org

Tentative Agenda

Thursday, June 5th 8:30 a.m. - 11:30 a.m. “The Money Pit” … everything you need to know about how to evaluate, buy & sell a “Mom & Pop” insurance agency 8:30 a.m. – 11:30 a.m. Going Viral: Growing Awareness Through Media Get heard in this noisy world. Learn the fundamentals of branding and ways to promote your message online, through social media, and through traditional media channels. Emily Adams: Branding & promoting your business, cause, message, or group online and through social media.www.EmilyAdamsOnFire.com Carol Hargis: Generating publicity through traditional media, including writing and submitting press releases to newspapers and magazines, contacting local TV and radio outlets, etc.www.InsRecord.com

Attention: Golfers Wednesday, June 4th

11:30 a.m. - 1:00 p.m. "Agents' Choice for Excellence" (A.C.E.) Awards Luncheon

1:00 p.m. Scramble at Brackenridge Park Golf Course $75 per player

1:00 p.m. - 4:00 p.m. “Sneakers” … Everything you need to know on how to protect your agency and commercial clients from cyber hacking 2:00 p.m. - 3:45 p.m. Exhibitor Move-In 4:00 p.m. - 7:00 p.m. "Hollywood Nights" Trade Show Free admission to everyone except company reps of non-participating vendors.

http://www.alamocitygolftrail.com/index.php/san-antoniogolf-courses/brackenridge-park

Texas PIA Connections 2014 Invitation

7:00 p.m. - 11:30 p.m. Hospitality Suites open to everyone except company reps of non-participating vendors.

more info at www.PIATX.org

7:00 p.m. - 10:00 p.m. Riverwalk Cocktail Cruises

Friday, June 6th 8:30 a.m. - 11:30 a.m. “The Color of Money” … This CE class that explains the key differences between workers’ compensation and nonsubscription in a way that makes attendees very comfortable communicating the option with their clients. Attendees will learn the primary concerns of employers considering nonsubscription and how to respond to those concerns. Attendees will learn how to evaluate different nonsubscriber programs and insurance offerings. Attendees will learn who makes a good nonsubscriber candidate and how to present the option to potential clients. Upon completion of the class every attendee will be able to knowledgably discuss the option with their client.

10:00 p.m. - 11:30 p.m. Hospitality Suites open to everyone except company reps of non-participating vendors.

11:30 a.m. - 1:00 p.m. "Officer Installation & Awards" Luncheon 1:00 p.m. - 3:00 p.m. Hartford Flood: New Flood Insurance Changes – What you need to know (non-CE) Biggert – Waters 2012 overview Most Recent updates Flood rating changes Q&A "What's the harm in a little water?" flyer

Saturday, June 7th 8:30 a.m. - 11:30 a.m. “The Hunger Games” … CSRs are welcome to attend for free and learn the latest techniques in finding and capturing clients.

Sponsored by Hartford Flood and taught by Tom Langmead Regional Sales Director thomas.langmead@thehartford.com www.hartfordfloodonline.com

1:00 p.m. - 4:00 p.m. “And Justice for All” … This mock trial has many twists and turns as it reaches for a verdict on how much homeowner’s insurance was requested by the applicant. 4:00 p.m. - 6:00 p.m. "Hollywood Nights" Trade Show Free admission to everyone except company reps of non-participating vendors. 6:00 p.m. Exhibitor Tear-Down

Rooms only $99.00 per night ... Book Now The bigger rooms go fast! 3

Sponsorship Opportunities Wednesday, June 4

__ $100 Golf Tournament Refreshment Sponsor st

Friday, June 6

8:30 a.m. – 11:30 a.m.

__ $100 1 , 2 , 3 & Last Place Awards

__ $250 Registration staffed by your company reps

__ $250 Beverage Cart

__ $250 Seminar Refreshments

__ $500 Luxury Suite (bring in your own refreshments or buy them through hotel)

__ $250 Audio / Visual

__ $250 Co-Sponsor Luxury Suite (we’ll bring in the refreshments or buy them through hotel)

11:30 a.m. – 1:00 p.m. Annual Meeting & Awards Luncheon

Thursday, June 5

8:30 a.m. – 11:30 a.m. __ $250 Registration staffed by your company reps

__ $250 Table of 10 Favorite Agents __ $250 Audio / Visual __ $250 Souvenir Program

__ $250 Seminar Refreshments __ $250 Audio / Visual

1:00 p.m. – 4:00 p.m. __ $250 Registration staffed by your company reps

11:30 a.m. – 1:00 p.m. A.C.E. Awards Luncheon

__ $250 Seminar Refreshments __ $250 Audio / Visual

__ $250 Table of 10 Favorite Agents __ $250 Audio / Visual __ $250 Souvenir Program

4:00 p.m. – 6:00 p.m. “Hollywood Nights” Trade Show Prize drawing at 5:45 p.m. Tear down at 6:00 p.m.

1:00 p.m. – 4:00 p.m. __ $250 Registration staffed by your company reps __ $250 Seminar Refreshments __ $250 Audio / Visual

7:00 p.m. – 10:00 p.m. Riverwalk Cocktail Cruises Make your own arrangements and invite your favorite agents http://riosanantonio.com/charters/charter-information/

4:00 p.m. – 7:00 p.m. “Hollywood Nights” Trade Show Set up any time before 4:00 p.m. Table-top Exhibit Space No extra charge for additional reps No extra charge for electricity or Wi-Fi

7:00 p.m. - ??? __ $500 Luxury Suite (bring in your own refreshments or buy them through hotel) __ $250 Co-Sponsor Luxury Suite (we’ll bring in the refreshments)

__ $495 Preferred Provider Members

Saturday, June 7

__ $795 Non-Members

8:30 a.m. – 11:30 a.m.

CSR Appreciation Day – everyone free! 7:00 p.m. - ???

__ $250 Registration staffed by your company reps

__ $500 Luxury Suite (bring in your own refreshments or buy them through hotel)

__ $250 Seminar Refreshments

__ $250 Co-Sponsor Luxury Suite (we’ll bring in the refreshments)

__ $250 Audio / Visual

Texas PIA Connections 2014 Invitation

more info at www.PIATX.org

Exhibitors / Sponsors Exhibit Space costs as little as $495 for a 6’ table, two chairs and wastebasket. Exhibitor / Sponsor Registration also includes up to 15 hours “How To” Workshops (if needed) for all Company Representatives. Additional company personnel may attend and enjoy all activities for FREE! Persona Non Grata Please remember that NO COMPANY PERSONNEL will be allowed to attend any TEXAS PIA CONNECTIONS 2014 activities unless sponsoring or exhibiting. Marketing Reps of unsupportive companies will invariably talk with attendees about their company (It’s their job!). It’s our position that it’s not fair to the companies who are paying for that privilege through their support of TEXAS PIA CONNECTIONS 2014. If you do not care to Exhibit but do wish to share in TEXAS PIA CONNECTIONS 2014, please consider sponsoring an event. You can sponsor for as little as $250.00 toward refreshments. This is in addition to your Company Rep Registration Fee: $99.00 for two days. Exhibitors may attend workshops for FREE where space is available. And if you're still not convinced... Best of all... The EXPO Money Back Guarantee! Just to show you how successful I predict this year's EXPO will be ... if you feel like you did not get your money's worth at the end of TEXAS PIA CONNECTIONS 2014, simply come up to me and say so! I'm willing to put my money where my mouth is! I'm offering a MONEY-BACK GUARANTEE to all th Exhibitors who register by May 4 .

Just come up to me after the TEXAS PIA CONNECTIONS 2014, and if you feel you didn't get your money's worth, I'll refund your Exhibitor's Fee on the spot ... no questions asked! Trade Fair Trade Fair is open from 4:00 p.m. – 7:00 p.m. on Thursday & 4:00 p.m. – 6:00 p.m. on Friday Free Admission to all Agents & CSRs No other activities during Trade Fair Single Exhibit booth is $495.00 for Texas PIA Corporate Members, $795.00 for double booth Single Exhibit booth is $795.00 for non-Corporate members, $995.00 for double booth Electricity and Internet are provided at no extra cost No charge for additional reps for Exhibitors / Sponsors

VIRTUAL TRADE FAIR Each Sponsor / Exhibitor is entitled to a FREE hyperlink in the Virtual Trade Fair on the Texas PIA website leading up to the TEXAS PIA CONNECTIONS 2014.

Users Conference: Texas PIA CONNECTIONS 2014 provides a fantastic opportunity for a company to host an “Invitation-only” Conference. You'll have plenty of time to demonstrate the latest developments at your company and treat them to the Trade Fair. Seminar sponsors include, but are not limited to, Insurance Companies, MGAs, User Groups, Insurance Industry Organizations and Insurance Industry Vendors.

Online registration at http://www.PIATX.org Texas PIA Connections 2014 Invitation

more info at www.PIATX.org

TEXAS PIA CONNECTIONS 2014 EXHIBITOR / SPONSOR REGISTRATION FORM (Please Type or Print â&#x20AC;Ś Feel free to copy)

Online registration at http://www.PIATX.org

Exhibitor Package includes table-top space, hyperlink in Virtual Trade Fair and all workshop registrations for as many company employees as you wish at no additional cost. Name: _________________________________________

Company: ___________________________________

Address: ________________________________________ (City) ______________________ (St) ___ (Zip) ______ E-mail: __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ _ Website: __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ Phone: (______) __________________________________ Fax: (______) _________________________________ Additional Registrants: (attach list if necessary) Name ____________________________________

Name ____________________________________

E-mail: __ __ __ __ __ __ __ __ __ __ __ __ __ __

__ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ _

Exhibitor / Sponsorship Opportunities Sponsorship: _____________________________________________________________

$ ________

Corporate Member Booth:

___ Single $495.00 or ___ Double $795.00

$ ________

Non- Member Booth:

___ Single $795.00 or ___ Double $995.00

$ ________

___ Extra Table(s) @ $25.00 each

Total Investment =

$ ________

If there are certain companies that you prefer to not be placed by, please list these also.

Non-Exhibitor Opportunities Non-Exhibiting Company Personnel are not welcome to attend. They may attend by sponsoring refreshments or one of the above events plus Registration Fee. ___ Refreshment Sponsor (minimum of $250) ___ $99.00 (2 Days) + Sponsorship =

$ ________

To secure Booth / Sponsorship, your check must accompany this form.

Texas PIA Connections 2014 Invitation

Please make check payable to Texas PIA & mail with completed form to: Texas Insurance Professionals PO Box 700877 Dallas , TX 75370

Questions? Contact me @ (770) 312-2342; FAX (770) 783-8226; or eddie@piatx.org

More info at www.PIATX.org

Data Breach

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org Statutory Concerns The federal Gramm-Leach-Bliley Act requires independent agencies and brokers to proactively implement administrative, technical, and physical safeguards to protect customer non-public personal information.

Continued from page 2 Many carriers offer policies that can cover regulatory fines or penalties your client might incur because of a data breach. Whether or not slim chances exist for liability coverage in other policies, one thing is for sure: none provide reimbursement for the costly first-party expenses required to comply with regulatory requirements and out-of-pocket legal expenses incurred to navigate the process.

Check out your state’s Data Breach Code www.perkinscoie.com/statebreachchart Some cyber policies will pay for costs associated with data breaches caused by employees, including the cost of notifying affected individuals if personal information is exposed; forensics costs; legal costs; notification costs; credit monitoring; and public relations costs associated with an employee theft of personal client information.

2. “How much is this coverage going to cost?” Cyber liability insurance is still a fairly new concept, so there's a lot of variation among policies, and a lot of room for premium negotiation. Agents should be certain that their clients understand that if they don’t purchase this coverage, they will be liable for first-party expenses including hiring forensic IT experts, notification of customers, providing annual credit monitoring, lawyer expenses and any applicable state or federal fines or penalties. 3. “We have an IT department and we have firewalls. Isn’t that enough?” Not usually. Many data breaches occur because of an employee error or an “inside job” from rogue employees. From passwords tacked on computer screens in plain sight and employees opening suspicious email and downloading malware to lost laptops and smart phones, a large portion of security breaches occur because of your employee actions. Also, keep in mind that a data breach can occur from paper records as well. Outdated customer information, old credit card receipts and employee files that have been thrown into the Dumpster are just as vulnerable as if a hacker logged into your network. 4. “We use a third party for reservations and credit cards. Do we still need this coverage?” Are your clients taking online reservations? Are they processing credit card payments online? Chances are they’re already utilizing a third-party or cloud vendor and your client’s network is not storing the data. However, their customers’ personal information, in case of a data breach, is still the responsibility of your client. 5. “What are our state’s privacy notification laws, fines and penalties?” Wherever your client is located, make sure that you know the regulatory requirements of the state. When it comes to the unauthorized release of personally identifiable information (PII), there is no federal mandate governing privacy notification, so each state has its own law.

Video: Cyber Liability Explained http://youtu.be/gj_y9x3_7Jw What do these scenarios have in common? Employee opens e-mail with virus that crashes network and spreads virus to customers Policyholder’s website is hacked and all data is corrupted Disgruntled ex-employee logs into and blocks your client’s network None of the losses are covered under typical business insurance policies ISO Building and Personal Property Coverage Form has a $2500 annual limit for very limited named perils including viruses and harmful codes, as long as it wasn’t done by an employee or someone you hired to work on your computer Commercial General Liability Policies specifically excludes damage to data and damage caused by loss of data Continued on page 12

Texas PIA’s Texas Connection

Page 10

February, 2014

I AmTrusted

to provide my insureds with the best coverage.

Insurance agents are trusted to provide their customers with the best protection at every turn. That’s why the best agents in the industry recommend the superior small-business insurance coverage available only from AmTrust. Not only is AmTrust the 10th largest workers’ compensation insurance provider in the nation, we’ve also earned an “A” rating from A.M. Best. It’s some of the industry’s best small-business insurance coverage, available only from the industry’s best agents like you.

To learn more about AmTrust, visit us at amtrustnorthamerica.com or call 877.528.7878.

Connect with us A.M. Best rating of “A” (Excellent) FSC X

Data Breach

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org Take this Risk Controls Quiz 1. Do you have a firewall?

Continued from page 10 Personal Injury: some PI claims created by a website or other forms of electronic communication

Yes

Don’t Know

2. Do you have a virus protection program in place?

2 huge Exclusions: j. Insureds in Media and Internet Type Business k. Electronic Chatrooms or Bulletin Boards Transmission of a Virus is not covered because of the Electronic Data exclusion language

Yes

Don’t Know

3. Do you have a person responsible for information security? Yes

Where is Digital Info Stored?

Don’t Know

4. Do you outsource a critical part of your internal network/computer system or internet access/presence to others? If yes, please explain:

Computers Cameras Fax / Copier / Printer

Yes

iPod, GPS, PDA

Don’t Know

5. Do you have a written privacy or security policy?

Cell phones Yes

How do Breaches Occur?

Don’t Know

6. Do you control access to your computer systems?

Accidents or Mistakes Hackers

Yes

Equipment Theft

Don’t Know

7. Does your hiring process include criminal background checks?

Employees

Yes 3 Biggest Agency Security Threats •An employee theft or inadvertent mistake that exposes customers’ personal information to unauthorized parties. (An example of an inadvertent mistake would be opening an email attachment containing a virus from an unknown source.) •Physical loss or theft of a computer, portable device, back up tape or other removable media—all containing customers’ non-public personal information. As these devices have become more portable, and they are regularly taken outside the agency premises, this security risk has multiplied significantly. Also, the substantial risk of a break-in to the agency’s offices and the theft of its computers are often overlooked when an agency develops its security policy.

Don’t Know

8. Have you ever experienced a privacy breach or security breach? Yes

Don’t Know

9. Do you have a program in place to test your security/privacy controls? Yes

Don’t Know

10. Do you have a program in place to test security/privacy controls of your vendors? Yes

Don’t Know

11. Do you allow employees to download Personally Identifiable Information of customers or confidential information in your care belonging to third parties onto laptops or other storage media? Yes

Don’t Know

If yes, is the information encrypted?

•Loss or theft of a password permitting unauthorized individuals to gain access to customers’ personal information.

Yes

Don’t Know

Continued on page 14

Texas PIA’s Texas Connection

Page 12

February, 2014

Texas PIA Membership has More Advantages! Here’s what you get for only $300.00 per year: Free Online CE Free Classroom CE Discount registration to Annual Convention Free Report complete with improvement tips on Your Agency’s Online Visibility If your website looks like this on a Smartphone

It could look like this for Free

Free Micro-Mobile Site & QR Code Marketing Strategy. Scan this QR Code for a current example. This could be your agency! $349.00 Value!

Free 30 second Agency Promotional Video. Click here to enjoy the one I created for Texas PIA Connections 2013. This could be your agency! Free Customizable Business Forms: These documents are free to download and customize for your own professional use. Free Mentoring: Whether you are a start-up or an existing business, our mentors will help you reach customers and achieve your goals with confidential, valuable advice. Free Small Business Handbook: Everything you need to know to run your business, from equity to employees. Free Marketing Templates: Sets of templates with a coordinated design including letterhead, envelopes, business cards, brochures, etc. Free Office Poster Software: Templates to create your own custom office posters, all without any knowledge of design or graphical skills needed.

Free “How To” Booklets on Agency Management, Buy / Sell / Evaluate an Independent Agency, Internet Marketing & Social Media

Free Disaster Planning Toolkit: At least one in four small businesses that close because of a major disaster never reopen. Here’s a new tool for your agency (& your commercial policyholders).

Free Monthly CSR Online Training using interactive quizzes, videos and worksheets Free Monthly Agency Owner’s Tips ‘n Tools Free HR Policy & Compliance Guidelines

Main Street Store

Free Claims Apps for Policyholders

Available to all A1 (Agent) members in addition to State Level Benefits

Free Agency Valuation Consultation

Agency Revenue Tools Flood Insurance through The Hartford (to sell) Voluntary Products Offered By the PIA Services Group Insurance Fund

All this & much, much more for only $300.00 per year

Join today Online at www.PIATX.org

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org In some cases, a business must provide ongoing Continued from page 12 credit monitoring or identity theft insurance or monitoring How to avoid losses to those whose information was compromised. When Sony was hacked, for example, the company had to Do a review with your clients of their business provide $1 million dollar identity theft insurance policies cyber risks to all customers in the database that was hacked. Discuss “cyber-risk” coverage for loss of or Notification expenses and any required monitoring or damage to data protection for customers can quickly add up and be a huge addition to already costly expenses of a cyberHave a data security risk assessment performed crime. by an IT professional who specializes in data security Content Liability—You may want to think of any Steps you can take to protect your data content you put online like personal property you insure at your place of business. You buy insurance to protect Change your password on every website once personal property if it’s stolen or damaged, and the every few months content you place on your website, blog, or any other Do not use the same password for multiple sites kind of web presence is your property as well. Content or accounts liability would help pay for anything that’s related to your online content and provide protection from copyright Create a strong password that includes letters, claims, slander, invasion of privacy, and other IT claims. numbers, and other characters

Data Breach

Watch out for phishing e-mails and spam emails requesting personal or sensitive information Check out www.LastPass.com 4 Situations Where Cyber Insurance Can Save Your Agency 1.

Cyber Insurance Protects Site Content

Cyber Insurance Guards Against Data Breaches

3. Cyber Liability Insurance Covers Employee Gaffes 4.

Cyber Insurance Works Offline As Well

What Does Cyber Liability Insurance Cover? Like any type of insurance policy, the actual options and details of the policy vary according to the insurer. Additionally, what a business will need as far as coverage will vary—some companies may just use computers to store finance and billing information or may use a computer for anything and everything. Despite the differences in insurance policies by different insurers and the different needs of businesses, cyber liability insurance typically provides coverage for six main areas: Business Interruption—If a business is the victim of a cybercrime, such as a hack or a virus, this would cover any loss of revenue experienced as a result, whether a temporary shut-down is needed or even a long term interruption of operations. Notification Expenses—Most states have notification requirements, which dictate how and when a business must notify any parties whose private information was possibly compromised in a breach or if it was obtained by someone without authorization or permission.

Texas PIA’s Texas Connection

PR and Crisis Management—If your company has just experienced a security breach and has had to send out notifications to customers and clients, on top of being out of operation to clean up the mess, there’s no doubt the company image has been tarnished and stands to lose future business to at least some degree. When Sony was hacked, there were undoubtedly many customers who were too scared to place their billing info and private information into the PlayStation Network that was compromised, so Sony had to do some quick and fantastic PR work. This coverage would help pay for subsequent public relations and marketing efforts needed to prevent extreme damage to your company’s brand. Data Loss and System Damage—If you’ve assumed your current commercial liability policy provides coverage to computers under personal property coverage, you’d be sorely surprised to find it only covers the actual computer itself—not what’s in its memory. Any data on the computer isn’t protected under any other type of insurance, and for most businesses, this can be devastating. Protection for what’s really just a hunk of plastic or other synthetic materials won’t do you much good if everything inside is stolen or damaged. Regulatory Investigation Expense—With the evolution of technology continuing to grow, there will undoubtedly be more regulations and laws surrounding any offline or online data and property. It’s only been recently that new notification laws were enacted and privacy laws are constantly being changed, so there will probably be a whole new set of audits created to ensure compliance. Just like personal lines of insurance which can exclude coverage for anything related to acts of war or government regulations, so do commercial policies. However, cyber liability insurance can provide coverage for regulatory investigation expenses. Continued on page 15

Page 14

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org So, for example, if the insured exposes a person's Continued from page 14 private medical records and that person sues the Cyber liability insurance can also provide insured, EC 00 10 will provide a defense for the insured coverage for situations such as: and pay the damages for which the insured is liable. Internet liability—protection from damages that Security breach liability — liability arising from the arise if an internet service provider (ISP) is hacked or is unauthorized acquisition or disclosure of client suddenly out of operation. This could also include information held within a computer system or otherwise damages resulting from a website host or server shutting (for example, hard copy); transmission of a virus to a down, experiencing a loss in data or a loss from a third party by e-mail or other means security breach, or lapses in operation. The second insuring agreement pertains to security Intangible assets—protection for any damages to breach liability. If the insured is held liable for the code or data. For example, if a business’s website was acquisition of personal information (held within its hacked resulting in code and content being stolen, this computer system) by an unauthorized person, this coverage could help pay for the costs of replacing them. insuring agreement offers insurance coverage to the insured. This agreement also applies to the unauthorized Web content liability—would help pay for damages disclosure of such personal information. and defense costs resulting from libel or copyright claims, trademark infringement, defamation claims, or Programming errors and omissions liability — damages done to a website by a hacker or someone liability arising from programming errors or omissions else. that ultimately disclose clients' personal information held within a computer system ISO's E-Commerce Program helps you offer a variety of coverage options for commercial companies The next insuring agreement pertains to and financial institutions that do business online. The programming errors and omissions liability. Any actual or program will benefit organizations that: alleged programming error or omission that results in the disclosure of a client's personal information held within use e-mail the insured's computer system may lead to a claim or a rely on the Internet to promote products and lawsuit against the insured. Insuring agreement three services provides coverage for the insured. This agreement acts as complementary coverage for the previous insuring operate a website agreement. provide online transactional services, such as Replacement or restoration of electronic data — banking or trading expenses incurred to replace or restore electronic data or computer programs affected directly by a virus store confidential customer information — whether credit card, financial, or medical Suppose the insured is responsible for the loss of the

Data Breach

electronic data or a computer program stored within its computer system? Such a loss could force a shutdown in services provided for a client's customers and cause a loss of business for the client. EC 00 10 offers coverage for replacement or restoration of electronic data wherein the policy will pay the cost to replace or restore the data or programs, the cost of data entry, and reprogramming costs.

EC 00 10 11 09, the Information Security Protection Policy (for commercial entities) and the Financial Institutions Information Security Protection Policy offer eight separate insuring agreements, giving you the ability to tailor coverage to fit the specific insurance needs of your customers. The insuring agreements include: Website publishing liability — liability arising from an infringement of another's copyright, trademark, trade dress, or service mark; defamation against a person or organization; or violation of a person's right to privacy The first insuring agreement declares that the insurer will pay for loss that the insured becomes legally obligated to pay (and defense expenses) for a web site publishing liability. The scope of this coverage includes any actual or alleged error, misstatement, or misleading statement posted or published by an insured on its web site that results in: an infringement of another's copyright, trademark, trade dress, or service mark; any form of defamation against a person or organization; or a violation of a person's right of privacy.

Texas PIA’s Texas Connection

Extortion threats — ransom payments and other expenses incurred resulting directly from threats to send a virus to a computer system; disseminate the insured's proprietary information; inflict ransomware or other types of viruses to destroy, corrupt, or prevent normal access to the computer system; or publish clients' personal information

Page 15

Continued on page 16

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org The final insuring agreement of EC 00 10 is to pay for loss resulting from a security breach. The payment here Continued from page 15 would include costs to notify all parties affected by a security breach, the fees and costs of a call center to It is common knowledge that a company can be handle inquiries from parties affected by a security subject to an extortionist's threat to attack the company's breach, and post-event credit monitoring costs for computer system with a virus or some malicious code or victims of a security breach. Since laws now require a threat to prevent normal access to the system. The such activities, any insured that suffers a cyber-security fifth insuring agreement in EC 00 10 offers to pay for the event will need insurance to pay the costs of the costs of hiring an entity to determine the validity and activities. severity of an extortion threat, plus reward money paid to an informant that leads to the arrest and conviction of Exclusions the extortionist. Any other reasonable expenses incurred There are only 26 exclusions by the insured for the fees and costs of negotiators and for the fees and costs of a company hired to protect Selected Exclusions: electronic data from further threats are also covered. Unintentional errors or omissions in the entry of Business income and extra expense — actual loss “electronic data” of business income and/or extra expenses incurred Lightning, earthquake, hail, volcanic action, or because of the interruption of the insured's e-commerce any other act of nature activities resulting directly from a virus or extortion threat

Data Breach

EC 00 10 will pay for the loss of business to a client for which the insured is liable due to breaches of information security. The policy will also pay for a loss of business income the insured itself suffers due to the interruption of the insured's business resulting from an ecommerce incident. If the insured business itself has to cease operations or suspend e-commerce activities because of a threat against it with a computer virus or code, EC 00 10 will pay for the business income loss and for extra expense paid by the insured to get its business activities back in order.

Dispersal or application of pathogenic or poisonous biological or chemical materials Bodily injury or physical damage to or destruction of tangible property Unexplained or indeterminate failures Insufficient capacity, except for an “e-commerce incident” Shutdown of the internet, regardless of cause Power failure, reduction, or surge

Public relations expense — expenses incurred to restore the insured's reputation after being subject to negative publicity resulting directly from a virus or security breach The seventh insuring agreement applies to public relations expense. If the insured has suffered negative publicity because of its responsibility for e-commerce security breaches or programming errors, or because the insured itself has allowed its private information to be publicized, there may be a decline in the reputation of the insured. In order to recapture the public's trust and future business, the insured will need a public relations campaign. EC 00 10 will pay for the fees and costs of a public relations firm to protect and restore the insured's reputation. Security breach expense — expenses incurred to notify parties affected by a security breach, including overtime salaries paid to staff; fees and costs of the insured hiring a company to operate a call center; and reimbursing the insured for post-event credit-monitoring costs for victims of the breach

Texas PIA’s Texas Connection

Threatened discharge of pollutants Employment practices Costs, fees, and other expenses incurred in establishing the existence of a “loss”

Bits ‘n Pieces Do you remember these??? ......Check out this one out....... http://www.youtube.com/watch_popup?v=puGQsQux80k

How Much Does Your State Fine For Texting and Driving? It could be anywhere from $20 to $10,000 for a firsttime offender—or no ban at all. http://www.motherjones.com/media/2013/10/numberstexting-and-driving#text-table

Page 16

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org Make sure your web browser's security setting is high enough to detect unauthorized downloads. For example, use at least the medium security setting. Even if you take precautions, malware can find its way onto your computer. So be on the lookout for these signs. Your computer runs slowly, drains its battery quickly, displays unexpected errors or crashes, it won't shut down or restart, it serves a lot of popups, takes you to web pages you didn't visit, changes your home page, or creates new icons or toolbars without your permission. If you suspect malware, stop doing things that require passwords or personal info, such as online shopping or banking. Use a different computer, maybe one at work or at your local library, to change your passwords. Update your security software and run a system scan. Delete files it flags as malware.

Protect Your Computer from Malware Malware is short for “malicious software." It includes viruses and spyware that get installed on your computer or mobile device without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Learn more about how to avoid, detect, and get rid of malware.

If you can't fix the problem on your own, get help from a professional. Your computer manufacturer or internet service provider may offer free tech support. If not, contact a company or retail store that provides tech support.

Would it surprise you to learn that millions of computers in the US are infected with malware? That's a lot of computers. So what's malware, and why should you care?

Keep in mind, the most important thing you can do to prevent malware is to keep your computer software up to date. And remember, it's easy to find trusted information about computer security. Just visit onguardonline.gov, the federal government site to help you stay safe, secure, and responsible online.

Malware, short for malicious software, includes viruses and spyware that get installed on your computer or mobile device without you knowing it. Criminals use malware to steal personal information and commit fraud. For example, they may use malware to steal the login information for your online accounts or to hijack your computer and use it to send spam. An infected computer can lead to serious problems, like identity theft.

Do you like Texas PIA on Facebook? If no … here’s what you’ve been missing:

The good news, there's a lot you can do to protect yourself and your computer. One of the most important steps you can take, install security software from a reliable company and set it to update automatically. The bad guys constantly develop new ways to attack your computer, so your software must be up to date to work. Set your operating system and your web browser to update automatically too. If you're not sure how, use the help function and search for automatic updates. Don't buy security software in response to unexpected calls or messages, especially if they say they scanned your computer and found malware. Scammers send messages like these to trick you into buying worthless software, or worse, downloading malware. What else can you do? Use a pop up blocker, and don't click on links and popups. Don't click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.

https://www.facebook.com/TexasPIA

Download software only from websites you know and trust. Free stuff may sound appealing, but free downloads can hide malware. Texas PIA’s Texas Connection

Page 17

February, 2014

More Tips â&#x20AC;&#x2DC;n Tools for Professional Insurance Agents at www.PIATX.org How to build a sound Data Security Plan for your What kind of information do you collect at each entry Agency point, and where do you keep it? Most companies keep sensitive information in their files, whether it's names, Social Security numbers, credit cards, or other account data that identifies customers or employees. Businesses often need this information to fill orders, meet payroll, or perform other business functions. But if the information falls into the wrong hands, it can lead to fraud or identity theft. The cost of a security breach can be measured in the loss of your customers' trust and perhaps even a lawsuit, which makes safeguarding personal information just plain good business.

We get credit card information from clients. Our accounting department keeps customers' checking account numbers. And the information can be stored in, well, a lot of places -- in our central computer databases, on individual laptops, on disks and tapes, in their file cabinets, in our branch offices. Some employees might even have that information at home.

So, let's get started. A sound data security plan is built on five key principles.

Remember to ask who has access to the information. Which employees have permission to have it? Can anyone else get a hold of it? What about vendors who supply and update the software you use to process credit card transactions? Or contractors who operate your call center?

Take stock. Know what personal information you have in your files and on your computers.

That's a lot to keep track of, but I can see that it's worth it.

Scale Down. Keep only what you need for your business.

It's a new way to think about information and security. But it's not only do-able, it's essential.

Lock It. Protect the information that you keep. Pitch It. Properly dispose of files or data you don't need anymore. Plan Ahead. Create a plan to respond to security incidents. Let's walk through those five principles so you can see how your company's practices measure up -and where you might want to make some changes. Ready? Effective data security starts with an assessment: Taking stock of what information you have and who has access to it. Understanding how personal information moves into, through, and out of your business and who has -- or could have -- access to it is essential to figuring out your security vulnerabilities. So where do I begin? Start by taking an inventory -- do an audit of what you've got. Your file cabinets and computers are a good place to start, but remember: Most businesses get personal information in a lot of different ways -- through websites, from contractors, from call centers. Inventory all computers, laptops, flash drives, disks, home computers, cell phones, and other equipment to find out where your company stores sensitive data. But how can I keep track of all that personal information? Talk to your sales department, your IT staff, and your HR office. Don't forget your accounting staff and any outside service providers you use. Then ask a few questions. Who sends personal information to your business and how do you receive it? We get personal information from customers, credit card companies, banks, and credit bureaus. Sometimes, it's sent through websites, sometimes by e-mail, and sometimes the U.S. Mail. Texas PIAâ&#x20AC;&#x2122;s Texas Connection

Should I be handling all information in the same way? Different types of information present different levels of risk. The fact is some information is more valuable to thieves. You need to pay special attention to how you keep personally identifying information: those Social Security numbers, that credit card or financial information, and other sensitive data. That's what crooks usually use to commit fraud or identity theft. REAL ESTATE AGENT: Do any laws require my company to keep sensitive data secure? Yes. Federal laws like the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and the Federal Trade Commission Act may require that businesses in your industry provide reasonable security for sensitive information. And you'll want to check into state and local laws, too. The question I keep asking myself is what kind of information should I keep, and of course, what kind of information shouldn't I keep. That's the second principle -- Scale Down. Keep only what you need for your business. If you don't have a legitimate business need for sensitive information, don't keep it. In fact, don't even collect it in the first place. And if you do have a legitimate business need for the information, keep it only as long as necessary. We usually create a permanent file about our customers. That's where we keep information from the magnetic stripe on their credit cards. Are we putting their information at risk? Yes, you are. Keep sensitive data only as long as you have a business reason to have it. Once that business reason is over, dispose of the data properly. If it's not in your system, it can't be stolen. Continued on page 19 Page 18

February, 2014

More Tips â&#x20AC;&#x2DC;n Tools for Professional Insurance Agents at www.PIATX.org Train your employees to put files away, log off their computers, and lock their file cabinets and office doors at the end of every day.

How to build a Sound Data Security Plan Continued from page 18 That makes sense to me. But we also collect a lot of Social Security numbers. How do I handle those?

Control who has access to your offices. Tell employees what to do and who to call if they see somebody unfamiliar on the premises. If you have offsite storage facilities, limit access only to employees with a legitimate business need. Know if, and when, someone accesses the storage site.

Use Social Security numbers only for required and lawful purposes -- like reporting employee taxes. In this day and age, don't use Social Security numbers unnecessarily -- for example, as an employee or customer identification number or just because you've always used them.

What about computer security?

But what if I have to keep certain information? If you must keep information for business reasons or to comply with the law, develop a written record retention policy. Identify what must be kept, how it should be secured, guidelines on how long to keep it, and ways to dispose of it securely when you don't need it anymore. I think our software saves credit card numbers. What can I do about that? Check the default settings. Sometimes they're preset to keep information permanently. Change it to make sure you're not keeping anything you don't need. Don't keep customer credit card information unless you have a business need for it. For example, it's not necessary to keep the account number and expiration date unless there is an essential business need. Keeping this information -- or keeping it longer than necessary -- raises the risk that the information could be used to commit fraud or identity theft. What's the best way to protect information that you absolutely have to keep? The answer really depends on the kind of information you're dealing with and how it's stored. The most effective data security plans deal with four important elements: physical security, electronic security, employee training, and the security practices of your contractors and service providers. Many data compromises happen the old-fashioned way-- through lost or stolen paper documents. So much of the time the best defense is a locked door or an alert employee. Store documents and files, CDs, floppy disks, zip drives, and tapes with personal information in a locked room or in locked file cabinets. Don't forget to include backup files, too. Then limit access to employees with a legitimate business need to have it. Keep track of how many keys there are and who has one. Require that all files containing personal information be kept in locked cabinets, except when an employee is working on the file. Remind employees not to leave out sensitive papers when they're out of the office, whether it's for a short break, the day, or while they are on vacation. Texas PIAâ&#x20AC;&#x2122;s Texas Connection

Computer security is everyone's business, not just the IT staff. Make sure you understand the vulnerabilities of your computer system, and follow the advice of experts in the field to make it safe. Identify which of your computers or servers store sensitive information. Then identify all connections to these computers and servers. Connections could include the Internet, electronic cash registers, computers at your branch offices, computers used by service providers that support your network, and wireless devices, such as inventory scanners or cell phones. Assess how vulnerable each connection is to known or reasonably foreseeable attacks. Depending on your circumstances, appropriate assessments could range from a knowledgeable employee running off-the-shelf security software to an independent professional conducting a full-scale audit. Don't store sensitive data on any computer with an Internet connection unless it's essential for conducting your business. We encrypt the financial data customers submit on our website. But once we receive it, we decrypt it and then e-mail it to our branch offices. Is there a safer way for us to do this? Glad you asked. Regular e-mail is not a safe way to send sensitive data. Any e-mail with information that could be used by fraudsters or ID thieves should be encrypted. Another question. Do you have any tips on what kinds of computer passwords are best for security's sake? Experts say the longer the password, the better. Because simple passwords, like common dictionary words, can be guessed easily, insist that employees choose passwords with a mix of letters, numbers, and characters. Require that an employee's user name and password be different and that your employees change their passwords often. Continued on page 20

Page 19

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org And don’t forget about physical security. Restrict the use of laptops to employees who need them to perform Continued from page 19 their jobs, and require those employees to store laptops in a secure place. Even when laptops are being used, Use password-activated screen savers to lock think about using cords and locks to secure them to employee computers after a period of inactivity. Lock out employees' desks. users who don't enter the correct password within a certain number of log-on attempts. When installing new Train employees to think of their laptops as they software, immediately change the vendor-supplied would their wallets or cash. When they're on the road, default password to a "strong" password that's at least they should never leave them visible in a car, sitting at a eight characters long and contains both numbers and hotel luggage stand, or packed in checked luggage, symbols. unless they're told to by airport security.

How to build a Sound Data Security Plan

You also need to talk with your employees. Be sure to explain to employees why it's against company policy to share their passwords or post them near their workstations. Warn employees about callers who may try to trick them into giving out their passwords by pretending to be a member of your IT staff. Let employees know that these kinds of calls are always fraudulent and that no one in the company should be asking them to reveal their passwords. Our account staff needs access to our database of customer financial information. To make it easier for people to remember, we use our company name as the password. Sounds like that could create a security problem? Yes, it could. Hackers try words like "password," your company name, the software's default password, and other easy-to-guess choices. They also use programs that run through common words and dates. Everyone in our office uses a laptop. Are there different rules for protecting laptops? Before you look at how to protect sensitive information on a laptop, think about whether the information really needs to be stored on one at all. If not, delete it with a "wiping" program, which will overwrite the data on the laptop. Deleting files using standard keyboard commands isn't good enough because they may still be on the laptop's hard drive. Even if you must allow employees to work with sensitive data on laptops, you don’t have to store it on their machines. Consider storing sensitive information on a secure central computer that employees can access with their laptops. That way, the laptops function as terminals that display information from the central computer, not as storage sites. Add extra protection by requiring the use of a token, such as a "smart card," a thumb print, or some other biometric -- as well as a password -- for access to the central computer. If a laptop will contain sensitive data, encrypt the data and configure it so users can't download any software or change the security settings without approval from your IT staff. Consider adding an "auto-destroy" function so that data on a computer that is reported stolen will be destroyed when the thief tries to get on the Internet. Texas PIA’s Texas Connection

What is a firewall? And how do I know if ours is good enough? A firewall is software or hardware designed to block hackers from getting into your computer. I've heard of a "border" firewall. What's that? A "border" firewall separates your network from the Internet and could prevent an attacker from getting to where you store sensitive information. It's important to allow only trusted employees with a legitimate business need to access the network. To do this set the "access control" settings to determine who gets through the firewall and what they will be allowed to see. The protection a firewall provides is only as effective as its access controls. So review them periodically. Maintain central log files of security-related information to monitor activity on your network so that you can spot and respond to attacks. If an attack occurs on your network, the log will help you identify which computers are compromised. Monitor traffic for signs that someone is trying to hack in. Keep an eye out for activity from new users, multiple log-in attempts from unknown users, and higher-thanaverage traffic at unusual times of day (like nonbusiness hours). Also look at outgoing traffic for signs of a data breach. Watch for unexpectedly large amounts of data being transmitted from your system to an unknown user. Investigate to make sure the transmission is authorized. Most importantly, have a breach response plan in place. Find out if you use wireless devices, such as inventory scanners or cell phones, to connect to your computer network or to transmit sensitive information. If you do, consider limiting who can use a wireless connection to access your network. You can make it harder for an intruder to access the network by limiting the wireless devices that connect to it. Better still, consider encrypting the content to make it tougher for an intruder to read it. Encrypting transmissions from wireless devices to your computer network may prevent an intruder from gaining access through a process called "spoofing" -- impersonating one of your computers to get access to your network. Page 20

February, 2014

More Tips â&#x20AC;&#x2DC;n Tools for Professional Insurance Agents at www.PIATX.org Alert employees to phone phising. Train them to be How to build a Sound Data Security Plan suspicious of unknown callers who claim to need account numbers to process an order or asking for Continued from page 20 customer or employee contact information. Make it office You also should consider using encryption if you policy to double-check by contacting the company using allow remote access to your computer network by a phone number you know is genuine. employees or service providers, such as the companies Require employees to notify you immediately if there that troubleshoot and update the software you use to is a potential security breach, like a lost or stolen laptop. process credit card purchases. Discipline employees for security policy violations.

Your data security plan may look great on paper, but it's only as good as the employees who implement it. Take time to explain the rules to your staff, and train them to spot security vulnerabilities. Periodic training emphasizes the importance your business places on data security. A well-trained workforce may be the best defense against ID theft and data breaches.

Your company's security practices depend on the people who implement them. That includes contractors and service providers, in addition to your employees. Before you outsource any of your business functions -- payroll, Web hosting, customer call center operations, data processing, or the like -- investigate the company's data security practices and compare its standards to yours. If possible, visit its facilities.

Check references and do background checks before you hire employees who will have access to sensitive data.

In your contract with service providers, address security issues for the type of data they handle. Agree that they will notify you of any security incidents they experience, even if the incidents do not lead to your data being compromised.

Ask every new employee to sign an agreement to follow your company's confidentiality and security standards for handling sensitive data. Make sure they understand that abiding by your company's data security plan is an essential part of their duties and the terms of their employment. Regularly remind employees of your company's policy -- and any legal requirement -- to keep customer information secure and confidential.

Trash can be a gold mine for an identity thief. Leaving credit card receipts, credit reports, papers, or CDs with personal information in a dumpster exposes your customers to the risk of identity theft and fraud. By properly disposing of sensitive information, you're doing your part to ensure that it can't be read or reconstructed.

Know which employees have access to consumers' sensitive information. Pay particular attention to data like Social Security numbers and account numbers. Limit access to employees with a "need to know."

So what's the safest way to get rid of documents or files we don't need any more?

Have a procedure in place for making sure that workers who leave your employ or transfer to another part of the company no longer have access to the sensitive information they once did. Terminate their passwords immediately, and collect their keys and identification cards as part of the check-out routine.

It depends on the sensitivity of the information, the costs and benefits of different disposal methods, and changes in technology, as well as the nature and size of your business. So with paper?

Create a "culture of security" by implementing a regular schedule of employee training. Update employees as you find out about new risks and vulnerabilities. Make sure training includes employees at satellite offices, temporary help, and seasonal workers. If employees don't attend, consider blocking their access to the network. Train employees to recognize security threats. Tell them how to report suspicious activity and publicly reward employees who alert you to vulnerabilities. Tell employees about your company policies dealing with keeping information secure and confidential. Post reminders in areas where sensitive information is kept, as well as where employees congregate. Make sure your policies cover employees who telecommute or access sensitive data from home or an offsite location.

Texas PIAâ&#x20AC;&#x2122;s Texas Connection

Get rid of paper records by shredding, burning or pulverizing them before discarding. Put shredders throughout your office, including next to the photocopier. What about computers? When you're getting rid of old computers and portable storage devices, use wipe utility programs. They're inexpensive and can overwrite the entire hard drive so that the files can't be recovered. Can I just delete files using the delete key? Deleting isn't good enough because the files can remain on the computer's hard drive, which means they could be retrieved easily. What about employees who work from home?

Good point. Make sure employees who work from home follow the same procedures for disposing of sensitive documents, old computers, and any portable storage devices. Page 21 February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

How to build a Sound Data Security Plan Continued from page 21 My company collects credit applications from customers. The form they use asks for a lot of financial information. Once we're finished with the applications, we're careful to throw them away. Is that good enough? It's not, at least not for smart, security-minded companies. Ensure that sensitive paperwork is unreadable before you throw it away. Like I said, burn it, shred it, or pulverize it to make sure ID thieves can't steal it from your trash. Security is important to your business and your customers. Taking steps to protect the data you're holding can go a long way toward preventing a security breach. Have a plan in place to respond to security incidents. Start by designating a senior member of your staff to implement it. If a computer is compromised, disconnect it immediately from the Internet.

So when it comes to protecting personal information for your business, remember the following principles: Take Stock. Know what personal information you have in your files and on your computer. Scale Down. Keep only what you need for your business. Lock It. Protect the information that you keep. Pitch It. Properly dispose of what you no longer need. Plan Ahead. Create a plan to respond to security incidents. For more computer security tips, tutorials, and quizzes for everyone on your staff, visit www.onGuardOnline.gov. BTW … all of these topics will be discussed in upcoming webinars, “How To” videos and our annual convention.

Investigate security incidents immediately, and take steps to close off existing threats to personal information.

Advertise in the Texas Connection

Consider whom to notify in the event of an incident, both inside and outside your organization. You may need to let consumers, law enforcement, customers, credit bureaus, and other businesses know they could be affected by a breach. In addition, since many states and the federal bank regulatory agencies have laws and guidelines dealing with data breaches, you should talk to your lawyer.

Attention: Insurance Companies, MGA’s, Premium Finance Companies & Insurance Industry Vendors: Check out the rates for the most cost effective method of keeping your message in front of your customers …

I own this business. Will these precautions cost me a fortune?

The Independent Insurance Agent.

I've got good news for you. No, they're not going to cost you a fortune. And frankly, a breach can be much more expensive than implementing a plan up front. But there's no one-size-fits-all approach to data security. What's right for you depends on the nature of your business and the kind of information you collect. Some of the most effective security measures -- using passwords, locking up sensitive paperwork, training your staff -- will cost you next to nothing. In fact, you'll find free or low-cost security tools at non-profit websites dedicated to data security. As I said, good security is just good business.

Ad Size

Monthly

Pre-Pay 6 Issues

Full Page (7.5” x 10”)

$175.00

$900.00

Half - Page (7.5” x 5”)

$100.00

$500.00

Quarter-Page (3.75” x 5”)

$75.00

$375.00

1/8 - Page (3.75” x 2.5”)

$50.00

$250.00

Questions? Contact Eddie K. Emmett at eddie@piatx.org or (770) 312-2342.

Texas PIA’s Texas Connection

Page 22

February, 2014

2014 PIA National Guide to

Member Benefits

PIA: Local Agents Serving Main Street America

For online access to the PIA National member benefits

Business-building tools

Insurance products

> PIA Branding Program. Write more business and demonstrate that you’re a Local Agent Serving Main Street AmericaSM by using our print and radio ads, available in English and Spanish. Look for new marketing tools in 2014.

> PIAPRO E&O. The PIA Professional Liability Insurance Company is a Risk Retention Group (RRG) formed to offer errors and omissions coverage exclusively to PIA members. To see if PIAPRO is available in your state, please go to www.pia-pro.com or contact your local PIA state association’s E&O producer.

They end at competitive rates.

We begin there.

As your local Professional Insurance Agents, we provide competitive rates and a whole lot more: > A choice of companies to better ﬁt your unique needs. Where single company agents, 800 numbers, and websites ﬁt a policy to you, we represent a number of quality companies that offer different policies and optional endorsements.

> Hartford Flood Insurance. Easy enrollment, dedicated local sales directors and book transfer/rollover team, training/CE, free certified zone determinations, 24/7 claims reporting and great commissions. Not comfortable with flood insurance? Try the “Flood Solutions” option, which uses Hartford CSRs.

> E &O insurance. Professional liability, errors and omissions insurance. With access to multiple markets with differing appetites, including admitted and non-admitted markets, chances are we can find the coverage and price that’s right for you, even if you have a more unusual risk. Visit www.pianet.com/eando.

> Rough Notes Producer Online. Helps identify risk exposures and provides detailed coverage analysis. Save up to $1,195 in your first year alone when compared to the regular list price!

> P IA agents umbrella program. Excess insurance protection includes E&O and business liability coverage, with available endorsements for EPL and personal coverage. Coverage not available in all states.

> DocIT from Drivers History. DocIT’s online database of driver violation data helps agents align applicants with the right carrier so they order fewer MVRs.

NEW

> Enhance Insurance by Agoragate. Internet marketing firm Agoragate (pronounced Agra-gate) enables independent insurance agents to dramatically increase their visibility online when people in their communities search the web for insurance.

> I ndividual and group insurance products. Basic, voluntary, and dependent term life; long/short term disability; AD&D; business overhead expense; and hospital income protection for you, your employees, and families. Visit www.piatrust.com.

> Agency Revenue Tools. Boost personal lines sales by engaging in employee worksite marketing using your appointed markets at regular commission rates.

Cutting-edge communications

> Agency websites from Emerald. Cutting-edge website technology tailored specifically for insurance agents. Now it’s easy to have a good looking, user-friendly agency website.

> PIA Connection print newsletter. Award-winning publication packed with news and analysis of national issues, published ten times per year.

> Using the PIA logo. Put the PIA logo on your business card, website, stationery and signage. Order items with the PIA logo in our online store.

> PIA National’s website, www.pianet.com.

> Consumer brochures. Answer your customers’ questions about insurance with PIA’s attractive brochures.

> PIA National Agency Marketing Guide. Hands-on marketing tips from industry experts. Published annually each summer.

PIA Responds to the McKinsey Report

November/December

pages 9-13

2013 National Association of Professional Insurance Agents

Buying Insurance Is Not Like Buying a Song on iTune s page 3

Special Report:

Maximize Your People, Processes and Systems to Increase Sales

PIA National

2013

> Personal support and service. Whether you have a question about coverage or need to submit a claim, we’re here for you— over the phone or face-to-face.

Agency Marketing Guide Brought to you by these

sponsors:

A Berkshire Hathaway Company

Learn more about these PIA National member benefits at www.pianet.com.

A product of the PIA Branding

Program

PIA: Local Agents Serving Main Street America

s listed here, please visit www.pianet.com.

Carrier relations

Tools from The PIA Partnership The PIA Partnership — a joint effort of leading insurance carriers and PIA — develops hands-on tools for PIA member agencies such as: > Closing the Gap — Growth NEW & Profit. The PIA Partnership’s newest tool provides PIA members with calculators so they can project and plan for new business growth and profitability. Agencies are then offered three proven, turnkey approaches for improving retention, sales and account-rounding in their agencies. > Agency Touch Points — The Voice of the Customer. Learn how to capitalize on Partnership research to give personal lines customers what they really want, instead of relying on commonly held misconceptions.

Because good relationships with the carriers you represent are vital to your success, PIA National keeps an open line of communication with insurance companies—and uses it on your behalf. PIA members can constructively voice their concerns, so carriers understand how their decisions affect their agency partners. Our Agency Agreement Review Service, available to both PIA members and carriers, provides an opportunity for PIA to advocate for agents when carriers consider changes to their agreements. Staff highlights concerns for members to consider so they can make informed decisions about the agency agreements that govern their business relationships.

> Practical Guide to Successful Planning. This valuable resource helps agents plan for success within their own agencies and coordinate their plans with those of the carriers they represent.

Through our ongoing activities with The PIA Partnership, PIA agent and insurance company leaders work together to identify areas of opportunity for PIA member agencies. The PIA Partnership then develops handson tools specifically designed for use by agents to help them achieve maximum success. Recent PIA member benefits from The PIA Partnership include Closing the Gap — Growth & Profit, Agency Touch Points — The Voice of the Customer, Reaching Gen Y, the Practical Guide to Successful Planning and Perpetuation Central. These programs are described at left.

Agency management tools

Industry & business affairs

> Reaching Gen Y. This online tool helps agents understand and reach Gen Y age group insurance consumers and convert them into loyal agency customers. > Perpetuation Central. This hands-on, interactive tool guides agencies through the decision-making, planning and implementation steps of agency perpetuation or ownership transfer.

> Agency Agreement Review Service. Free to members and carriers, PIA recommends changes to carriers and highlights concerns for members so they can make informed decisions about the agreements they sign. > Agency Preparedness and Recovery Plan. The PIA guide to creating an agency-specific business contingency plan. > Discounted producer licensing services. Available from Sircon and Central Licensing Bureau. > Prescription discounts. Save money on prescriptions not covered by insurance. Available to PIA members and their clients.

NEW

> Employee profiling. Hire the right people with skills and personality testing from OMNIA. > Discounts on shipping with UPS, calendar products from Mines Press, and car rentals from Alamo. > Free subscriptions to industry publications.

PIA National works with industry groups such as the Association for Cooperative Operations Research and Development (ACORD) and the Insurance Services Office (ISO) to improve processes and address challenges facing the insurance industry. In doing so, PIA works to ensure that changes are in the best interest of agents. PIA also provides our members with practical guidance to help them keep their agency practices in compliance with insurance and general business regulations and more aligned to the way other agencies do business. Guidance is also provided to assist PIA members with protecting their ownership and control of agency expirations.

Learn more about these PIA National member benefits at www.pianet.com.

PIA: Local Agents Serving Main Street America

Legislative & regulatory outreach Whether we like it or not, federal politics greatly affects our industry. That’s why PIA National represents members’ interests on Capitol Hill in Washington, D.C. Our lobbyists ensure that lawmakers understand insurance agents’ positions and how legislation will affect voters back home. PIA National works closely with regulatory and legislative entities across the country, including the National Association of Insurance Commissioners (NAIC), the National Conference of Insurance Legislators (NCOIL), and the National Conference of State Legislatures (NCSL), to ensure that the concerns of independent agents are addressed. PIA holds a seat on the board of the National Insurance Producer Registry (NIPR). PIA is a fixture in countless working groups aimed at modernizing and improving insurance regulation, healthcare reform, producer licensing, flood insurance, crop insurance, and natural disaster planning. PIA fights to protect agents’ interests and ensure they have a seat at the table. Here are some ways you can get involved: > Grassroots alerts. To ensure legislators feel the heat from their constituents, PIA occasionally organizes grassroots campaigns in which PIA members can easily send pre-written, fully-editable letters directly to their elected officials. Send one now by visiting www.piagrassroots.com. > PIA Federal Legislative Summit. The annual spring PIA Federal Legislative Summit (FLS) is a gathering of PIA members who come together in the nation’s capital to meet with their elected representatives. It is an opportunity to meet/reacquaint yourself with your Members of Congress and to discuss issues that are of importance to independent insurance agents. Learn more by visiting www.piafls.com. > District Lobbying Day…Capitol Hill in Your Backyard. Every August, while Congress is in recess and our elected officials are back home in their district offices, PIA members have a special opportunity to positively impact the politics that shape their lives. They do this by meeting with their elected officials and promoting the points of view of Professional Insurance Agents. Resources for these meetings can be found on www.piadld.com.

> PIA Political Action Committee (PIAPAC). PIAPAC is the Professional Insurance Agents Political Action Committee. The PAC contributes to the campaigns of candidates to federal office who share our pro-insurance, pro-business perspective and who support our issues. PIAPAC is funded by the contributions of individual PIA members. To learn more visit www.piapac.com.

PIA Insurance Foundation The Professional Insurance Agents Insurance Foundation (c-3) strives to further the insurance knowledge and education of those engaged in the independent insurance agency system. Its most recent work product, entitled Future of the Business Disciplines, Regulation and Oversight of the U.S. Insurance Marketplace, is a white paper intended to assess the current status of insurance regulation and evaluate the range of potential reforms being discussed in Congress and throughout the insurance industry.

More information For more information about the PIA National member benefits described in this brochure, please visit www.pianet.com.

Contact Us Have a question? Not sure how to access a particular program? Want to vent about something? That’s what your staff at PIA is for. Please feel free to give us a call or send us an email. To find specific PIA National staff members who can assist you, visit our online Contact Us web page: www.pianet.com/contactus. Or call us at (703) 836-9340 or email membership@pianet.org and we’ll put you in touch with the proper person.

National Association of Professional Insurance Agents 400 N. Washington St. Alexandria, VA 22314-2353 (703) 836-9340 membership@pianet.org www.pianet.com 1/14

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

How to get Great at Selling

Stay on top of the latest innovations and technology. Study the companies and individuals to whom you’re selling via the Internet and company websites.

by John Chapin The good news is: There is a clear, proven path to becoming great at selling, the bad news is: There are no short-cuts or magic bullets, it’s going to take some time, effort, and energy to get there.

4) Work on yourself. No one is going to put a gun to your head and make you develop yourself personally and professionally. You have to take responsibility for that yourself and you must push yourself harder than anyone else can possibly push you.

Ten Steps to Sales Greatness 1) Do what the top salespeople do.

Note: It is important to own a knowledge library with sales and motivational books, audio and video programs, and other related information.

This is the most important step to becoming a top salesperson. It’s simple: If you take the same actions as the top salespeople, you will eventually also be a top salesperson. If you do the same things as a mediocre salesperson, you will be a mediocre salesperson. Find the top salespeople in your company and pick their brains. Next, find top salespeople in other industries. Call these people on the phone, e-mail them, take them to lunch or dinner, do whatever you have to do to find out what they do and then do the same things.

Note 2: Find a mentor, hire a personal coach, or do both. You need someone to give you direction and hold you accountable. 5) Set goals. You need goals to give your life direction and to give yourself a target. Your goals can be as simple as doing 125 percent of quota and making the annual awards trip, or as complex as a list of daily, weekly, monthly, and annual goals in all the major areas of your life.

Note: You also want to find out what they did to initially build their businesses. For example, top salespeople may not be doing massive cold calling or working crazy hours anymore, but that’s initially how they got to the top. Initial actions like these are some of the ones you want to copy.

Note: While it’s nice to have material goals, it is more important to have goals in which you become something. “Becoming” goals do much more for your happiness, self-confidence, and self-esteem.

2) Learn everything you possibly can about the subject of selling. Read, listen to programs, watch videos, and study everything you can get your hands on that relates to selling. Be a sponge and absorb as much information as you can. Realize that no matter how much you know, there’s always more to learn. 3) Learn everything you can about your industry and your prospects. Join industry organizations. Read industry publications, newsletters, and magazines. Read “local” sources such as newspapers and other news bulletins that are printed in the geographic proximity of the companies you’re interested in. Look for breaking news, new products, new laws, regulations, or changes in legislation, interesting articles, stories on people making an impact in the industry, and other pertinent information. Texas PIA’s Texas Connection

6) Record new ideas and develop new information. Always have a recorder and/or pen and paper in your car, by your bed, at your desk, and everywhere you go so you can record good ideas as soon as they hit you. Once you’ve captured some good ideas, develop them further and review your notes regularly. 7) Practice, drill, rehearse, and apply new ideas. Take sayings, closes, and other information you like and make them your own. Practice them on peers, family members, and friends. Most important, look for places to use these new ideas in real-world selling situations. 8) Review motivational and educational information often. Continued on page 30

Page 27

February, 2014

“ What’s the harm in a little water?” Real facts about flood protection

You’ve worked hard to live the dream of owning a home or business. Most of the time, hard work, property insurance and a little luck are enough to keep both safe from harm. Then along comes a flood through a hurricane, rapid snow melt, new development in your area, or rain that just won’t go away. It happens more often than you might think: If your property is in what is called a “100-year floodplain”, for instance, you have a one in four chance of a flood during the life of a 30-year mortgage.1 Greater odds than many other risks, including fire.

Let the facts be your guide A flair for flood protection: The Hartford has been a leading carrier for federal flood insurance for nearly three decades. All policies are written subject to the National Flood Insurance Program, administered by FEMA.

Some common misconceptions about floods and flood insurance: “I’m protected. I have property insurance.” Normally, homeowners insurance or your commercial/Business Owner’s Policy exclude flooding. “Fire is my number one fear.” Understandable. But in reality, flood is the number one natural disaster in the U.S.2 “A little water couldn’t result in that much damage.” Think again. And see the chart on the next page.

continued

One inch of water can add up to thousands3

Put a wall of protection around what’s yours

It doesn’t take a foot of water to ruin property and goods. Consider a 1,000-square-foot home and the damage that can result from just one inch of water:

With federal flood insurance, you can protect your buildings and contents from damage caused by rising water from a flood. You can purchase a policy to protect the following:

Personal items (clothing, television, stereo)

$250

Accent furniture (floor lamps)

$70

Washer/dryer

$70

Computer accessories

$40

Living room furniture

$250

Kitchenware & food

$100

Bedroom furniture

$150

Appliances

$70

Kitchen & bathroom cabinets

$50

Finished floor/wood/carpet Electrical & plumbing

$7,900 $150

Doors & base trim & windows

$450

Cleaning

$850

Grand Total

$10,400

Without flood protection, you could bear responsibility for all of the above. Why leave yourself vulnerable, when policies start as low as $129 a year for a preferred risk policy?

The standard policy provides separate coverage options to protect against damage to: • The building itself

• Its contents

• Or both

Depending on your need, you may decide to purchase both to protect against damage to: •S tructural elements, such as walls, floors, equipment and fixtures •T he property’s contents, such as furniture, appliances, wall and floor coverings •P ersonal items, such as clothing, audio equipment and televisions

Don’t wait until water is at your door Consider purchasing flood insurance sooner rather than later. Keep in mind that there’s often a 30-day wait after purchase for the policy to take effect. So call your independent agent today about flood insurance through The Hartford. It’s rainy day protection that could help save your most valuable investment: your home or business. www.thehartford.com/flood

Map your risk. The Federal Emergency Management Agency (FEMA), which administers flood insurance, works with local communities and experts to revise aging flood maps in communities across the country. You can get a detailed, digital flood hazard map of your area by visiting: www.floodsmart.gov/floodsmart/pages/flooding_flood_risks/understanding_ flood_maps.jsp. Let your Hartford agent help you interpret it. 1,2,3

Source: floodsmart.gov

All policies are written subject to the National Flood Insurance Program. Please note that this product is available in most states. Features and credits may vary by state. For simplicity, this brochure does not include all the features, exclusions and limitations of the policy. For full information, The Hartford suggests that you read your policy or consult with your independent agent. On all losses and claims, policy terms apply. All information and representations herein are as of October 2013. 13-0287 Printed in U.S.A. © October 2013 The Hartford Financial Services Group, Inc. All rights reserved.

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

John Chapin Continued from page 27 Actively listening to tape and CD programs while taking notes is the optimal way to learn, however, passive listening in the car or elsewhere will also work. To absorb tape and CD programs through passive listening, listen to them ten to fifteen times. With books and other written material, read them, take notes, highlight sections, and then review your notes and highlighted sections ten to fifteen times. With videos, watch them, take notes, and then review.

Membership & General Information Joe Tipton Membership Director

Again, you also want to be looking for ways to apply the new information.

PO Box 700877, Dallas, TX 75370 TEL: 972-862-3333

FAX: 972-307-7888

Cell: 972-965-2025

Joe@PIATX.org

PIA National

9) Work hard and smart. Obviously it’s better to work smarter than harder and yet, there are some areas, especially when you are just starting out, where smart work won’t replace hard work.

www.pianet.com

E&O Solutions

That said, here are the best ideas for working hard and smart:

Renewing your E&O every year isn’t much fun, is it? Don’t you want to make sure that you’re getting the best price for the best coverage you can get on your renewal?

a) Do what the top salespeople do, as we’ve already discussed. b) Make more calls and work longer than anyone else.

Why not compare with another company for your peace of mind?

c) Be persistent. d) Use your time effectively.

It costs you nothing and you don’t have to be a member of PIA of Texas to move your coverage. Go to the E&O Program link at www.PIATX.org and print the applicable application and e-mail or fax it to us. Do you want higher E&O limits but your carrier won’t quote what you want? That’s not a problem. Go to the E&O Program at www.PIATX.org and print the umbrella application from the link shown. Fill out the application and send it to us.

E&O Contacts

Houston area

Dallas area

Bob Dixon

Ray Reyes

bdixon@piatx.org

ray@piatx.org

866-577-7428

214-618-2365

832-375-0787

Texas PIA’s Texas Connection

e) Stay organized. f) Come up with “smart” ideas and alternatives. Note: Your overall objective early on is to be known as the hardest worker in the office. The fastest way to do this is by making more calls than anyone else and putting in more hours. 10) Pick the right product and company. To be successful takes a good product and good support. If you are missing one or both, any success will be short-lived. Pick a product you can believe in and a company with people and support that will back you up. It’s important to represent a product or service that works well, provides value to your customers, and makes you and your company look great. It’s also important to be able to get along with your manager and other people you work with. John Chapin is an award winning sales speaker and trainer. For his free newsletter, or if you would like him to speak at your next event, go to: www.completeselling.com John has over 26 years of sales experience as a number one sales rep and is the author of the 2010 sales book of the year: Sales Encyclopedia. For permission to reprint, e-mail: johnchapin@completeselling.com.

Page 30

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

We are Expert Witnesses on the subject of agency valuation as well as on other topics of insurance agency norms and common practices. When we encounter accountants or appraisers in courtroom situations, we can quickly discount those claim to valuations based on multiples is simply “industry averages” taken from articles published by others. When we encounter agency valuation professionals who understand the nuances that could make your $1 Million agency worth $400,000 or $4,000,000 but still try to oversimplify their results by multiples, we simply ask them how a single multiple addresses issues like:

DEBUNKING AGENCY MULTIPLE CALCULATIONS Every generation of agency owners try to identify the value of their agencies – for estate planning, for buy-ins and buy-outs, for mergers, acquisitions, sales and internal perpetuation. They simply want to know how much they can expect to receive for the value of their asset when it comes time to cash out. And, in every generation, some professionals with lists of initials next to their names try to provide the simplification that the agency owners desire by offering various methods as a solution to the valuation dilemma. The most incompetent pseudo-professionals simply state one or several multiples and would lead you to believe that if you have a business called an insurance agency, that this multiple defines your value regardless of the complexion, location, history, size, staffing, or customer base of your particular business.

Personal Lines and Small Commercial agencies vs. Specialty and large lines agencies Agencies in which several accounts (potentially related to the agency owner) comprise high percentages of agency income.

The competent, but misled appraisers, who understand the methods of determining future earnings of a business to determine its value, still try to simplify the process by averaging the work that they have done to establish average multiples of a variety of measurements to try to help the agency owners determine their own values.

Agencies that are consistently profitable and growing vs. agencies of similar size who are stable, stagnant or shrinking or who overspend their revenues annually. Agencies whose owners are the primary relationship manager for the majority of its specialty accounts vs. agencies whose owners are drivers and managers but whose customer base forms relationships with producers and other agency staff and would stay regardless of the continued presence of the current owners.

How much credibility would you allow me if I told you that every 3 bedroom house was worth $200,000? After all, if I’ve valued 10 or 100 or 1000 houses (properly) and the average was $200,000, would you feel comfortable buying your next house (or selling your current one) based on that valuation alone? If not, why would you consider buying or selling an agency for two times (anything) based on someone telling you that it is an ‘industry average’ or an average of the transactions they have done in a year, five-year or ten year period? Who creates the industry average? We appraisers of insurance businesses certainly don’t share our results with each other? There is NO central resource for privately held business transactions in our industry and no one has the temerity to start one for fear of accusations of collusion. The only transactions that are readily available are those of the major publicly held companies who purchase $10 million and $20 million revenue (not premium) firms and above in which the price is made public (but not the conditions affecting the price that certainly changes the net value of the business being transacted over time).

Texas PIA’s Texas Connection

Realistically, the professional appraisers will take every one of these (among several hundred other factors) into consideration when creating a potential future earnings stream and a Risk Discount to apply to those potential earnings when creating a proper valuation for an agency. This process takes time and a great deal of data and questions and answers with the agency principals. Simplifying this process into a single or series of “multiples” does a disservice to the agency force because they might actually believe that a 1.75 or 2 times multiple would work as well as the valuation process, itself.

Page 31

Continued on page 32

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org DEBUNKING AGENCY MULTIPLE CALCULATIONS A worse indicator that you should be paying attention to your agency’s value occurs when friends of yours – Continued from page 31 contemporaries – start retiring or dying. THAT WILL SHOCK YOU AWAKE! Even worse is that first major They will not. Valuations created by the multiples illness that either you or a loved one experiences that is averages of revenue, net income (profits), earnings, or God’s way of telling you there are more important things EBITDA (Earnings Before Interest, Depreciation and in the world than coming to work every day. Amortization) are VALUATION VOODOO. Valuations done properly may be defined as a multiple for simplicity, but must be created by actually doing the work of The simplest definition of AGENCY VALUE: revenue and expense trending and risk analysis to create the Future Earnings Potential that forms the basis At some point every agent will consider what his of all proper valuations. asset is worth -- now and for the future. And, “No, Virginia, there may be a Santa Claus, but there is no If you have a valuation done on your agency, standard multiple that properly defines the value of any demand to see the actual work effort and the insurance agency.” The stories you’ve heard about 1.5 assumptions made by the appraiser as a part of the times, 2 times, or more is fiction. Someone has actually published appraisal. If any of that work is defined by a determined how much they can earn from an agency multiple (instead of defined by the work effort and and defined it (backwards) in terms of a multiple (of converted into a multiple), decline the valuation. If something intelligible to the audience) to make it easier audited by the IRS, they will likely ask for the proof of for an owner to understand. And, in its simplest terms, that multiple. If you or the appraiser can’t provide that that is exactly what the value of your agency is, the proof, they will invalidate the valuation and demand a earnings potential over a reasonable period of time for different value for tax purposes. the person doing the valuation (whether that’s the We charge fairly for our valuation services. Many existing owner or someone looking to purchase an appraisers charge much more but few can afford to agency). charge less because we do so many every year. But be If you are in your 30’s and 40’s and just getting into warned. If any accountant or appraiser charges you agency ownership your major awareness is that the more than a few hundred dollars for his time to provide agency that you are building will someday have a value you with a letter indicating that your value is defined by a that can provide you and your family with a more certain “multiple” of some financial factor, you have been comfortable future. You need to determine the on-going sold the equivalent of a bottle of Valuation Snake-Oil. value of your asset for purposes of estate planning while you and your family are still young.

WHY VALUE YOUR AGENCY?

When does agency value begin to carry a level of importance instead of being a ‘footnote’ in your business life? Most agents are too busy making a living and putting out fires to worry about the value of their agencies. The value is only important when we die or if we’re ready to sell the agency! Most of us consider ourselves in the prime of life, certainly not worried about the esoteric “value” of a business that is making us a living every year. The average of insurance agency owners increases every year. One day you are busily taking care of your clients then, when your 50th, 55th, or 65th birthday celebration happens, you realize that, like it or not, you’re no longer a ‘spring chicken’ and you have more years behind you in your career than in front of you. Suddenly the value of your business asset becomes a higher priority! Birthday progression and cakes that look more like brush fires than birthday celebrations every year are the easiest and most pleasant reminders that your agency value REALLY MEANS SOMETHING.

Texas PIA’s Texas Connection

If you are in your 50’s it’s time to posture your agency for a time in the future that you either internally or externally perpetuate your business either when you retire or while you are still young and vigorous enough to enjoy the fruits of your labors without necessarily stopping working. You may not be ready now for (or ever want) the rocking chair or golf clubs every day but wouldn’t it be nice (while you are still working) to have that nest egg mature and throw off money for you to invest or spend? If you are in your 60’s or later, you have a more serious and pressing issue. You are ten or less years away from wanting or needing to retire and you have built an asset the value of which you must identify to determine how and what you are going to do with it. I have met many agents who have made their fortunes and careers without the need for the value of the agency. That value will accrue to their beneficiaries, families or next generations of owners. Yet, without knowing the value of the agency you may be passing more taxes and liabilities than assets to generations to whom you think you are performing a favor. Continued on page 33

Page 32

February, 2014

More Tips ‘n Tools for Professional Insurance Agents at www.PIATX.org

http://www.accuauto.net/insuresign-electronic-signature.html Partnership retirement and funding those buy-outs require valuation ahead of the buyout to properly assure funding options.

Why Value Your Agency? Continued from page 32 Whether or not you are ready or serious about selling or perpetuating your agency, I recommend that you either create your own valuation or assign us to identifying the value of your agency – NOW while the pressure for taking action may not be imminent. The cost is not high and annual valuation updates are minimal compared to the pressing need that will occur if something bad happens that requires an immediate valuation. Valuation Types: Agency Consulting Group, Inc. values agencies annually for internal purposes (estate planning, key man insurance, buy/sell agreements, partnership values and buy-ins, ESOPs). If you’d like to do it yourself, we even have a tool that will allow you to estimate your own value. Call us and we’ll talk to you about the best way to value a Going Concern.

Of course, acquisitions, mergers and sales of agencies seriously require third party valuation to assure both buyer and seller of the value of the asset under the specific circumstances of the transaction being considered. Call Al or David at 856 779 2430 and we’ll be happy to discuss your particular situation and how best to determine the value of your business. I’ve never seen a headstone that read “He Was A Great Insurance Agent” and working every day until he’s 90; is not a testament to hard work, it’s a definition of someone who didn’t plan his life very well. Agency Consulting Group, Inc. THE PIPELINE | DEBUNKING AGENCY MULTIPLE CALCULATIONS | Copyright © 2014 Agency Consulting Group, Inc. Agency Consulting Group, Inc. | 800-779-2430

Perpetuation plans that transition ownership from one generation of owners to another also requires regular valuation. Both old and new owners become very aware of the ingredients that increase or decrease the value of the business.

Texas PIA’s Texas Connection

http://agencyconsulting.com

Page 33

February, 2014

Did you know that PIA works with some of America’s largest carriers to create sales tools for PIA members? It’s true. We create new tools every year and we just created one of our best yet. Best of all it doesn’t cost PIA members a dime. Closing the Gap – Growth & Profit is a new tool designed to help independent insurance agencies achieve growth and profitability. Agencies begin with calculators created to project their sales and revenue, comparing various ways in which their own retention rates, premium rates and commissions factor into agency profitability. Agencies can then create “what if” scenarios and improve their bottom-line results by adjusting factors including improved retention, increased sales goals and ramping up account-rounding activities. Agencies are then offered three, proven, turnkey approaches for use in their own agencies to achieve their goals. PIA members, get started at http://agency-growth-profit.com. If you are not yet a PIA member, please consider joining today. Contact us for a membership application or visit us online at www.pianet.com/joinpia. Closing the Gap – Growth & Profit is brought to you by PIA and The PIA Partnership companies: Encompass Insurance; Erie Insurance; Harleysville Insurance; Liberty Mutual Insurance; MetLife Auto & Home; Progressive Insurance; Selective Insurance Group; State Auto Group; The Central Insurance Companies; The Hanover Insurance Group; The Hartford; The Motorists Insurance Group; and Travelers.

National Association of Professional Insurance Agents 400 N. Washington St. Alexandria, VA 22314-2353 www.pianet.com membership@pianet.org (703) 836-9340

PIA Member Webinars: Closing the Gap – Growth & Profit The PIA Partnership is hosting two webinars to help PIA members learn about their newest tool, Closing the Gap – Growth & Profit. To attend one of these 30 minute webinars, simply register via the links below. March 5, 2pm Eastern webinar. Register: https://attendee.gotowebinar.com/register/1496820510993581569 March 20, 3pm Eastern webinar. Register: https://attendee.gotowebinar.com/register/1702340124946168834 Closing the Gap – Growth & Profit is a new tool designed to help independent insurance agencies achieve growth and profitability. Agencies begin with calculators created to project their sales and revenue, comparing various ways in which their own retention rates, premium rates and commissions factor into agency profitability. Agencies can then create “what if” scenarios and improve their bottom-line results by adjusting factors including improved retention, increased sales goals and ramping up account-rounding activities. Agencies are then offered three, proven, turnkey approaches for use in their own agencies to achieve their goals. Get Started Now: Access the promotional website for this new tool at http://agency-growth-profit.com. If you are ready to get started, visit PIA National’s website at www.pianet.com/piapartnership/growthprofit where you can log in and access the fully functional tool. Closing the Gap – Growth & Profit is brought to you by PIA and The PIA Partnership companies: Central Insurance Cos. Encompass Insurance Erie Insurance Hanover Insurance Group Harleysville Insurance Liberty Mutual Insurance MetLife Auto & Home Motorists Insurance Group Progressive Insurance Selective Insurance Group State Auto Group The Hartford Travelers