Public Risk July/August/September 2023

SEAN CATANESE: CHAMPION OF RISK MANAGEMENT AWARDED PUBLIC RISK MANAGER OF THE YEAR

ALSO IN THIS ISSUE

A RISK MANAGEMENT CHALLENGE: IMAGINING THE UNIMAGINABLE PAGE 9

MAINTAINING RELIABLE DELIVERIES IN UNCHARTED WATERS: EQUIPMENT BREAKDOWN PAGE 12

ETHICAL RESPONSES TO ALLEGATIONS OF SEXUAL MISCONDUCT — ARE YOU PREPARED? PAGE 15

INFECTIOUS DISEASE PREVENTION AND PROTECTION AT THE WORKPLACE: HOW COVID-19 IS SHAPING PROGRAMS GOING FORWARD

BIG IDEAS.

SMALL SETTING.

PRIMA INSTITUTE 2023

The Industry’s Premier Risk Management Educational Program

October 16–20 // New Orleans, LA

Reserve Your Hotel Room at the Le Meridien New Orleans Room Block Closes: September 24, 2023

PRIMA Institute 2023 (PI23) is an innovative educational symposium comprised of fundamental risk management curriculum, outstanding faculty, and excellent networking opportunities.

PI23 is aimed at new and seasoned risk management professionals who want to learn more about emerging trends and best practices.

The Public Risk Management Association promotes effective risk management in the public interest as an essential component of public administration.

CONTENTS

PRESIDENT Laurie Olson, EMPA

Sr. Risk Management Consultant City/County Insurance Services

Lake Oswego, OR

PAST PRESIDENT Scott J. Kramer, MBA, ARM County Administrator

Autauga County Commission

Prattville, AL

PRESIDENT-ELECT

Adam F. Maxwell, CLRP

Director, Administrative Services City of Westerville Westerville, OH

DIRECTORS

Sean Barham, MBA, ARM Executive Director of Human Resources

Las Cruces Public Schools

Las Cruces, NM

Dana S. Henderson, CWCP

Risk Manager Town of Mount Pleasant

Mount Pleasant, SC

Chester Darden Director of Loss Control

Public Entity Partners

Sean Catanese: Champion of Risk Management Awarded

Public Risk Manager of the Year

Franklin, TN

Steve M. LePock, II

Risk Manager

Virginia Beach City Public Schools Virginia Beach, VA

Adam F. Maxwell, CLRP

Director, Administrative Services City of Westerville Westerville, OH

Joe Costamagna

Risk Manager Schools Insurance Authority

Santa Rosa, CA

NON-VOTING DIRECTOR

Jennifer Ackerman, CAE Chief Executive Officer

Public Risk Management Association

Alexandria, VA

MANAGING EDITOR

Claire Howard 518.360.3285

Claire.Howard@CLHCosmo.com

ADVERTISING

Claire Howard 518.360.3285

Claire.Howard@CLHCosmo.com

Public Risk is published 6 times per year by the Public Risk Management Association, 700 S. Washington St., #218, Alexandria, VA 22314 tel: 703.528.7701 • fax: 703.739.0200

email: info@primacentral.org • Web site: www.primacentral.org

Opinions and ideas expressed are not necessarily representative of the policies of PRIMA.

Subscription rate: $140 per year.

Back issue copies for members available for $7 each ($13 each for non-PRIMA members). All back issues are subject to availability. Apply to the editor for permission to reprint any part of the magazine.

POSTMASTER: Send address changes to PRIMA, 700 S. Washington St., #218, Alexandria, VA 22314.

Copyright 2023 Public Risk Management Association

Benefits of Developing Your Own Personal Code of Ethics

It was an absolute pleasure to see everyone together in Long Beach for the 2023 annual conference.

I want to extend a special thank you to our corporate partners, sponsors, speakers, and exhibitors who played a huge role in creating such a great networking and educational opportunity for all of this years’ attendees. I’m already excited to do it all over again in Nashville for the 2024 conference next June.

Congratulations to Sean Cantanese as the recipient of the PRIMA Risk Manager of the Year, and to the other award winners who continue to stand out and advance the Risk Management profession.

The same week as our conference, I graduated from an MPA program. Of the many cool things that we did as part of the coursework, one of my favorites was to develop a personal code of ethics. Previously, I had only thought generally about what was important to me, but going through the process of actually developing my own code of ethics was empowering. Similar to developing a company’s value statements, it is challenging to consciously think about what really drives you personally and professionally. I’d encourage each of you to consider this process.

It starts with a small statement of what is important to you — sort of like a personal mission statement. Then you list the values that define your ethical parameters. I tried to find some descriptive words that would really encompass who I am and some that I have not yet developed fully. Since I’ve taken this ethics class, my list has somewhat evolved, and I am surprised at how often I refer to it. I also created my own definitions for each of the words to really reflect what I wanted them to

mean as they specifically relate to me. I’ll share my list, so you get an idea:

Respect. Trust. Integrity. Empathy. Openmindedness. Walk-the-walk.

For me, these ethical words, and phrases, as well as the personal definitions I attached to them, is a way of checking in with myself. I’ve even considered adding these words to my office walls as a reminder of what should guide me in my daily decision making. I encourage you to consider developing your own!

Again, thank you to all who attended this year’s conference. I hope you enjoyed it. The

PRIMA staff and the Conference Planning Committee are already hard at work developing sessions and venues for next years’ conference. I can’t wait to see you all in 2024 at the Opryland Gaylord when we get together once again, for great education, networking and fun! Be Safe!

Sincerely,

For me, these ethical words, and phrases, as well as the personal definitions I attached to them, is a way of checking in with myself. I’ve even considered adding these words to my office walls as a reminder of what should guide me in my daily decision making. I encourage you to consider developing your own!

PRIMA President 2023–2024

NEWS Briefs

UPDATED X-RAY MACHINES THAT USE AI TO SEARCH BACKPACKS APPROVED FOR MORE THAN 100 CHICAGO PUBLIC SCHOOLS BUILDINGS

Sarah Macaraeg| Yahoo News | July 26, 2023

New X-ray machines will greet some Chicago Public Schools students after they return to classes in the fall.

At a Board of Education meeting, members unanimously approved a $1 million contract authorizing the purchase of X-ray machines that use artificial intelligence to detect firearms, knives and ammunition in small bags, backpacks and briefcases, according to vendor LINEV System’s specifications of the model contracted by CPS.

At a board committee meeting, the district’s chief of safety and security, Jadine Chou, said the one-year renewal agreement will primarily fund the replacement of existing X-ray machines, which are present in 108 elementary and high schools. With the machines costing $14,000 each, according to Chou, the contract could allow for the purchase of up to around 70 units, not counting an unspecified amount to be set aside for installation, training and maintenance.

“It would be great if we come back and we don’t use all of that or any of that,” Chou said. “But I know the reality of our inventory is that inevitably we’re going to need some of that.”

Read More:

https://news.yahoo.com/updated-x-raymachines-ai-001700503.html?fr=sycsrp_catchall

NEW $200 MILLION FCC PROPOSAL COULD HELP SCHOOLS COMBAT CYBER ATTACK ONSLAUGHT

MinnPost | Mark Keierleber | July 25, 2023

As ransomware and other cyber attacks become an increasingly potent threat to schools nationwide, a proposal by Federal Communications Commission Chairwoman Jessica Rosenworcel seeks to create the first federal funding stream to help districts fight back.

A three-year pilot program announced by Rosenworcel could invest up to $200 million to enhance cybersecurity in schools and libraries, yet the full proposal hasn’t been released publicly and education experts said far more would be needed to make a meaningful difference. And it could be months — if not more than a year — before the help makes its way to schools as education groups demand a more urgent federal response.

As districts become “a prime target for cyberattacks,” the proposed pilot “will give us valuable insight about whether and how the FCC can leverage its resources to help address the cybersecurity threats that schools and libraries face,” Rosenworcel said in a July 12 speech before AASA, The School Superintendents Association and the Association of School Business Officers International.

Education groups and school leaders have been calling for several years on the federal government to help schools bolster their cyber defenses and the pilot deviates from what many had suggested. The FCC had previously considered allowing districts to spend federal E-Rate funding on cybersecurity, a move that more than 1,100 school districts endorsed in a joint letter last year.

Yet officials at the national superintendents’ association worried that using E-Rate funds was a diversion from the program’s mission of helping schools and libraries connect to the internet, said Noelle Ellerson Ng, the group’s associate executive director of advocacy and governance. She said the group supports the pilot because it remains separate from E-rate while still giving districts more money to protect their data.

Read More:

https://www.minnpost.com/other-nonprofitmedia/2023/07/new-200-million-fccproposal-could-help-schools-combat-cyberattack-onslaught/

HEAD OF U.S. CYBERSECURITY AGENCY SEES PROGRESS ON ELECTION SECURITY, WITH MORE WORK NEEDED FOR 2024

Efforts to protect the nation’s election systems have grown exponentially since the 2016 presidential election, but more is needed to defend the integrity and resiliency of the election process ahead of next year’s vote, the head of the nation’s cybersecurity agency says.

Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, known as CISA, announced plans to boost resources within the agency, hiring 10 additional election security specialists who will be across the country to interact directly with state and local officials. Easterly made the announcement at the summer conference of the National Association of State Election Directors in Charleston, South Carolina.

“Our capabilities and posture in this area is simply night and day when you compare it to 2016,” Easterly told the officials gathered for her speech. “Despite this progress, we know there is more we have to do and that we must remain vigilant in the face of new and evolving risk.”

CISA is charged with protecting critical infrastructure, including the nation’s dams, banks and nuclear power plants. U.S. voting systems were added after the 2016 election and Russia’s multipronged effort to meddle.

Read More:

https://theeagle.com/news/nation-world/ head-of-us-cybersecurity-agency-seesprogress-on-election-security-with-morework-needed-for/article_55700e3c-fef65d91-b6e0-ebfc0aefd7c0.html

GOOGLE ANNOUNCES INAUGURAL COHORT IN CYBERSECURITY INITIATIVE

Cornell University | Patricia Waldron | July 25, 2023\

Researchers from Cornell Tech and the Cornell Ann S. Bowers College of Computing and Information Science are part of the first cohort of participants from four institutions to receive funding from the Google Cyber NYC Institutional Research Program, a Google-funded initiative to improve standards of online privacy, safety and security, and to establish New York City as the epicenter of cybersecurity research.

In partnership with Google, seven projects from Cornell faculty have been selected that combine basic research with computer innovations to expand our understanding of – and provide solutions to – cybersecurity issues in society. Each team will work with a Google sponsor and receive funding and access to Google Cloud Platform credits for up to three years.

“Through support from Google and in collaboration with our partners, New York will emerge as the hub for cutting-edge exploration and innovation in the fields of cybersecurity, trust, and safety,” said Greg Morrisett, the Jack and Rilla Neafsey Dean and Vice Provost of Cornell Tech and principal investigator for Cornell.

Along with Cornell, three other schools will receive funding through the program: City University of New York, Columbia University’s Fu Foundation School of Engineering and Applied Science and New York University’s Tandon School of Engineering. The Google Cyber NYC Institutional Research Program is part of the $10 billion cybersecurity initiative announced in 2021.

“Google is dedicated to forward-thinking and responsible AI development,” said Phil Venables, Google Cloud chief information security officer. “We are excited to partner with these leading institutions in AI through the Google Cyber NYC Institutional Research Program to address the ever-evolving threat landscape in cybersecurity.”

Beyond advancing digital technologies that increase digital trust and safety, the funding will also enable Cornell Bowers CIS to expand its leadership in the field of cybersecurity and increase the number and diversity of qualified cybersecurity professionals entering the workforce.

Read More:

https://cis.cornell.edu/google-announcesinaugural-cohort-cybersecurity-initiative

SEAN CATANESE:

CHAMPION OF RISK MANAGEMENT AWARDED PUBLIC RISK MANAGER OF THE YEAR

IN THE VAST LANDSCAPE OF RISK MANAGEMENT, certain individuals stand out for their exceptional contributions in safeguarding public interests. Sean Catanese, the Enterprise Risk Management (ERM) Program Manager for King County, Washington, is one such luminary. This article celebrates Sean’s exemplary achievements, as he is recognized as the esteemed Public Risk Manager of the Year by the Public Risk Management Association (PRMA). From developing an outstanding risk management program to providing mentorship and thought leadership, Sean’s journey is nothing short of inspiring.

A VISION OF EXCELLENCE:

King County, with its diverse operations and services catering to over 2.3 million residents, presents a complex risk management challenge. Sean’s journey began in 2014, where he took on the task of developing and implementing a risk management program that could effectively address the county’s unique needs. From a nascent concept, Sean nurtured the ERM program into a mature system that adheres to ISO 31000 best practices. “This work requires allyship from peers, experienced mentorship, and supportive leadership. Our Enterprise Risk Management program in King County may have only one person assigned to manage it, yet I am – thankfully – not doing this work alone. I have been fortunate and privileged to have the support of peers, mentors, and leaders – too many to name them all here.

But I’ll at least try. I particularly want to thank Charles Gray, Erike Young, Lisanne Sison, and Grace Crickette. Each of them guided me early in my career. They each contributed vitally to my understanding of enterprise risk management.”

BUILDING A SUCCESSFUL RISK MANAGEMENT PROGRAM:

Sean’s strategic vision laid the foundation for a successful risk management program at King County. The ERM program aimed to proactively identify and assess high-priority risks across various departments while improving risk controls. Through collaboration with stakeholders and rigorous risk assessments, Sean crafted a dynamic risk appetite statement and an advanced enterprise risk register to guide decision-making.

NAVIGATING COMPLEX INSURANCE AND RISK FINANCING:

The insurance market presented challenges for a large public agency like King County, particularly in the face of evolving risk landscapes. Sean’s holistic approach to risk management, aligned with the principles of ERM, became a guiding light. While Sean and the ERM program had a supporting role, their insights influenced discussions with reinsurers regarding the county’s risk approach.

EMPOWERING LOSS CONTROL INITIATIVES:

As the administrator of King County’s $2 million biennial loss control fund, Sean’s support enabled agencies to address emerging third-party liability risks proactively. Projects spanned diverse areas, from reducing environmental hazards in parks to cybersecurity enhancements. One standout project led by the ERM program, in partnership with Public Health Seattle King County, succeeded in significantly reducing the risk of a large-scale hepatitis A outbreak.

SUPPORTING RISK MANAGEMENT GOALS:

Sean’s role extended beyond program implementation, as he became a mediator between departments with potentially conflicting risk appetites. His efforts to align risk-related decisions with the county’s True North and values ensured balanced risk-taking for successful outcomes. “We’ve established systems and processes to manage risk that also fulfill our commitments to equity, and racial and social justice.”

LEVERAGING TECHNOLOGY FOR EFFECTIVE RISK MANAGEMENT:

Recognizing the power of technology, Sean led the establishment of King County’s electronic claims portal, revolutionizing the tort claim filing process. The portal improved claim submission times, resulting in more efficient and cost-effective resolutions.

MENTORSHIP AND THOUGHT LEADERSHIP:

Sean’s influence extended far beyond King County, as he became a respected mentor for risk managers across the country. His guidance covered various aspects of risk management, from ERM implementation to equity-focused customer service. Through thought-provoking publications and engaging presentations, Sean shared his expertise with industry peers, further advancing the field of risk management.

The journey of Sean Catanese embodies the spirit of dedication and innovation in risk management. From designing a successful risk management program to fostering a culture of proactive risk awareness, Sean’s contributions have left an indelible impact on King County and the broader risk management community. As the Public Risk Manager of the Year, Sean’s legacy will undoubtedly continue to inspire future generations of risk managers to strive for excellence and make a positive difference in the world.

Claire Howard

and Branding Consultant CLH Cosmo

Early in my career, one of my mentors told me in a particularly challenging moment, “If you’re doing this work alone, you’re probably doing it wrong.” And they were right. This work requires allyship from peers, experienced mentorship, and supportive leadership.

IMAGINING THE UNIMAGINABLE

THE BIPARTISAN 9/11 COMMISSION, which evaluated our preparedness and response to the attacks of September 11, 2001, famously concluded that the attacks reflected a failure of the imagination on the part of the intelligence community.

We knew that terrorists could hijack planes (there were almost 200 hijackings between 1968 and 19701), and we knew that terrorists were quite willing to blow themselves up in the service of killing innocent people. Somehow, the intelligence community did not imagine linking these two known threats together –despite the fact that there were hints and signs that airliners could be used as weapons.

Flash forward 20 years when we faced a new, now biological threat. The responses of the various governments (federal, state, local) could be described at best as uncoordinated, and at worst as incoherent (remember the admonitions to have your Amazon packages delivered six feet from the front door and to leave them untouched for three days?). And yet, here again, there had been previous pandemics,

albeit more localized, from which we could have learned much.

And this is where this article comes in. It turns out that, about 10 years earlier, in 2008 some 10,000 people had participated in a simulation run by the Institute for the Future in Palo Alto, California. They were asked to imagine and game out the full range of ripple effects

of a global respiratory pandemic – social, political, economic, personal. They anticipated lockdowns, mandated mask wearing, schools closings, severe travel restrictions, mothers having to quit their jobs, etc. And they anticipated all the push-back, the financial issues, the politics, etc. When COVID arrived, they reported coping much better than the rest of us: imagining that future had helped them pre-process the anxiety, uncertainty, and sense of helplessness, so that they could move more rapidly to adapt and act resiliently when the future was here. It was as though they’d been there before. Much of the discussion that follows derives from that work, and particularly the work of Dr. Jane McGonigal.2

Gaming out future scenarios is a game of probabilities: Of the pool of all possible events, only some will come to pass. Therefore, the object here is not so much to predict what will happen, but rather to anticipate how to react if X does happen. And it turns out that there is a way to do that.

There are three key points to Imagining the Unimaginable. First, think far enough from the here and now that you can shed many of your assumptions that tomorrow will be pretty much the same as today and as yesterday. Second, get down from the 30,000 – foot level and focus on the details. And third, look for breadcrumbs. To do this requires both a change in attitude and developing some targeted strategies.

Let’s start with the timeline. Dr. McGonigal suggests a 10-year horizon. That’s far enough away for things to have changed but not so much that we can still understand the context for the “event.” Ten years may not seem like a long time, but most people rarely or ever think of more than a year ahead. And yet, major changes can take place in a decade. It took 10 years to go from the first iPhone to most people on this planet having a smart phone (2007-2017), for Facebook to go from one to one billion users (2004-2015), and again 10 years from the founding of Uber and Airbnb to having 36 percent of U.S. workers engaged in some form of “gig” work (2008-2018).

Having set your sights on a decade from now, create the event in your mind. Start with

the details. You wake up 10 years from now. Where are you? Is anyone with you? Where is the bathroom? What are you wearing? What are your plans for the day? What’s the first thing you’re going to do? The idea is not simply to create a 30,000-foot event, but to put yourself smack in the middle of it. Ten years from now, you’ll most likely be the same person, with the same set of friends and hobbies, the same values. How are you fitting into this changed world? How did we (you and the world) get there? How can you help?

It might be difficult to dive right into this exercise, so you might start small. Imagine yourself living in a different city or at a different job: Fill in the nitty-gritty details of how this could have happened. Imagine yourself waking up only a year from now: What’s changed already?

One way of looking at the point of this exercise is that what you’re doing is creating new memories. This might seem a strange concept but it’s fully in keeping with what we know of the psychology of memory. Try this. Imagine yourself waking up 10 years ago. When you do this, you come to appreciate that memory is not a movie that you can just plug in. Unless 10 years ago was your wedding day or some other day of enormous importance, you need to re-construct that memory from scratch: Where were you living then? Who was your significant relationship? Which car were you driving? Imagining the future at this very detailed, granular level is essentially akin to building new memories. Which is why when Covid hit, Dr. McGonigal’s participants recognized themselves and felt as though they had been there before. Handled well, imagined events become memories: We’ve all had the experience of hearing a story so many times that we (or someone else) comes to believe (absolutely!) that they were there — when in fact they were not.

So far, we’ve talked essentially about techniques to imagine X but said nothing about what X could be. This is where what Futurists call StrangeSight comes in. StrangeSight is an attitude where you find yourself looking at the world differently, looking for things that stick out, that appear weird. We see weird things in

the world around us all the time, but typically we dismiss them, we shrug them off, we ignore them. Instead, start paying attention to what is different and asking whether these perhaps anomalous observations may be harbingers of something important, of some change on the horizon. Instead of being drawn to people, information, and ideas that fit with your expectations, you start focusing on things that challenge your assumptions, that are unusual or surprising. Had our intelligence community asked why so many Saudis were taking flying lessons in Florida (and, in some cases, showing a lack of interest in landing the plane), September 11 might have turned out to be just another ordinary day. This StrangeSight attitude leads you to look for breadcrumbs, some of which will lead nowhere, but some of which may constitute “signals of change.” As you attend to these signals of change you may discover that some coalesce and start building a narrative that can become your Risk Management X over time.

One interesting benefit of this approach to divining the consequences of potential future events is that it is also applicable to our own lives. As mentioned earlier, most people do not think more than a year ahead. Most people live where they live either because that is where their job is, or because that is where they’ve always lived and they found work that they can do in their hometown. But what if you have dreams that you would like to manifest? What if you want to move to Costa Rica in 10 years? Imagine yourself waking up in that new world. How did you get there? What are you doing there? Can you start looking for breadcrumbs that may provide you with a way to make this imagined future become the one you’ll be living in? Imagination is a uniquely human ability. Don’t be afraid to use it! And don’t let what you know now limit what you can imagine for the future.

MAINTAINING RELIABLE DELIVERIES IN UNCHARTED WATERS: EQUIPMENT BREAKDOWN

THE CENTRAL ARIZONA PROJECT (CAP) IS AN ENGINEERING MARVEL that moves Colorado River water uphill across 336 miles of desert through Phoenix to Tucson. The economic value of the water delivered to Arizonans is billions of dollars; there is insufficient water without it. CAP is part of Arizona’s critical infrastructure.

The system starts at the Mark Wilmer Pumping Plant south of Lake Havasu on the Colorado River where six 66,000 HP motors drive pumps that lift water vertically 824’ to start the run through the system of aqueducts and relift plants. CAP is the single largest user of electricity in Arizona and this plant uses more than half of that energy.

The night of November 18, 2018, was no different than any other, until Unit 6 suffered an electrical fault (short to ground) in the rotor. A protection relay should have detected low resistance and shut down the motor, but it didn’t; it ran for 18 more minutes before tripping the entire plant offline. During that time, metal melted and was thrown into the

space between the rotor and stator, essentially beating itself to death.

Employees who responded to the plant were greeted by a burnt electrical smell and grit everywhere; all six-story-tall units were silent. Operationally, there were many questions. What happened? Is there additional risk? How will this impact operations? How will we adjust the budget to make room to rebuild the motor? How long will it take? Will other capital projects need to be delayed?

Major equipment is regularly scheduled for maintenance and renewal, a focus for Engineering and Operations. But in this situation where a robust reliability engineering and

condition-based maintenance program had a catastrophic loss, risk managers—hopefully— remember equipment breakdown coverage.

Equipment breakdown or mechanical breakdown coverage are newer terms used for a type of property insurance, Boiler and Machinery coverage. Think back to the old days of pressurized, energized, and rotating equipment. Things shorted, burst, and blew up, even with proper maintenance. Today, those same concepts apply to more current titles.

“The Company will pay for direct physical loss of or damage to Covered Equipment , Time Element loss, and Special Coverages loss as provided by this Policy, if such loss or

damage is caused by a sudden and accidental Breakdown of Covered Equipment or a part thereof, which manifests itself by physical damage at the time of its Occurrence and necessitates repair or replacement; subject to the terms and conditions set forth in the Policy, regardless of any other cause or event contributing concurrently in any other sequence of loss.”

As with all insurance, definitions are important. Breakdown includes failure of pressure or vacuum equipment, electrical failure including arcing, mechanical failure caused by centrifugal force, and related explosions. Covered Equipment includes pressure vessels, refrigerating and air conditioning systems, metal piping and accessory equipment, and mechanical or electrical machines or apparatus used for the generation, transmission, or utilization of mechanical or electrical power. Of course, both definitions also contain exclusions. Occurrence includes all losses or damage attributable directly or indirectly to one cause or series of similar or related causes.

An insured has several primary responsibilities, which include notice to the insurer and protection from further damage. Engineering and Risk Management have some similar interests at this point. Both want to know what happened, why it happened, whether similar equipment is at risk, if it can be repaired or will require replacement, what effort will be involved, how long it will take, and how much it will cost. The ripple effect can be substantial. Your provision of a funding source answers one big piece.

Time can also be of the essence. In this case, the plant was designed to pump full volume with five pump-motors so one could be down for maintenance. Without Unit 6, however, there was no redundancy.

This is the point where your broker or a good consultant can be of great assistance. As long as water kept flowing, there was no business interruption expense. Consultants would help with the Root Cause Analysis and determine the extent of damage. (Your insurer is also interested in light of subrogation opportunities that may exist.) CAP’s heavy overhaul group

employees would disassemble and reassemble the motor. A contractor would perform the ‘rewind’ with CAP engineering and project management oversight. The expense for power was going to increase dramatically because of the inability to ‘shape’ our high pumping times around the ‘duck curve’ (lower cost times).

Even with the best insurer, adjuster, and forensic team, quantifying and documenting expenses can be challenging. Property policies tend to include claim preparation expense coverage, subject to a sublimit, but not for experts to help negotiate coverage. Your broker’s claims advocate and forensic services can be of great help. The forensic service cost may be covered as part of claim preparation expense.

This loss size was sufficient for assignment of an executive adjuster. Several early agreements took a little time to flesh out but made life much easier later, especially with an adjuster change midstream. Agreeing on major tenets early cannot be overstated. We agreed on the standard for repair, “yellow tag” or replacement, with “yellow tag” defined as full service

life, full warranty. CAP employees would do a large part of the work and we agreed that the policy covered their costs. However, how will those costs be defined, and would employee related expenses and overhead be included? Would supervisors and managers’ time be reimbursed?

The adjuster does not validate expenses, especially on large losses, and needs help determining the appropriateness of repair plans and costs. Forensic engineers and accountants enter the scene. Your team also begins to grow. Complicating the quantification and documentation of extra expenses for energy was the decommissioning of a power plant built to provide energy for CAP, changing energy sources and pricing structures.

Your insurer won’t know the nuances of your operations. Your most knowledgeable engineers, managers, finance, and contracts personnel won’t know your insurer’s needs and processes. Three parallel processes are occurring: restoration of the damage, negotiations regarding coverage, and developing the team and documentation that translates your internal processes and documentation to what the insurer, and more importantly their forensic accounts, need for approval.

The cost of repair may be easiest, although even that had its challenges. Arizona authorizes a Guaranteed Maximum Price (GMP) procurement process with which the insurer was unfamiliar and did not have a comfort level due to the lack of competitive bidding. The insurer’s forensic engineers not only provided the insurer with valuable information, they almost became free consultants. The GMP process greatly reduced cost and shortened time due to the contractor’s experience level, but contract negotiation took weeks, with language negotiated on almost every contractual provision.

Developing the models to document soft costs such as employee related expenses and overhead, and especially extra power cost took much longer. The insurer is obligated to reimburse our costs, but it is our obligation to document those costs. Working with a forensic accounting consultant to help develop those

models and test the concepts behind them can be extremely valuable.

Your asset management and timekeeping systems may need to be adjusted to track hours and costs for which you would like reimbursement. We don’t bill time, using average trade rates for project costs. The insurer wanted employees’ actual hourly rates. Some benefits and overhead rates apply only to the first 40 hours each week, such as health benefits, while some apply to all hours on a straight time rate, such as workers’ compensation. How do you estimate or track travel costs, mileage rates, per diem, and a host of other costs?

Having a former energy trader on staff helped us develop an amazing model that compared what our energy costs would have been with Unit 6 with what it actually was without Unit 6 based upon the average wholesale cost of power by hour for the region. It was during this time that competing models clashed, ours versus the insurer’s forensic accountant’s model.

It took over two months of considering different aspects, breaking down our operations into very clear segments, and those concepts then had to be developed to the point that the insurer and forensic accountants would conclude that an updated cost model was accurate.

The process and negotiations became easier when we adopted the mindset that the insurer’s forensic accounts were essentially auditors that performed a 100% sampling as part of their audit. Every aspect of every decision and piece of documentation would be reviewed for accuracy.

Concurrently, we needed to develop models that estimated reimbursable expenses by quarter, receiving reimbursement within the closing period of each fiscal year for that fiscal year’s expenses for Finance. Costs and reimbursement also need to be split between operations and capital project costs. While we may think of the entire repair as a reimbursed expense that is neutral to Financials, the motor became a renewed asset with new book value and depreciation period, with somewhat correlating ‘other revenue,’ while operational costs were an offset expense.

Disassembly of the motor provided an opportunity to concurrently fully recondition the pump. Those costs had to be tracked as a separate project. Our early agreement on a “yellow tag” motor, defined as full service life, full warranty, also became important as repairs that fell outside of the “rewind” contract also needed to be completed.

As you can imagine, not all of the parts are still available for a 30-year-old motor that was designed using 50-year-old technology. Some upgrades were necessary due to obsolescence and should be covered, while other strategic upgrades might not be covered. In this case, a redesign of the rotor poles and v-block braces was necessary for full warranty and was covered. Early agreement, including definitions, is important.

The covered equipment breakdown repair cost, including extra expense for power, was just under $6 million. Following a loss of that size, the insurer has just as much interest in future risk of loss as you do. Property insurers have discovered that as the risk of fire loss improves, the exposure to equipment breakdown loss is becoming a larger portion of their losses. Engineering visits, especially for highly protected risk programs, are now the norm, with interest in seeing documented outcome of inspections, not just your programs.

CAP was adding vibration monitoring and protection at the time of loss. The system recorded what turned out to be very valuable data, but protection had not yet been commissioned. We now have double protection between the relay and vibration protection. See https://youtu.be/u5mibrt_e48 for a time lapse video putting the size of the unit in perspective.

Retired

ETHICAL RESPONSES TO ALLEGATIONS OF SEXUAL MISCONDUCT — ARE YOU PREPARED? A

LLEGATIONS OF SEXUAL MISCONDUCT will cause disruption in the accused organization. In many cases, the alleged offender and the organization who sponsored the program or activity wind up as defendants in litigation. The financial ramifications of a claim go beyond the outcome of any lawsuit – damage to reputation, loss of key stakeholder support and lost staff time dealing with litigation that drains resources and affects operations.

Sexual violence in elementary and secondary education is rising. The U.S. Department of Education (USDOE), Office of Civil Rights, reports a 55 percent increase in incidents from 2015-16 to 2017-18 (9,649 to 14,938), the most recent years reported by the USDOE.1 In the workplace, harassment charges involving employees increased between 2021 and 2022, according to the EEOC. Monetary benefits secured for the charging party in 2022 for harassment were the highest since 2012 — $144.1 million.

This article is geared to help schools and youth-serving organizations address allegations of sexual or physical abuse, with a focus on the need for transparency and accountability.

PREVENTION IS KEY

An ethical response to allegations of misconduct is expected from all organizations that serve young and vulnerable populations and must be legally sound, based on the organization’s core values, and clearly articulated in the organization’s abuse and harassment prevention

policy. Of equal importance, of course, is the commitment of the organization’s leaders to prevent such misconduct from ever occurring.

In 2021, law enforcement agencies in the United States received reports of abuse or neglect of 483,285 children. While most of the offenders in these incidents were the child’s parent or caregiver, in approximately 33 percent of the cases the perpetrator was a person known to the child in another way, such as through an educational, religious, or sport activity.2

ETHICAL RESPONSES TO ALLEGATIONS OF SEXUAL MISCONDUCT — ARE YOU PREPARED?

an organization; and the importance of having a response plan cannot be overstated. The organization’s response plan should reflect its core values and exemplify the ethical conduct of its members. A response plan can also be incorporated into the organization’s abuse and harassment prevention policies or be a separate and referenced document.

Organizations should consider the following factors in preparing a response plan that is timely and fair to all parties. Once developed, the organization is responsible for identifying those people responsible for implementing and adjusting the plan when needed.

• Does the organization have an identified, compassionate, and trained professional to receive reports of abuse and harassment and provide ongoing support for those who have been abused or harassed?

In order to fulfill the objectives of helping children grow socially, emotionally, and intellectually, schools and organizations must provide a safe environment for children to thrive. The creation and maintenance of a safe environment is no less than an ongoing process necessary to prevent a child from being abused — whether by an adult or by another youth.

The responsibility of leaders to protect children who participate in the organization’s programs begins with the establishment and implementation of an abuse-prevention policy that requires practices known to be successful in reducing, if not totally eliminating, the incidence of abuse. Similarly, incidents of harassment can pose a significant risk to adult members of the organization or to persons who participate in the organization’s activities. The organization’s harassment prevention and response measures can be included in the organization’s abuseprevention policy or in a separate policy.

Many excellent abuse and harassment prevention policies now exist that can be used as models for organizations that do not currently have them. Model policies can also be modified to incorporate the unique aspects of an organization’s respective mission and services.

Abuse and harassment prevention policies must be applicable to all educators, employees

and volunteers, and separate codes of conduct should be created for students and minors participating in the organization’s activities. At minimum, organizations should include the following measures in their abuse and harassment prevention policies and procedures:

• Robust screening requirements and selection programs

• Clear codes of conduct for adults and youth, including the appropriate use of social media and other communication methods

• On-boarding and regular training programs and exercises regarding abuse-awareness, prevention, and response

• Legal and organizational requirements regarding mandatory reporting of known or suspected incidents of child abuse

• Organizational responses to allegations of abuse, harassment, or inappropriate behavior

• Consequences for abuse, harassment, and violations of codes of conduct and inappropriate behavior

• Commitment to transparency with internal and external stakeholders

BE PREPARED FOR AN ALLEGATION

Even the best-crafted and implemented abuse and harassment prevention policies cannot ensure that misconduct will never occur within

• Does the response plan ensure that minors are accompanied by a parent/guardian when reports are made, or when inquiries are conducted?

• Does the response plan provide for the physical separation of the reporting party and the accused within the organizational structure?

• Does the response plan ensure confidentiality for all parties involved?

• Is there a defined process for internal and external investigations of allegations?

• Is the response plan clear regarding the legal requirements of the organization and its members to report allegations of child abuse to law enforcement or child welfare agencies?

• Is there a documented organizational commitment to cooperating with law enforcement or child welfare agencies conducting abuse allegations?

• Is the response plan clear as to other external reporting requirements, e.g., to outside legal counsel or insurance companies?

• Does the response plan provide for due process for the accused as required by current laws and organizational policy?

• Does the response plan specify the documentation and record-keeping requirements within a case-management system?

Sexual violence continues to be a serious exposure for youth-facing organizations. Entities can no longer depend solely on their insurance programs for the same coverages and limits. A clear commitment by senior management to prevent incidents of sexual violence is the key to any successful program.

ACCOUNTABILITY IS EXPECTED

A necessary and expected component of an ethical response to allegations of misconduct is a process to ensure that the offender is held accountable for his or her actions. That process should be consistent with applicable laws and well-defined within the organization’s abuse and harassment prevention policy.

The policy should also delineate the types of consequences that may result if the allegations are admitted or proven. Common accountability measures range from verbal admonishment and re-training to termination. In all cases, the discipline must be communicated clearly to the accused and well-documented.

An appropriate investigation is required in most cases. Such an investigation may be conducted internally or by engaging outside investigators or attorneys to gather and evaluate all relevant facts. Serious allegations and those involving the abuse of a minor should be immediately reported to the appropriate law enforcement or child welfare agency. If either of these agencies commences an investigation, the organization should cooperate with them and avoid taking any actions that would interfere with those investigations.

As previously mentioned, an organization’s abuse and harassment prevention policy relative to accountability must be fair and timely. The accused must be provided with an opportunity to confirm or deny the allegations made against him/her. Some organizations have established ad-hoc or permanent boards or committees to review the results of investigations and advise organizational leadership as to the credibility of the allegation. Such boards or committees may also make recommendations as to the appropriate disciplinary action to be taken against the offender.

Expectations as to the reasonableness of the accountability measures may vary. There is general agreement, nonetheless, that discipline is necessary in cases of abuse, harassment, and serious misconduct and that discipline should be just and consistent. The existence of such measures and examples

of their use can be a strong deterrent in preventing misconduct.

TRANSPARENCY MATTERS

Abuse and harassment prevention policies form the basis for an appropriate, responsible organizational response to allegations of misconduct and for holding the offender accountable for his/her actions. In order to build and maintain confidence in the implementation of those policies, and to prevent future predatory behaviors, it is essential that the organization be transparent about actions taken to address allegations of abuse.

The organization is responsible for notifying its stakeholders about the receipt of, and response to, allegations of abuse — including any disciplinary actions taken. These notifications, when made, and with due regard to the privacy of victims, can encourage others to report abuse and harassment. Communications should be carefully composed and delivered, and organizations should be prepared for internal and external inquiries.

Lack of transparency regarding the issues of abuse and harassment are frequently perceived as a cover-up by the organization. In those situations where there is deliberate withholding of important information by the organization, or information is provided publicly that is misleading or inaccurate, the result is likely to be a strong negative impact on the organization’s reputation. Ethically based actions in response to allegations of abuse, harassment and misconduct can help to prevent additional harm to the organization but, more importantly, will demonstrate the organization’s care and concern for those who have been victimized.

AVAILABILITY OF LIABILITY COVERAGE

Public sector risk managers are navigating through a difficult insurance market for Sexual Assault and Molestation (SAM) liability coverage. It is unlikely that the market will soften at any point soon. As reported in the Praesidium Insurance Carrier Benchmarking April 2023 report, 92 percent of carriers surveyed expect SAM market hardening in

the next three years; 85 percent anticipate increased premiums, and 77 percent expect to provide decreased limits. What is driving the SAM market? Take your pick: laws that repeal or amend statues of limitations for sexual abuse cases, high profile cases and verdicts, and the negative effects of social inflation and nuclear verdicts. The MeToo Movement brought additional nationwide attention to the sexual assault problem.

Youth-facing organizations face difficult renewals terms this year. They should expect decreased limits (on either or both the primary and excess policies), higher retentions, restrictive terms, and higher premiums. Risks with poor loss history and insufficient controls may not be able to secure viable coverage. Insurers may also want rigorous risk control techniques, such as greater employee screening, training, and more stringent supervision, before they will quote or offer less restrictive terms.

Sexual violence continues to be a serious exposure for youth-facing organizations. Entities can no longer depend solely on their insurance programs for the same coverages and limits. A clear commitment by senior management to prevent incidents of sexual violence is the key to any successful program. Fair and relevant policies and procedures, focused training, and a workable reporting mechanism will serve to reduce the likelihood of losses. Once a complaint or claim is made, the organization’s response, investigation and (when necessary) disciplinary measures must be fair, equitable and transparent.

1 2017-18 Civil Rights Data Collection. Sexual Violence in K-12 Schools. The US DOE notes that the increase in reported allegations may reflect under-reporting in 2015-16, there was an increased sensitivity to this issue in 2017-18.

2 https://www.nationalchildrensalliance.org/ media-room/national-statistics-on-child-abuse/

INFECTIOUS DISEASE PREVENTION AND PROTECTION AT THE WORKPLACE: HOW COVID-19 IS SHAPING PROGRAMS GOING FORWARD

THE COVID-19 PANDEMIC upended life as we knew it. Associated happenings and headlines of the coronavirus elevated and underscored the need for public entities to have proper measures in place when it comes to combatting infectious diseases. These continue to impact strategic conversations and discussions as public officials look to future protections and plans.

Early on, COVID-19 raised strong concern as it quickly became clear that the virus was highly contagious. Despite herculean efforts on the part of many to address its challenges and contain its spread, even today the COVID-19 pandemic leaves many questions to be answered. Much focus has turned to how to best prevent and respond to future infectious disease outbreaks.

The talk of epidemics or pandemics of any kind are especially alarming among public entity settings given the essential nature of services and the number of employees and members of the public that could be potentially exposed. It is beneficial to look back at practical and pragmatic insights gained from the COVID-19 pandemic as public sector leaders continue to monitor and watch infectious disease risks of all types.

COVID-19 LESSONS LEARNED

With the outbreak of COVID-19, the scale and scope of the risk became readily apparent, and officials quickly recognized this was not a routine everyday event. What’s more is that the world had not seen a pandemic since the 1918 influenza pandemic.

Running rampant between 1918 and 1920, this mass historical event was believed to have been caused by an H1N1 virus with genes of avian origin. Sometimes referred to as the Spanish flu pandemic, its spread was heightened by troop movements during World War I. There were no known treatments or vaccines, and many schools, churches, and businesses were forced to close, and many citizens were ordered to wear masks in response to the infectious outbreak. According to the Centers for Disease

Control and Prevention, approximately 500 million people or one-third of the world’s population became infected with the virus, leading to an estimated 50 million deaths including 675,000 in the United States.

When the COVID-19 pandemic hit, it quickly became apparent this was a first-time event for public officials, business leaders, and risk professionals. Despite infectious disease controls and business continuity planning efforts on many fronts, the myriad of unknowns and highly contagious nature of the virus left many organizations and businesses reeling and scrambling for basic supplies and protections. Moreover, the public sector was particularly hard hit as many police officers, firefighters, first responders, and medical personnel lacked adequate personal protective

equipment such as masks, gloves and face shields, despite the ongoing delivery and performance of public services.

Planning and preparation. One of the first takeaways from the COVID-19 pandemic was the need for planning and preparation to address infectious disease events. Now is the time for public entities to assess and update their prevention and response plans. It is important that organizations identify and assemble an infectious disease outbreak response team. This team should include a top senior official and a wide range of department representatives who can quickly assess the situation, communicate a strategy and mobilize resources in the event of an emergency.

Moreover, the plan should be in writing and routinely reviewed, updated and customized in response to newly developing and evolving exposures over time. In the plan, the team should define responsibilities across the organizations as they relate to executives, managers, supervisors, employees. The plan should also clearly identify and define human protection measures. This includes what to do and to whom to report symptoms. It should also address respiratory hygiene measures, social distancing guidelines, and workplace protocols for cleaning and sanitization. Direction and guidance for workplace shutdown should also be outlined. In the event of an outbreak, the team should specify what positions are essential versus non-essential and if the people occupying essential positions will be required be in the workplace or if they can work remotely.

Healthy habits. Another valuable lesson learned pertained to development and embracement of more healthy habits for and by employees to prevent and mitigate the spread of infectious diseases. This included respiratory hygiene to contain the effects of coughing and sneezing. Employees also learned the importance of thorough and frequent handwashing as an essential strategy to foster good health. Perhaps most importantly, employers and employees learned the value and need to stay at home when symptoms or sickness appears. During the COVID-19 pandemic, employees were given guidance around isolation protocols and the importance of remaining at home for

specified periods of time following a fever or other symptoms. Workplace screenings such as temperature readings were also introduced as an added safety measure. Social distancing was another protective measure that was put in place to prevent and contain spread.

Engineering controls. Lessons were also learned around improved engineering protocols as a means of creating a safer work environment. This included the introduction and use of effective cleaning and sanitization protocols at the workplace. Instructions were provided for cleaning and maintaining equipment and tools as well as common work surfaces. There were also deep cleaning protocols for an area where an exposed or infected person was known to have been working there. Barriers such as plastic sheets or plexiglass or countertop extensions and tables were used to separate and put distance between employees and members of the public whom they were serving. Social distancing arrows and guides were also placed on the floors in some cases to control and direct foot traffic.

Effective communications. Finally, the importance of effective communications in the face of infectious disease outbreaks was underscored and highlighted. Those organizations who weathered COVID-19 with greater resiliency established strong communication channels with employees and provided meaningful and frequent communication updates. Too often a void in information can be quickly filled sometimes leading to uninformed speculation, unintentional misunderstandings, and increased apprehension or mistrust. A strong communication strategy should be a part of any infectious disease outbreak response plan.

CONCLUDING REMARKS

While public services have been restored, the world is still reeling from the effects of the COVID-19 pandemic to some degree. Many questions remain about the effects of long COVID-19 and how that will impact people’s lives as well as productivity at the workplace. Other changes can be viewed in a more positive light. Healthcare delivery options have expanded as more people were exposed to the benefits of telehealth during the pandemic and are now more willing to embrace telehealth as a care alternative.

Another notable observation is the pandemic seems to have brought out both the best and worst in us as a society. Unfortunately, some issues, prevention strategies, and care alternatives surrounding the pandemic became grossly politicized. As a result, many people lost confidence in the medical community and dismissed healthcare recommendations and insights provided by their healthcare advisors. On the other hand, the pandemic shed light on people’s compassion, empathy, and care for one another in the face of dire circumstance. Inherent goodness emerged triumphantly.

To the many public officials, healthcare providers and community leaders who devoted countless hours to lighting the path through the COVID-19 challenges, an immense expression of gratitude is owed. These are the heroes and public servants who will ensure our ability to combat future infectious disease risks in the coming years and beyond.

Those organizations who weathered COVID-19 with greater resiliency established strong communication channels with employees and provided meaningful and frequent communication updates.

ADVERTISER INDEX

HAS YOUR ENTITY LAUNCHED A SUCCESSFUL PROGRAM? An innovative solution to a common problem? A money-saving idea that kept a program under-budget? Each month, Public Risk features articles from practitioners like you. Share your successes with your colleagues by writing for Public Risk magazine! For more information, or to submit an article, contact Claire Howard at Claire.Howard@CLHCosmo.com.

CALENDAR OF EVENTS

PRIMA’s calendar of events is current at time of publication. For the most up-to-date schedule, visit www. primacentral.org.

PRIMA ANNUAL CONFERENCES

June 6–9, 2024

PRIMA 2024 ANNUAL CONFERENCE

Nashville, Tennessee

Gaylord Opryland Hotel

June 1–4, 2025

PRIMA 2025 ANNUAL CONFERENCE

Seattle, WA

Washington State Convention Center

Keep up with what’s happening at PRIMA and connect

PRIMA WEBINARS

August 23

Active Assailant: How to Avoid Missteps in the Aftermath of an Event

September 27

Disaster Risk Reduction: Mitigation, Infrastructure Hardening, Plans and Policy

October 25

Ergonomics in Today’s Changing Workplace

November 15

Background Screening: Why You’re at Risk

December 13

Preparing for the Unspeakable

PRIMA INSTITUTE

October 16–20, 2023

New Orleans

PRIMA LEADERSHIP ACADEMY

March 7–8, 2024

Hilton Alexandria Old Town

Disaster Risk Reduction: Mitigation, Infrastructure Hardening, Plans and Policy

SEPTEMBER 27 | 12:00 PM – 1:00 PM ET

SPEAKER:

Are you proactive or reactive? In the United States, emergency management has widely been approached from a reactionary manner through response and recovery. Hazard occurrences are increasing in frequency and severity with mounting negative impacts to our community systems. Response and recovery, no matter how refined, will not result in resilience. In order to get ahead of the curve of disaster impact, communities must have a change in mindset and focus time, energy and funds proactively. Disaster risk reduction involves tipping the scales in favor of preparedness, mitigation and capability growth.

ATTENDEE TAKEAWAYS:

1. Identify how disasters are impacting communities in the U.S.

2. Understand elements of disaster risk

3. Explore capability growth within community systems

THE PRIMA LEADERSHIP ACADEMY

The inaugural PRIMA Leadership Academy (PLA) will be held March 7–8, 2024 at the Hilton Alexandria Old Town in Alexandria, VA.

REGISTRATION IS NOW OPEN

https://primacentral.org/education/prima-leadership-academy/

LEADERSHIP IS THE WORK OF STRATEGICALLY USING THE TOOL THAT IS YOU.

Learn how to leverage your unique skills from leadership development experts