Author Archives: Josh Salter

About Josh Salter

Josh Salter, ARM is the senior communications manager at RIMS.
Immediate Vault Immediate Access

New York City’s New Biometric Information Law Governs Collection and Use of Consumer Health Data

Posted on by

For risk professionals, the COVID-19 pandemic has increased the importance of ensuring customer and employee safety measures are incorporated into operations, processes and future strategies. As many businesses reopen from pandemic shutdowns or return from remote work arrangements, some enterprises are now exploring both the effectiveness and the risks associated with conducting health screenings that collect biometric information and other personal health data.

This month, New York City released the Biometric Information Law, a new measure that goes into effect on July 9 and imposes disclosure requirements on businesses that collect consumer biometric information.

online pharmacy ciprodex with best prices today in the USA

It also sets parameters on what they can do with that information, most importantly, prohibiting the exchange of biometric information for anything of value.

As detailed in recent client notice from the law firm Reed Smith, highlights from the law include:

  • The measure requires a business that “collects, retains, converts, stores or shares biometric identifier information of customers” to place a “clear and conspicuous sign” near all consumer entrances that, in plain language, discloses the collection, retention or sharing of biometric information.
  • It stipulates that it is unlawful to “sell, lease, trade, share in exchange for anything of value or otherwise profit from the transaction of biometric identifier information.”
  • It establishes “an ‘aggrieved’ consumer’s private right of action,” meaning that “[a]ny person who is aggrieved by a violation by this chapter is entitled to commence an action to enforce its protections.”

There are key exclusions, however, as “governmental agencies, employers, or agents” are expressly excluded from compliance with any provision.

New York is not the only state to enact a law attempting to govern how organizations can use biometric information. Arkansas, California, Illinois, Texas and Washington have also set guidelines for businesses.

online pharmacy tenormin with best prices today in the USA

Indeed, the recent Risk Management Magazine article “Preparing for Biometric Litigation from COVID-19” addresses the imminent and critical questions businesses must answer when collecting and handling such data.

Sensitivities surrounding the confidentiality of biometric and other health information are not new in certain industries, such as healthcare. Further, even before COVID-19, risk professionals were already grappling with the risks associated with new biometric technologies and the data collected, especially with regard to facial recognition, wearables and even the rise in popularity of telehealth.

Now, with every organization on high alert about infectious diseases and how quickly they can interrupt business, health and safety have become top priorities for every risk professional in every sector.

online pharmacy xtandi with best prices today in the USA

As risk professionals look to new technology for help with these concerns, monitoring the emerging regulation and security risks around health and biometric technology will become increasingly critical in balancing benefit and risk to their organizations.
Online Pharmacy https://galenapharm.com/ no prescription
Data security will continue to remain a significant threat, but New York’s Biometric Information Law should serve as a reminder that what the organization does with that data can also have a lasting impact on the enterprise’s reputation and consumer trust.

For more information to help risk professionals manage new health technology and data, check out these articles from Risk Management Magazine:

The Case for Strategic Risk Management

Posted on by

At last week’s RIMS 2019 in Boston, a group of risk professionals got together for the panel session “NextGen ERM: Strategic Risk Management” to discuss the advantages of strategic risk management (SRM) and the challenges to successfully integrating it into organizations.

buy reglan online medilaw.com/wp-content/uploads/2015/03/jpg/reglan.html no prescription pharmacy

The panel examined several major organizations that have taken shortcuts with training or even rushed to out-duel a competitor, failing to consider the long-term impact on strategy, reputation and market-share. Blockbuster, Kodak and Sears failed to innovate, and these once-thriving name brands are now prime examples of SRM’s benefits.

“Blackberry is one such company, but there are countless examples of organizations that have overlooked the long-term strategic impact of their actions,” said Marian Cope, owner of CopeRisk LLC.

Despite recent corporate missteps tied to failures in long-term strategic analysis, as recently discussed in Risk Management, risk professionals still face resistance to their SRM initiatives. “Demonstrating the value of SRM has to be a priority for risk professionals if they hope to gain buy-in from leadership,” said Rick Roberts, director of risk management and employee benefits at Ensign-Bickford Industries and a former RIMS president.

One of the value propositions of SRM—and an easy one for leadership to support—is the focus on taking advantage of risks that can accelerate the achievement of strategic objectives. “Artificial intelligence is an example of a disruptive technology that is impacting many industries. But, if your organization is aware of it, understands its usefulness and has developed a plan for it, it can give you a competitive edge,” said Marian Cope, owner of CopeRisk LLC.

But the case for an SRM initiative should not just be made with cautionary tales of organizations that did not use SRM. “Don’t just share failures, it’s also important to share SRM successes,” said Ellen Dunkin, senior vice president, general counsel and chief risk officer at Amalgamated Life Insurance Co. “Even Amazon and their business model that gives consumers almost instant access to their purchases has adjusted its strategy and started to open brick-and-mortar shops.”

According to the panel, the risk professional should ideally be involved in strategic planning from the get-go. “Some organizations have a chief risk officer that participates in the preparation as well as the strategic planning and decision-making discussions. Unfortunately, that’s not the norm,” Cope said.

The panel identified the next-best option for risk professionals, which is to work from the strategic objectives established by the organization. From there, they need to analyze the business model, identify, assess, and prioritize the risks that can derail or accelerate achieving the strategic objectives, facilitate the development of appropriate risk responses, and then align such objectives, risks, and risk responses with operations.

An effective SRM program will incorporate plans for a risk strategy, communications strategy, implementation, and training with the goal of integrating strategic risk management into decision-making processes. “The risk professional is going to require support from others in the organization too.

buy cymbalta online medilaw.com/wp-content/uploads/2015/03/jpg/cymbalta.html no prescription pharmacy

They’re going to need risk champions to vouch for them, as well as a final presentation that includes achievable and measurable deliverables that demonstrate the value of the process,” Roberts said.

SRM can be a stand-alone program or a component of ERM. Regardless, the panel noted that SRM is vital to the long-term success of organizations as alignment of strategy and operations results in the identification of opportunities to accelerate achievement of strategic objectives and prevents operational blunders that will trigger strategic risks (e.g., substantial reputational harm). Accordingly, SRM as a stand-alone program allows risk professionals to add more value while streamlining the process.

“SRM is the next generation of ERM and identifies external and strategic risks as opposed to the more granular view for ERM. It allows the team to bring the top 10 key risks to leadership, with a focus on the top two to three as opposed to overwhelming them with the full risk register that could include 100,” said Ellen Shew Holland, higher education practice leader for Hanover Stone Partners LLC and president of Strategic Risk Frameworks LLC.

Ultimately, the group agreed, SRM will help fully integrate risk management programs into an organization’s business model and the value should be evident in each positive step the business takes toward achieving its strategic objectives.

buy xifaxan online medilaw.com/wp-content/uploads/2015/03/jpg/xifaxan.html no prescription pharmacy

REPORT: Spencer-RIMS Internship Manual For Employers

Posted on by

Step-by-Step Guide Identifies Elements and Tools to
Develop a Successful Risk Management Internship

The newly released Spencer-RIMS Internship Manual for Employers offers a roadmap for risk professionals to design a valuable internship program for their organization while creating exciting and rewarding opportunities for future professionals.

Authored by RIMS Student Advisory Council, the manual includes:

  • a justification worksheet for employers,
  • strategies for designing an internship,
  • a worksheet to define intern responsibilities, and
  • potential activities and performance evaluation recommendations.

Additionally, the manual provides directions for risk professionals to apply for a Spencer Internship Grant to fund the program.

“Internships provide an unquestionable opportunity for organizations and their risk management teams to maximize capabilities and support business activities,” said RIMS CEO Mary Roth.

“Creating meaningful internships is crucial to the sustainability of this profession and we’re excited to build this bridge to rewarding risk management careers.”

“Insurance industry and risk management learning must extend beyond the classroom,” said Spencer Chairperson Marya Propis. “To complement the sensational curriculums that many colleges and universities now offer, real-world experience gives risk management and insurance students a competitive edge as they enter the workforce.

Through scholarships, grants and internship programs, Spencer continues to support new opportunities for students to explore our profession.”

To learn more about Spencer Internship Grant, visit  www.spencered.org/professionals/internships.

The report is currently available exclusively to RIMS members. To download the report, visit RIMS Risk Knowledge library at www.RIMS.org/RiskKnowledge. For more information about the Society and to learn about other RIMS publications, educational opportunities, conferences and resources, visit www.RIMS.org.

About Spencer

Spencer was founded in 1979 and to this day remains the premier organization funding the education of tomorrow’s risk management and insurance leaders. Since its beginning, Spencer has awarded more than 1,050 scholarships totaling over $6.9 million, and $3.25 million in grants to universities and professional institutions for educational programs and conferences.

To learn more about Spencer, visit www.SpencerEd.org.

RIMS Report: Active Shooter Preparedness For Your Organization

Posted on by

More than 51 mass shootings have already been documented by GunViolenceArchive.org in 2019, many of which occurred in commercial settings and workplaces. It is clear that workplace shootings are occurring regularly in the United States. By customizing an active shooter plan that focuses on prevention, training, feedback and post-incident protocols, employees will be mentally and physically prepared to react to violent threats, according to a new RIMS Professional Report titled, “Active Shooter Preparedness for Your Organization.”

Authored by RIMS Business Content Writer Justin Smulison and featuring insight from workplace violence and business continuity experts, the report highlights opportunities for risk professionals and their organizations to identify warning signs of potential attacks, best practices in communication and pre-event training, as well as strategies to implement a coordinated effort that minimizes injuries, property damage and reduces uncertainties.

“Physical security measures are nothing more than deterrents,” said Steve Smith, founder and president of Guardian Defense and report contributor. “Every individual in the organization needs to know how to respond to an active threat in order to mitigate the situation. Risk professionals are well-positioned within their organizations to drive discussions, awareness and take a leading role in the development of a workplace violence prevention and response strategy.”

The report is currently available exclusively to RIMS members. To download the report, visit RIMS Risk Knowledge library at www.RIMS.org/RiskKnowledge. For more information about the Society and to learn about other RIMS publications, educational opportunities, conferences and resources, visit www.RIMS.org.

For more threat preparedness insight from Steve Smith, download his interview on RIMScast and read his Q&A about school preparedness on Risk Management Monitor.