As RIMS 2014 kicks off in Denver, Mary Roth, executive director of the Risk and Insurance Management Society Inc., speaks with NU‘s Shawn Moynihan about TRIA, a proposed rule that would change the way employee injuries are reported, and what she’s seeing among the Society’s membership in terms of cyber liability, among other topics.

Q: A bi-partisan agreement was recently introduced for long-term TRIA extension, but obviously a solution there still seems pretty far off. What do you think it will take for TRIA to be extended? How must the industry, and RIMS in particular, educate and convince lawmakers of the importance of this issue?  

A: RIMS thinks that it is important for the industry, and particularly risk professionals, to continue to educate members of Congress that TRIA is not just an insurance issue, but also an economic one. We are already seeing the effects on the workers compensation market, particularly in areas with high concentrations of employees. Further, allowing TRIA to expire could have far reaching ramifications on construction contracts and lending agreements which could set the economy back. We hope that all risk professionals will reach out to their Congressional representatives and join us for RIMS Legislative Summit in June to further emphasize the importance of extending TRIA in a timely manner.

Similarly, in a comment letter to the Occupational Health and Safety Administration (OSHA), RIMS disapproved of a proposed rule that would require organizations to electronically divulge statistics regarding employee injuries and change the current reporting system, forcing risk practitioners to duplicate their record-keeping and data submission responsibilities. Accepting data submitted through the current Electronic Data Interchange system, it was said, would be a better option. I’m curious as to your take on this, and what might be a more thoughtful approach here.

Accepting data through the Electronic Data Interchange would certainly be a good step. Many of our members already use this system, so it would be costly to use another. We would also like to see some form of protection for organizations reporting this data. We have concerns with how this publically available information could be misused, whether through enforcement targeting or by other organizations looking for an unfair competitive advantage.

Do you think the still-recovering economy has had an affect on risk managers’ ability to buy appropriate levels of insurance coverage? Have lower earnings across the board done anything to fundamentally alter risk appetites, and if so, how? If not, why?

The argument can be made that with a better understanding of an organization’s risks, it will be better positioned to invest in new technologies, research and development or other opportunities that can produce significant financial rewards. Understanding the insurance market can have the same advantages. Every summer, RIMS and Advisen publish the RIMS Benchmark Survey that provides data from more than 52,000 insurance programs from 1,500 organizations to further educate members on the markets’ intricacies. According to the 2013 Survey, the average Total Cost of Risk increased five percent in 2012, placing more stress on organizations’ to afford necessary coverages.

Let’s talk about the RIMS Marketplace platform. I know the society was very excited about it as an alternative to the RIMS Buyer’s Guide. Why?

RIMS Buyer’s Guide was a terrific directory; RIMS Marketplace is so much more. Having a strong network can be the difference between successfully navigating a risk or falling to its consequences. RIMS Marketplace gives risk professionals access to solution providers, those providers’ latest news, videos, presentations, social media pages and other intellectual property. For providers, the resource allows them to not just connect with an engaged audience but also deliver information about the value of their services and other thought leadership.

What are you seeing among the RIMS membership in terms of cyber liability? At this point, even with repeated high-profile breaches being reported (and who knows how many more not reported), the prevailing sentiment seems to be that it’s a coverage everyone should have, but it’s still a hard sell. Does the Society have any resources that it is developing on this front?

The challenge to protect data has become increasingly difficult for organizations, no matter the size or the industry. Cyber concerns remain a top risk that our members face, in fact, “Avoiding Cyber Liability Pitfalls–Lessons Learned from Risk Managers, Legal and Forensic Experts” is a Hot Topic Session at RIMS ’14. Throughout the year, the Society will produce several workshops and webinars on this evolving risk management challenge, giving practitioners access to some of the industries’ most accomplished thought-leaders. Already scheduled during our RIMS Canada Conference is the “Cyber Risk and Data Security Management” workshop in Winnipeg lead by Walter C. Boyd Jr., Esq., CIPP/G, CHPSE, a senior privacy advisor and consultant, and Deena Coffman, CEO of IDT911.