June 25, 2025  

The True Value of Custom Business Insurance Policies

I was dropping off some clothes at my local dry cleaners a couple of days ago. In the retail center, I saw a barbershop advertising haircuts for $13. That’s it. That’s all the sign said. Not Tony’s Barbershop or anything like that.

Naturally, it caught my eye — because who doesn’t appreciate a good deal? Even more, it’s kind of nice to know up front how much a service is going to cost. No uncertainty, it’s just posted right there for everyone to see.

I’m not a fan of haggling. I’d prefer to buy a car with the price set. I don’t want to sit in a dealership and negotiate for four hours questioning myself, did I get ripped off? But at the same time, price isn’t everything. What’s the value?

This got me thinking. I am often asked by clients or potential clients, “How much will an XYZ policy cost?”

Since business insurance is not a commodity, there’s no up front answer unfortunately.

One-Size-Fits-All Doesn’t Work for Business Insurance

A $13 haircut works because the service is relatively simple, fast, and repeatable. One head of hair is pretty comparable to the next. I know that’s a generalization, but you get what I mean. No matter who walks in, they get the same base offering.

Business Insurance doesn’t work that way.

Let’s put this in the perspective of Professional Liability insurance (Errors & Omissions).

Your business has unique exposures. The way you interact with clients impacts your risk profile. How you structure your contracts is crucial. The way you manage your operations also plays a role. Additionally, how you handle mistakes or disputes affects your risk profile.

Before a policy can even be priced, an underwriter needs to understand:

  • What services your business provides
  • What your client engagements look like
  • Whether you use formal written contracts
  • How you handle complaints or errors
  • If you’ve had claims in the past

You don’t just pick a price off a menu. You submit an application, answer questions, and let the underwriter assess the actual risk.

“Just Give Me a Quick Quote” Doesn’t Cut It

It’s tempting to want a quick quote. Many websites offer instant insurance at seemingly bargain prices.

But when it comes to Professional Liability (E&O) insurance, you don’t want cookie-cutter coverage. You want a policy that actually responds to the types of claims your business face.

In my work with professional service firms — law practices, marketing agencies, consultants, managed service providers, etc. — I’ve seen too many “cheap” policies fail. They fail at the worst time. This happens because no one took the time to do it right.

The Bottom Line

For some things in life, it’s nice to know up front what something’s going to cost you. A car, a haircut, a 12-pack of beer….fine. But business insurance isn’t a commodity.

With business insurance, you’re not just buying a policy. You’re buying peace of mind that your business is protected when something goes wrong.

Ask questions. Work with someone who understands your industry. And don’t settle for a haircut when what you really need is a custom-fit suit.

Need help reviewing your liability insurance coverage?
Let’s have a real conversation about your business — not just your budget.

-JK

June 10, 2025  

Cybercriminals Are Targeting Small Businesses – Is Yours Next

Your Business Is Being Targeted—Even If You Don’t Realize It

It’s not just big corporations making headlines anymore. Small and midsize businesses are now prime targets for cybercriminals—and the numbers don’t lie.

Ransomware remains the most disruptive threat in today’s digital world. The newly released Cyber Threat Index 2025 from Coalition reveals how these attacks are happening. It shows why it’s time to take this risk seriously.

Startling Realities from the Report:

  • 58% of ransomware attacks in 2024 began with a breach of VPNs or firewalls
  • 18% involved remote desktop tools
  • 47% began with stolen or guessed login credentials
  • Email phishing and unpatched software rounded out the top attack methods

What This Means for Your Business

Think about the systems your team uses every day—remote logins, email, cloud apps. Now imagine they’re all frozen… encrypted by criminals demanding a six-figure ransom just to give you back control.

It’s not science fiction. It’s happening to businesses just like yours—some of them never recover.

The worst part? Most attacks succeed not because the defenses are complex, but because they’re familiar. Cybercriminals keep reusing the same tactics because they still work.

And while enterprise-level companies have IT teams monitoring for threats around the clock, many small and midsize businesses don’t. That’s where cyber insurance becomes more than a policy—it becomes a lifeline.

How Cyber Insurance Protects You:

A robust cyber insurance policy can help cover:

  • Ransom payments (where legal)
  • Digital forensics and IT recovery
  • Business interruption and income loss
  • Data restoration and rebuilding
  • Regulatory fines and legal defense
  • Customer notifications and credit monitoring

4 Things You Can Do Right Now:

  1. Harden remote access tools – Use multi-factor authentication (MFA) across VPNs and remote desktops
  2. Educate your team – A well-timed click on a phishing email can cost your business everything
  3. Patch and update software – Vulnerabilities in outdated tools are low-hanging fruit for attackers
  4. Review your cyber insurance – Your policy should reflect your current systems and risks

Final Thought:

Cybercriminals aren’t getting more creative—they’re just getting more persistent. And far too many businesses are still unprepared.

The good news? Cyber insurance remains one of the most affordable forms of protection available. This is especially true when compared to skyrocketing premiums you see in property or commercial auto.

If you’re not sure whether your coverage is enough, let’s have a conversation. Or if you don’t have cyber protection in place at all, let’s talk.

It could be the most important step you take for your business this year.

-JK

June 5, 2025  

Importance of Liability Clauses in Business Contracts

“Do you use your standard contract with your customers that includes a limitation of liability clause and/or hold harmless agreement?”

When applying for liability insurance, you’ll find this question on pretty much all insurance carrier applications.

If you do not use a standard contract or agreement with your customers/clients and they do not include limitation of liability clause and/or hold harmless agreement, chances are you’ll

1- Be declined by carriers
2- pay higher premiums
3- or deal with an array of coverage limitations/exclusions.

Best Practice Recommendation:

-Use written contracts consistently, especially for higher-value jobs or services.

  • Include at minimum: Limitation of liability, Indemnification/hold harmless clause, Insurance requirements for the other party.

Have contracts reviewed by a qualified business transactional attorney to ensure enforceability.

Having these measures in place not only protects your business—it also signals to insurers that you manage risk proactively.

All this can save your business from extreme financial risk. Added bonus, less insurance premium and better coverage.

-JK

January 23, 2025  

OSHA Form 300A Posting Begins February 1

Employers that had 11 or more employees in the company at any point in 2024 must post the Occupational Safety and Health Administration (OSHA) Form 300A.

This form is a Summary of Work-Related Injury and Illnesses. The posting period is from February 1 through April 30.

This requirement applies even if the company didn’t have any recordable incidents in 2024. A company executive must certify OSHA Form 300A. The form should be posted in each establishment. It must be in a conspicuous location where notices to employees are customarily posted.

Certain establishments are partially exempt from OSHA’s routine recordkeeping requirements. This includes establishments with 10 or fewer employees. It also includes those whose primary business activity is classified as low hazard according to OSHA’s guidelines.

A full list of exempt low-hazard industries, ordered by North American Industry Classification System (NAICS) codes, can be found here.

The exemption is “partial” because all employers must notify OSHA when an employee is killed on the job or suffers a work-related hospitalization, amputation, or loss of an eye.

Need help with this stuff? Give me a call or shoot me a message and we can talk.

-JK

November 18, 2024  

Important Changes to Workers’ Compensation Posting Notice in California

On July 15, California State Governor Newsom signed AB1870. This bill amends Labor Code 3550. It adds language to the workers’ compensation posting notice, DWC-7, that informs employees of their right to consult an attorney. This update takes effect 1/1/2025 and applies to any workers’ compensation policy, regardless of renewal term.

California has published the revised DWC7 which can be found HERE.

If you are are a California Workers Compensation insurance policyholder, I recommend that you:

  • Continue to report injury claims promptly
  • Educate managers, supervisors, and employees about their rights and the proper steps to take if an injury occurs
  • Supply the latest version of the DWC7 posting notice
  • Post the updated notice in a conspicuous place, where all employees have access to it (failing to post is considered a misdemeanor and can result in fines)
  • Talk with your Workers Compensation insurance provider about Back to Work options at your business

If you have questions, contact me.

-JK

November 11, 2024  

OSHA’s Top Ten Safety Violations for 2024

As OSHA unveils the 2024 list of its 10 most frequently cited safety violations, there are no surprises at the top once again. For the 14th consecutive year, Fall Protection came in at number one with 6,307 violations. It is far and away the most commonly cited standard following inspections of worksites for all industries. Hazard Communication was next at 2,888, followed by Ladders and Respiratory Protection.

OSHA’s 2024 Top 10 Safety Violations:

1- Fall Protection – General Requirements (1926.501) – 6,307 violations
2- Hazard Communication (1910.1200) – 2,888 violations
3- Ladders (1926.1053) – 2,573 violations
4- Respiratory Protection (1910.134) – 2,859 violations
5- Lockout/Tagout (1910.147) – 2,443 violations
6- Powered Industrial Trucks (1910.178) – 2,248 violations
7- Fall Protection – Training Requirements (1926.503) – 2,050 violations
8- Scaffolding (1926.451) – 1,873 violations
9- Personal Protective and Lifesaving Equipment – Eye and Face Protection (1926.102) – 1,814 violations
10- Machine Guarding (1910.212) – 1,541 violations

Do you need safe workplace resources like safety consultations, risk assessments, safety training webinars, or instructional videos? Contact me today. I have relationships with Risk Management consultants on how to be OSHA compliant.

-JK

November 4, 2024  

POV: The Incredible Anxiety of a Cyber Attack

As someone who helps businesses with the placement of their insurance policies and with risk management advice, this video from Travelers Insurance hits powerfully when I watch it.

I’ve experienced this exact situation first-hand at least several times. A client calls in terror because their computer network was breached. They are either shut down to a point where not a single employee can get on the network to function. Alternatively, a hacker breaches their network and steals hundreds of thousands of dollars from their accounts.

The incredible fear and anxiety it creates is off the charts. This video is a true personification of this very circumstance.

My biggest piece of advice is please don’t think that your business is invincible to these types of circumstances. This CAN happen to any business, large or small.

The most crucial step a business can take to avoid a cyber attack is to establish a robust cyber security culture. This culture should include consistent employee training. Educate all team members on cyber hygiene practices. Teach them to recognize phishing emails. Encourage them to use strong, unique passwords. Additionally, ensure they secure their devices. Human error is one of the leading causes of data breaches. Employees who are aware of and actively follow security best practices can significantly reduce the risk of an attack.

Whether you have an internal IT team managing your computer network, or utilize a MSP (Managed Service Provider), ensure they have the proper protocols in place. These protocols should mitigate breaches within your computer network.

Also, don’t overlook a cyber insurance policy. It can help manage the costs of a cyber attack with both “1st Party Coverage.” This coverage focuses on your own losses and expenses directly resulting from a cyber incident. It also includes “3rd Party Coverage” to focus on liability to third parties affected by the cyber incident. This includes legal and regulatory costs.

The cyber insurance market is competitive as of the date of this post. This means rates are low for the coverage offered. Underwriting is also relatively soft. It’s not difficult to secure a robust policy with a low annual premium.

If you have questions about the above, reach out today. You might want to know about a recommended MSP (Managed Service Provider) for your business. Or you may have questions about the cost and terms of a cyber insurance policy.

-JK

October 3, 2024  

How to Prepare for Your Workers Compensation Audit

Your Workers Compensation insurance policy premium is rated based on annual payroll. When your policy is first issued, an estimated annual payroll is used looking ahead at the next 12 months.

In most cases, it’s almost impossible to forecast what your exact payroll will be for the next twelve months. Especially with hourly employees where schedules constantly fluctuate and you have peak seasons and slow periods.

So, when you buy a workers compensation insurance policy for the first time, or are renewing for a new policy term, annual payroll estimates are used to calculate the policy premium. and at the end of the annual policy term, the insurance carrier must do a premium audit to find out what the official payroll amounts are for the prior 12 months.

Let’s face it, audits suck. It doesn’t matter what kind of audit….insurance, taxes, you name it. Can you think of any audit that doesn’t suck? Unfortunately, workers compensation policy audits are not optional, they’re required by any and all carriers.

So, how should you prepare for your Workers Compensation policy audit?

The best way to prepare is by keeping proper records and documentation throughout the policy period. An audit is conducted based on the review of correct, organized records.

Since your workers’ compensation policy is payroll based, the following documents are typically needed by the auditor:

  • Quarterly 941 tax documents/payroll registers
  • Employee information, including:
    -Names
    -States
    -Description of duties
    -Gross wages
  • Furloughed wages
  • Contracted labor
    -Certificates of insurance for subcontractors, if applicable
    -Description, location and dates of work performed
    -Amount paid for contracted labor

What can I expect?

Your audit will be conducted in one of the four methods:

  1. On-site physical
  2. Electronic/virtual physical (counts as physical by all state bureaus)
  3. Phone
  4. Mail

The method is determined based upon multiple factors, including premium, complexity and state regulations. An auditor will reach out to you after your policy expiration via phone, email or letter to give you more information.

Yes, audits suck, but unfortunately there’s no way around it. As long as you’re organized and prepared with this information, hopefully your next audit will be smooth and painless and you can put it behind until next year where you have the joy of doing it all over again.

Enjoy!

-JK

September 26, 2024  

Cyber Risks Lead 2024 Business Concerns in Travelers Survey

For 11 years, Travelers has posted an annual Risk Index. The Risk Index is a survey that looks at the top concerns of U.S. businesses, and how they manage them.

Their 2024 survey takes a deep dive into the top concerns of U.S. business leaders from small, medium and large businesses across a wide range of industries.

Some of these risks involve well-known issues, like rising medical costs, broad economic uncertainty, and the ability to attract and retain talent.

Cyber risks are the #1 business concern in 2024 per the survey. 62% of the 1,200 or so respondents cited cyber as a top concern.

Cyber ranked higher as a concern than medical cost inflation (59%), increasing employee benefits costs (59%), broad economic uncertainty (59%), and the ability to attract and retain talent (54%). Medical cost inflation was the highest concern last year.

I included a link to the 2024 Risk Index above but here’s the LINK again for reference.

If you have questions about cyber insurance coverage or would like to see what the cost would be for a cyber insurance policy for your company, please contact me to discuss.

-JK

September 19, 2024  

Build Your Injury and Illness Prevention Program: Easy Tool for California Employers

All California employers are required to create an Injury and Illness Prevention Program (IIPP) that’s tailored to their business and accessible to all employees.

The State Compensation Insurance Fund offers a no-cost, easy-to-use Injury and Illness Prevention Program IIPP Builder℠. Also, to make it easier for companies with Spanish-speaking employees, this is now available in Spanish too.

The tool is available to all California businesses, regardless of whether they are a State Fund policyholder. It’s easy to switch between English and Spanish, and offering a program in the preferred language of Spanish-speaking employees can help business owners create a culture of safety in their workplace, reduce the risk of injuries, and promote healthy practices.

I provided the links above, but to create an IIPP in English or Spanish, visit www.SafeAtWorkCA.com, then simply create an account and follow the prompts to build and save a customized program.

State Compensation Insurance Fund policyholders can log in to create and save their Injury and Illness Prevention Program then return to revise, update, or translate it whenever they need to.

Of course, building your own IIPP isn’t ideal for all businesses. Some are more complex and need the help of a dedicated safety consultant.

If your business needs help building a tailored Injury and Illness Prevention Program, contact me for resources and referrals to help with this. I have many.

-JK

« Older Posts
Newer Posts »