The Families First Coronavirus Response Act (FFCRA) launched last month, temporarily expanding paid sick and FMLA leave for employees of businesses with headcounts of fewer than 500 as part of the national COVID-19 response. The follow-up CARES Act provided payroll tax credits for employers to offset the cost and impact of the leave expansion.
The quick but piecemeal rollout of legislation has created some confusion as to how employees should declare their eligibility/need for leave and what documentation trail needs to exist to ensure employers are eligible for tax credits.
In this post we’ll cover:
What conditions or situations justify paid leave under the FFCRA
What documentation employees should submit as part of an application for leave
What documentation employers need to maintain to qualify for tax credits
Clarifying Who is FFCRA Leave Expansion Eligible
The FFCRA establishes three specific situations in which an employee working for a business with 499 or fewer employees qualifies for two weeks of paid sick leave at their regular rate, up to $5,110:
If the employee is subject to a federal, state, or local quarantine or isolation order
If the employee has been advised by a healthcare provider to self-quarantine
If the employee is experiencing symptoms associated with COVID-19 and seeking a medical diagnosis
The act also establishes three other scenarios in which an employee working for a business with 499 or fewer employees qualifies for two weeks of paid sick leave at two-thirds (2/3) their regular rate, up to $2,000:
If an employee is caring for an individual subject to a quarantine or isolation order
If an employee is experiencing any substantially similar condition identified by the HHS
If an employee is caring for a child whose school or daycare is closed or unavailable due to COVID-19
Finally, the act also provides extended family leave for situations in which schools or childcare facilities remain closed beyond the two weeks of leave above. During that 10-week period, employees earn two-thirds (2/3) their regular rate, up to $10,000 (in addition to the $2,000 from their two initial weeks of leave).
Documentation Requirements for Employees Requesting Leave
The DOL did not codify any single approach to transitioning employees toward COVID-19 leave, instead saying that employees should file their request as soon as possible and follow reasonable documentation procedures as soon as practical. Here are the specific pieces of information/documentation the DOL stipulates employees must provide:
In their signed request for leave, employees must provide:
Their full legal name (as it appears on IRS records)
Their qualifying reason for leave (from the above list)
A clear statement that their illness or responsibilities prevent them from working from home during this time
Their anticipated date for return
If the employee is requesting leave due to a quarantine order, they must also provide:
The name of the government entity who issued the order
If an employee is requesting leave because a healthcare provider has instructed them to, they must also provide:
The name of the healthcare provider
If an employee is requesting leave to care for a child without school or daycare, they must provide:
The child’s full legal name as it appears on school rosters
The name of the school, childcare facility, or provider who is closed or unable to provide care due to COVID-19
A clear statement that they are the only option to provide care for this child at this time
As long as you’re requiring, collecting, and maintaining the above documentation, you and your employees are compliant in the eyes of the DOL.
What About a Doctor’s Note?
Generally speaking, a doctor’s note is the gold standard for medical leave and should be provided in COVID-19-related ADA accommodation requests. However, the DOL is not requiring one as part of their leave documentation procedure, in part because the strain of the pandemic is putting on the medical community.
That means if an employee believes they have COVID-19 or needs to care for someone who does, waiting to get a doctor’s note could actually put more of your employees at risk. That’s why the best guidance for now is to keep your application protocol relatively straightforward and stick to the DOL’s documentation requirements.
Documentation Requirements for Tax Credits
While the DOL’s documentation requirements are crucial to executing the FFCRA correctly, the IRS’ documentation requirements are equally important to getting the payroll tax credits available to help your business weather this storm.
In order to maintain eligibility for your tax credits, you must maintain:
Any other documentation related to filing for credits with the IRS
Documentation of how you calculated FMLA/sick leave pay for employees
Documentation of how you determined the amount of qualified health plan expenses that you allocated to wages
In terms of documentation from your employees, the IRS’ requirements are extremely similar to the DOL’s, but there are a few key differences, specifically involving childcare scenarios.
The IRS requires documentation of the following information for employees requesting leave under the FFCRA to care for a child or children whose school(s) or place(s) of childcare are closed due to COVID-19:
The full name of each child as they appear on school rosters
The name of the school, childcare facility, or provider no longer able to provide childcare due to COVID-19
A clear statement that they are the only option to provide care for this child at this time
In the case of a child over 14 who would only be alone during daylight hours, employees should provide a statement explaining the special circumstances that require childcare
Takeaways
The goal of the FFCRA is to protect individuals and families across America during the COVID-19 pandemic. The CARES Act backs up the FFCRA by providing businesses with the tax credits they need to make the considerable leave expansion feasible. Getting those credits requires documentation of the right information, however.
Remember:
There is no official leave documentation process for the DOL, but they do require a few specific pieces of information
The IRS has slightly stricter requirements for documentation of childcare-related leave
IRS forms 7200 and 941 are essential to receiving your tax credits
Be ready to explain how you calculated wages for employees on leave and determined your health plan expenses
The Employee Benefits Security Administration (EBSA), IRS, and Department of the Treasury issued a joint announcement on April 28th stating that they are extending a variety of timeframes related to employer sponsored healthcare coverage, portability, and continuation under COBRA.
Generally speaking, these extensions are designed to maximize healthcare accessibility during the ongoing COVID-19 outbreak, continue coverage for as many Americans as possible, and loosen up claims negotiating windows in a way that prevents a processing bottleneck from weakening the system as a whole.
In this post we’ll explore:
Extensions of employee healthcare deadlines under ERISA Section 518
A few examples of what the extensions mean for employers
The meaning of the HHS “measured enforcement period”
ERISA Section 518 Relief
Section 518 of ERISA allows for the extension of certain benefits-related filing and documentation deadlines by up to one year in the event of a presidentially declared national emergency.
With this week’s joint announcement, the government has declared that all employee health plans, disability plans and other employee welfare plans must disregard the period from March 1, 2020 until sixty (60) days after the announced end of the COVID-19 national emergency (“the Outbreak Period”) when determining the following periods and dates:
The 30-day special enrollment periods for employees
The 60-day COBRA benefit continuation election
Dates for making COBRA premium payments
The date for individuals to notify the provider of a qualifying event or determination of disability
The date range within which individuals can file benefit claims
The date by which claimants must file an appeal for an adverse determination
The date range within which individuals can request an external review of an adverse determination
The date range within which individuals may file information to perfect an external review of an adverse determination
For employers, this means that your plan administrator can’t count dates occurring during the Outbreak Period against employee deadlines. The spirit of these extensions is extremely employee-friendly, but it’s also HR and administrator-friendly, as it significantly reduces the pressure to process claims and push laid off or furloughed employees through off-boarding as quickly as possible.
To see the full text of the joint announcement’s final rule, click here.
What Will This Look Like in Action?
Open-Enrollment Examples
If an employee has a baby during the Outbreak Period, the child can be brought onto employee healthcare via special enrollment until 30 days after the Outbreak Period ends (90 total days after the announced end of the national emergency).
Similarly, if an employee got married shortly before or during the Outbreak Period, the new spouse’s special enrollment period will last until 30 days after the Outbreak Period ends (90 days total after the announced end of the national emergency).
COBRA Election Example
If an employee has been furloughed to the point where they no longer work enough hours to qualify for employer-sponsored coverage due to the national emergency, their COBRA election period must remain open until 60 days after the Outbreak Period ends (120 total days after the announced end of the national emergency).
COBRA Premium Payments Example
If an employee was receiving COBRA coverage at the beginning of the Outbreak Period, premium payments for COBRA coverage during the Outbreak Period will be considered timely if the payments are made within 30 days of the end of the Outbreak Period (90 days total after the announced end of the national emergency). As long as premiums for all months during the Outbreak Period are paid in a timely manner, the employee is eligible to continue coverage.
Claim Filing Example
If an employee has a 365-day filing window for any claim, that window will not begin for any claims made during the Outbreak Period until the Outbreak Period ends. Similarly, the entire date range of the Outbreak Period should be excluded from claims deadline calculations for care that occurred shortly before the national emergency.
The “Measured Enforcement” Period
The Department of Health & Human Services (HHS) officially concurs with the relief announced by EBSA in the joint statement and is relaxing enforcement for public healthcare, while encouraging states to adopt the spirit of the extensions EBSA is creating for private employer-sponsored programs.
No official end date has been announced for this period.
Takeaways
EBSA’s COVID-19 employee benefits deadline extensions are designed to help as many Americans as possible maintain their access to employer-sponsored healthcare during the coronavirus outbreak. While they’re largely employee-friendly, the extensions also help HR departments and benefits administrators reduce the bottleneck that COVID-19 has created.
Remember:
The “Outbreak Period” is defined as March 1, 2020 until 60 days after the COVID-19 national emergency is declared over.
Dates falling within the Outbreak Period should not be counted against employees for:
With some states cautiously reopening non-essential businesses before the COVID-19 national emergency has been officially declared over, it’s crucial for the owners and managers of those businesses to get reopening right from a wellness and employee/public protection standpoint.
If we as a business community can execute this properly, then we’ll be bringing what normal looks like after COVID-19 to employees and the public at large, stimulating the reemergence of our strong American economy. However, we desperately need to talk about what reopening “right” actually looks like.
This is why Launchways created our Complete Return to Work Toolkit, a resource any business can use to plan for a successful return built on best practices and up-to-date information.
Moving forward, we’ll explore some of the concepts from the toolkit including:
Key policy & procedural concerns related to screening employees & visitors for COVID-19
Crucial questions about expectations for personal protective equipment that must be addressed before employees return to the office
Modifications you need to make to your physical workspace and way of fostering collegial collaboration in order to reopen safely
Health Screenings
The most important aspect of a proper reopen is getting your team members back in their traditional workplace in a way that ensures talent is returning to the building without introducing the spread of COVID-19 within your workforce.
Here are a few examples of questions you need to be able to answer regarding health screenings before you can plan to reopen:
What screening questions will you ask employees before they return to the office?
What screening questions will you ask customers/clients/office guests before anticipated visits to your facility?
What communication system will you use to transmit and manage screening questions?
Who will be in charge of reading/assessing eligibility to return based on screening responses?
What screening questions will you ask customers/clients/office guests before anticipated visits to your facility?
Will you carry out temperature checks as people arrive to work?
Where will you carry out temperature checks?
Who will carry out temperature checks?
What will be the temperature threshold for denying admittance to the workplace?
What are next steps for employees for are denied entry because of failing a screening?
How will you transition them toward leave?
How can you enable work-from-home for those who insist they can work?
What are next steps for customers/clients/office guests who fail a screening?
What parameters must a COVID-19 positive employee meet before returning to the workplace (for example 14 days from diagnosis, or 72 hours without experiencing a fever)
Personal Protective Equipment (PPE)
Given that COVID-19 is often spread by asymptomatic carriers, PPE is essential to minimizing the spread of coronavirus, even between people who do not feel or appear to be sick. The use of PPE among the public is currently inconsistent, so you need to set clear expectations for usage in your workplace.
Here are just a few different questions you need clear answers to before you recall your workforce and reopen your facility:
What PPE will public-facing employees use?
What PPE will back-office employees use?
Will you be issuing PPE or expecting employees to bring their own? (if employees must provide their own, will they be reimbursed?)
How often will you expect employees to change/sanitize PPE?
What cleaners or approaches will you approve for sanitizing PPE?
How/where will employees dispose of soiled PPE?
Will you require PPE for clients/customers/office guests?
Will you make PPE available to clients/customers/office guests?
How will you address refusal to comply with your PPE policy?
For employees?
For clients/customers/guests?
Social Distancing
Maintaining six feet or two meters of distance between all people remains a best practice until the official end of the outbreak period.
Here are some examples of baseline social distancing concerns you absolutely must have plans and policies in place for as you reopen:
How will you modify the physical space of public-facing areas to enable distancing for employees and customers/clients/guests?
How will you modify your back-office space to enable distancing for employees and guests?
How will you create sensible traffic patterns that allow people to get around the office in ways that support distancing and prevent anybody from “squeezing past” each other in the halls? (for example, some offices are transitioning their layout to use only ‘one-way’ hallways)
What kind of signage will you create to provide distancing reminders and where will you put it?
How will you enable meetings, brainstorming sessions, and other collaborative group work in ways that support distancing?
How will you address distancing with regard to the use of common spaces (kitchens, bathrooms, etc.)?
How will you address refusal to comply with your social distancing policy?
For employees?
For clients/customers/guests?
How to Learn More
If you’re a business leader hoping to reopen your business or transition remote workers back to the traditional office in the coming days and weeks, be sure to download Launchways’ Complete Return to Work Toolkit!
The toolkit covers:
How to Determine Who Should Return to Work & When
Preparing & Modifying Your Physical Workspace
Protocols for Employee Re-Entry & Health Screenings
Building and Enforcing Social Distancing & COVID-Specific Employee Protocols
How to Address Workforce Anxiety About Returning to Work
Sample Return to Work Survey for Employees
How to Identify & Correctly Update Effected Company Policies
Roadmap for a Return-to-Work Communications Strategy
The COVID-19 outbreak is changing nearly everything about how we work and do business. And if changing work conditions weren’t enough for employees to deal with, they also have to navigate a host of new federal policies including temporarily expanded sick leave and FMLA family leave. But, they don’t have to do it alone. Employers can help their team members work more effectively while achieving a healthy work-life balance by setting clear leave policies.
The Families First Coronavirus Response Act established Emergency Paid Sick Leave and drastically, albeit temporarily, expanded the scope of the Family Medical Leave Act. But it also left it up to employers to set the terms of how employees can use that leave. That means that employers must educate themselves on how their team members can take advantage of the leave to protect themselves and their families while staying productive, and then provide clear guidelines for their teams.
This can be particularly useful for employees who don’t want to take time off of work but have to take care of children who are now home from school or childcare. These employees are entitled to paid leave if they decide not to work. But they may not know how to take paid leave for time spent caring for their children while working part-time. That’s where employers can help employees navigate the situation so that they can work as much as possible while simultaneously taking care of their other obligations.
In this article, we’ll provide an overview of how employers can set flexible leave policies and help their team members navigate the new leave policies including:
Employees’ leave coverage under the Families First Coronavirus Response Act
How to expand the leave policies to help your team members work more effectively during the outbreak and as businesses begin returning to work
Employees’ Rights Under the Act
The Families First Coronavirus Response Act implemented several employee leave expansions that went into effect at the beginning of April. We wrote a full overview that you can read here, but here is a quick overview of what your employees are entitled to from the FFCRA if you have fewer than 500 employees:
2 weeks full paid sick leave if they are unable to work due to COVID-19 illness, quarantined due to exposure, or are experiencing symptoms and waiting for a diagnosis
Paid sick leave is available to employees who are quarantined but not sick only if they cannot work remotely
2 weeks of paid family leave at 2/3 pay if they need to care for an individual subjected to quarantine or need to take care of minors whose schools or childcare facilities are closed due to the virus
10 weeks of extended family leave at 2/3 pay if employees need to take care of minors and have been with the company for at least 30 days
Notably, if your company has 49 or fewer employees, you can apply for a small business exemption. But unless you receive a small business exemption, you cannot prevent qualified employees from taking leave. Nor, given the current health crisis, should you aim to prevent employees from taking the leave they need. Your leave costs will likely be covered by tax credits under the new CARES Act. It’s often in your best interest to help your employees maximize their ability to leverage the leave policies, especially to discourage the spread of the virus amongst your workforce.
Expanding Leave Policies for More Effective Work
Under the FFCRA, employees may not be eligible for leave if they are healthy, do not have to care for minors, and can work remotely. While on the other end of the scale, employees who have to take care of minors may be eligible for a full 12 weeks of leave, paid at 2/3 their normal rate. However, many employees who do qualify for leave to take care of minors, but can work remotely, will not want to take three months away from their work. And many employees may be concerned about keeping some of that time in reserve, since no one knows how long the outbreak will last. That’s where employers can help their employees make the most of their paid leave while simultaneously minimizing the disruption to their business.
You have the right to force employees to either work full time or go on leave. But it is often in both of your best interests to work out an arrangement where employees with family obligations work as much as they can while taking leave when they cannot. And the FFCRA gives employers a lot of leeway in allowing employees to take sporadic or intermittent paid leave.
Employers can allow employees to take paid leave in increments anywhere from week-to-week, day-to-day, or even hour-to-hour. That means you could allow your team members to take paid leave to homeschool their children every other day while working full time on the other days. Or they can take a few hours of paid leave every day to take care of their family obligations and work for the rest of the work day. And this does not just apply to remote employees: you can allow employees who have to come into the workplace to work a partial schedule while taking paid leave on their days off.
It’s important to remember that employers are not obligated to provide this kind of flexibility. But it can often be in your best interest to work with employees to find the best arrangement for both parties. Not only will it allow you to retain key employees, on a partial basis, who would otherwise go on full-time leave, thus reducing the disruption to your business from COVID-19, but it can also have a lasting impact on employee relations. Employees will remember it if you work to help them juggle their work and non-work obligations, increasing loyalty and productivity in the long-term. On the other hand, they will also remember if you took an all-or-nothing approach that adhered to the bare minimum requirements of the FFCRA. It’s crucial to consider the optics of your approach to leave during COVID and as employees begin transitioning back to work.
To recap, you are allowed but not required under the FFCRA to let your team members take emergency paid sick leave or family medical leave:
On a day-by-day basis while working a partial schedule either remotely or in-person
On an hourly basis to allow for reduced hours per day, either around a shorter shift or to allow for breaks to care for family
On a weekly or monthly basis
At your discretion, within the limitations of the FFCRA (you can prevent employees from working until they come back from leave but you cannot prevent them from taking continuous leave while they qualify for it)
You should decide which of these arrangements, if any, will work for your business and then set a clear leave policy. Then, inform your entire staff of that policy and work with each employee to help them set up the arrangement that works best for them, within the limits set in your policy. Clarity and flexibility will help your business run smoothly and help your employees balance their work with their other obligations.
Key Takeaways
With the COVID-19 outbreak continuing to disrupt every part of life and business as we know it, we can all benefit from working together to find solutions. The FFCRA requires that employers offer 2-12 weeks of paid leave for qualifying employees at either full or 2/3 pay and you should take responsibility for that obligation. If you create flexible leave policies that enable employees to work as much as they can while taking only as much leave as they need, you can minimize disruptions to your business. Setting clear and flexible leave policies and helping employees take advantage of those policies is truly a win-win strategy. Just remember that:
Healthy employees who do not need to care for minors or sick family members may not be eligible for any expanded leave and can be required to work full time if they can work remotely
Employers are allowed to decide whether and how their employees can take intermittent sick or family medical leave
If they chose to, employers can let their employees take their expanded leave on an hourly, daily, or weekly basis
For more on the Families First Coronavirus Relief Act and running a business during the COVID-19 outbreak, check out Launchways’ comprehensive resources on our COVID-19 Emergency Resource Center.
The COVID-19 outbreak is changing how companies operate. While it is having a profound impact on supply chains and the nature of demand, the most direct impact is the fact that most people are confined to their homes. Many companies are now working fully remote, including some that had never had remote work policies in the past.
There are many considerations around the transition to remote work. The first ones that come to most employers’ minds are generally how to maintain productivity, communication, and morale while team members are working in isolation.
But working remotely also comes with significant cybersecurity risk ramifications. Company networks are inherently spread thin and ultimately rely on employees’ home network security to keep company data safe. Many companies’ cybersecurity practices just aren’t built around remote work and they will have to adapt to keep themselves safe.
Luckily, just a few additional measures can greatly mitigate your cybersecurity risks during the COVID-19 outbreak. Let’s take a look at the risks and how to tackle them, including:
Why the outbreak creates openings for cyberattacks
How to mitigate your company’s risks
Protecting employees and their devices
Business insurance coverage for cyberattacks against remote networks
Why COVID-19 Creates Opportunities for Cyberattacks
The main reason why the COVID-19 outbreak is changing the nature of cybersecurity is that just about everyone that can is now working remotely. Instead of operating as a closed system, companies’ networks now include each employee’s home networks and devices. And a distributed network is inherently harder to protect: you can’t just throw a firewall around it. Not to mention, most existing strategies and policies are focused around protecting the company networks and do not work for distributed or bridged networks.
Employees’ home networks are the most significant gap in your cyber protections. Unfortunately, VPNs and other standard protective measures only cover communications between home devices and company networks. They do not protect the home devices themselves or home networks. That means any company data stored on the devices is much more easily compromised by cyberattacks.
But on top of the technological challenges posed by the COVID-19 outbreak, the coronavirus is also creating opportunities for successful cyberattacks that rely upon the fear, isolation, and ignorance of people amid the outbreak. Phishing attacks related to the virus have increased more than six-fold in the past month and tens of thousands of people have clicked on malicious links that used the topic of the virus as bait. As a result, the total number of hits on malicious links nearly tripled from February to March.
What this means is that your employees are simply more likely to fall victim to malware, eCommerce fraud, or other cyberattacks thanks to the COVID-19 outbreak. And when they do they may inadvertently compromise their devices and your company data.
Minimize Your Risk
Cybersecurity risk management is a multi-tiered process that starts with avoiding and defending against attacks. If that fails, then you need to mitigate the damage from successful attacks and transfer the risk away from the company. While it is always better to stop an attack from being successful in the first place, you should still have plans and processes in place to handle the situation in the case it occurs.
So, how do you stop cyberattacks from compromising your remote work operations? The first step is to implement strong endpoint protection on all employee devices that will be used for work. Endpoint protection software is a bit like antivirus software evolved and takes a more comprehensive and proactive approach to threat prevention, detection, and defense.
Next, you need to educate employees and set standards for their home networks. Employees should use networks secured by a strong and unique password. Then, you should make sure that only authorized IP addresses can access your data and networks. IP blacklists, multi-factor identification, and identity management solutions can go a long way towards protecting your data during the outbreak. Finally, make sure that all of your standard protection measures are also in place and up-to-date. This includes VPNs and firewalls that protect your company networks from any attacks.
But if these measures fail, it’s time to mitigate the damage. That means implementing effective intrusion detection to discover a breach and start addressing it as quickly as possible. Ideally, these systems will tell you not just that there has been a breach but what systems were accessed. That can help you diagnose the damage and formulate your response. Another option is a managed detection and response system that combines software with hands-on attention from security experts for added protection.
It is just as important to minimize disruption to your systems and workflow. Many attacks try to damage or destroy data not just steal it. So, regularly back up all data in multiple locations to ensure that you don’t lose anything.
Finally, transfer the risks through business insurance coverage. As we’ll explore in detail later in this post, your business insurance will likely cover the damage from a successful cyberattack even if the attack was against an employee’s device or happened while the employee was working remotely.
Protect Your Employees
As we discussed earlier, remote work is not the only driver of cybercrime during the COVID-19 outbreak. Most attacks have to do with the virus itself, using outbreak-related lures to get people to click malicious links or even taking advantage of CARES Act stimulus payments to steal information and money from susceptible businesses.
While many of these attacks will target the individuals themselves – trying to gain access to their bank accounts or vital identity information – employers should still do everything they can to protect employees from falling victim to such attacks. Not only is it the right thing to do to take care of your team members, but the attacks can also compromise employees’ work devices and present cybersecurity risks. Just because an attacker planned to go after an employee’s bank account doesn’t mean that won’t pick up some valuable company data along the way, especially if it is low-hanging fruit.
So what can you do to protect your employees? In addition to providing powerful antivirus software, you need to educate and reassure. COVID-19 cyber-attacks feed on fear, isolation, and misinformation. Providing support and correct information about both the COVID-19 outbreak and common scams is the best countermeasure once your technology solutions are all sound and in place.
Work with your IT team, business insurance broker, HR consultants, and any other stakeholders to put together resources to inform employees about how to identify possible scams or malware attacks, and what to do if they think they may have clicked a malicious link or compromised their device. And work with your HR advisor to create outbreak-related resources that will fill the COVID-19 information gap so that employees are less likely to click the links in the first place. Finally, do everything that you can to minimize fear and isolation by keeping employees connected, engaged, and healthy in mind and body during the quarantine. Not only will this help minimize cybersecurity risks, but it will help your remote team work more effectively as well.
Know Your Business Insurance Coverage
If things do go wrong, will your business insurance protect you from the damages?
By and large, the answer is yes. There are several “triggers” that will cause your business insurance to kick in and which apply in the case of a cybersecurity breach from a remote employee.
A privacy insuring agreement may cover any damages if the attack results in the following privacy triggers. First, illegal access to company information is likely covered because your company will have been the victim of a crime. Secondly, if company information is compromised due to a cyberattack on an employee’s device that may count as violating an NDA, a common privacy trigger in business insurance policies.
But a security insuring agreement will often also apply. When someone is working from home, their computer and network will generally count as the company’s computer and network and thus be covered if attacked. This is especially true if they use a company device while working from home.
Keep in mind, though, that some insurers require a formal “Bring Your Own Device” policy with employees for them to cover the damages. This policy needs to outline safety measures and proper conduct that employees have to follow when using their device. So it is a good idea to have your employees sign such an agreement now that they are working remotely.
When in doubt, ask your insurer and business insurance broker about your cyber insurance to find out the details of your coverage. But if you have the correct policies in place, there is a good chance that you will be covered if your security measures fail.
Key Takeaways
There are many considerations when it comes to protecting company data, networks, and devices during the COVID-19 outbreak. Hopefully this article has given you a solid roadmap to start formulating your defense strategy and helped you figure out the right questions to ask your IT and business insurance providers. Just remember:
Remote work means a distributed network for added security risks and possible entry points for attacks
The outbreak has many people scared and looking for help, creating opportunities for attacks
Educating employees about proper security measures, real information about the outbreak, and how to avoid falling victim to cybercrime goes a long way to protecting their data and the company’s data
IT considerations to protect against cyberattacks during the outbreak include endpoint protection, intrusion detection, regular backups, home network security, and up-to-date antivirus, firewalls, and VPNs
Working with your business insurance broker to ensure you have the correct cyber liability policies in place is crucial during this time
