Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service
Clevel
1. C
1
CLeVeL | Spring 09
CLEVER_COVER Revisado.indd 1 5/20/09 10:25:01 AM
2. C
1
CLeVeL | Spring 09
CLEVEL_1-11 1 5/15/09 7:01:14 PM
3. C FROM THE PUBLISHER
Welcome
C
-Level has been a long time in the making, and not just since we
decided to publish it. In a way, I suppose figuratively speaking, the
magazine has been in the works since we got into the business of
managing risk and began to notice certain things.
Like how technical and uninviting (many people would say boring) insurance
and HR information tends to be. And how uninviting and stereotyped the
entire insurance industry in particular had become, as important an element of
risk management as it is.
It’s not that we mean to save the industry’s image with a magazine
(although deep inside we must admit to dreaming of the prospect). What we
aim to do is share a vision that we and most practitioners believe to be the
real truth on the ground: an industry full of passion and professionalism.
On the surface, it would appear that insurance is about managing risk and
Ramón A. (Tony) Pérez protecting against loss, while HR benefits is about providing employees a
Chairman of the Board package of perks to keep them motivated and retained. But below the surface,
Fulcro Insurance, Inc. the reality is far less dry and calculated.
Insurance and HR are all about real people in real life situations—a guide to
help make businesses successful and to enhance the relationship between, and
the experience of, management and employees.
Communicating this vision and showcasing the many companies in Puerto
Rico that are living it is the purpose of C-Level. And not just companies.
Every day, in ways small and large, individuals manage a myriad of personal
risks. Indeed, success itself, business and personal, is not possible unless you
assess, control and manage risks successfully. Protecting our businesses,
belongings and families against accident and loss yields great benefits. It
provides freedom of movement, the flexibility to launch a venture or go on a
trip, the peace of mind that comes from knowing you’re covered.
That’s what C-Level is all about: the human and tangible side of our
business. We hope you enjoy reading it as much as we enjoyed making it.
And by all means, feel free to send me a note (tperez@fulcroinsurance.com)
with your opinion and suggestions. We’ll be sure to take them to heart.
CLeVeL | Spring 09
2
CLEVEL_1-11 2 5/15/09 7:01:15 PM
7. C
THE PLAN
FROM THE PUBLISHER CRISIS TO APEX
2 Welcome
Our first edition 28 The Palo Seco Fire
From ashes to history
MEMO THE NEXT LEVEL
4 Rethink Risk
Rethink Relationships
32 El Amal
From pharmacy to global model
DARING LEADERS
FINE LIVING
8 David Bogaty
vs. Goliath
40 The Rights of Art
Don’t be fooled
10 Joaquín Rodríguez
Visceral risk-taker
42 Preserve Your Art
Make it last
C-STORY
14 Cyber Risk
Worse than you think
44 Restore Your Art
Ah, it’s back!
La alit in ute tis at el dolor
FUN LIVING
A LEVEL ABOVE
22 Wellness
A great investment
46 Luis Berríos
Racing through life
CLeVeL | Spring 09
6
CLEVEL_1-11 6 5/15/09 7:01:21 PM
9. C DARING LEADERS
David
(literally)
VS.
Goliath
How one man, driven by faith
CLeVeL | Spring 09
in the law and the passion
to create a different kind of
business, risked it all in a Àght
no one thought he could win.
No one, that is, except him.
8
CLEVEL_1-11 8 5/15/09 7:01:24 PM
10. DARING LEADERS C
F
or David Bogaty, 1996 was a defining year, It was a great time to get into telecommunica-
the second of three defining moments since tions. Federal regulations had opened the business to
leaving the prestigious Wharton School of competition. Baby bells had been broken up. More
Finance in 1991 and landing a plum job on companies were able to penetrate the long-distance-
Wall Street. call business. State monopolies, like the Puerto Rico
Telephone Company (PRTC), had to make room for
His business partners had given up on Puerto Rico, competition in local calls.
but he decided to stay and give fledgling telecom
company WorldNet a chance. A typical bottom-line “Wall Street (banks and investors) were pouring
analysis called for bailing out. “There were certainly money into the industry,” recalls Bogaty.
easier ways to make money,” he recalls.
The young company came to Puerto Rico to offer
But Bogaty’s motives were anything but typical. He long distance services, but ran into bureaucratic obsta-
wanted to build something special: a business that cles and long delays imposed by PRTC to limit competi-
would serve as a model to others on how to balance tion. His partners gone, Bogaty managed to grow the
high earnings with high ideals. business as a PRTC reseller, not a direct competitor.
“I asked myself if this is all just about money. Is In 1999, came his third defining moment and
that all there is to it, making lots of money and living boldest risk. He would face down PRTC in a huge
the good life? I felt the calling to choose another legal battle with more than WorldNet at stake. Other
path. I wanted to build a business that would companies would also benefit if WorldNet prevailed
make lots of money, but that would also make the in leasing the PRTC network, not merely reselling, to
world a better place; a company that would provide offer local phone and telephony solutions as a direct
employees with a unique experience, contribute to competitor.
the community and operate based on a strong set of
values: integrity, teamwork, caring.” “This was David vs. Goliath. No one gave us a chance.
But I knew the law was on our side and that PRTC
The vision shift began in his first big defining would eventually have to go along, so we didn’t shy
moment. Living through Wharton’s “success-at- away.”
all-costs culture,” as Bogaty describes it, he became
restless. Later, as a Chase financial analyst, he The landmark decision came in 2001. WorldNet had
decided he couldn’t take it any longer and made won. “It’s amazing the battles you can take on when
his fateful move, leaving Chase and joining some you’re driven by something bigger. Today, we’re prov-
partners to found a long-distance telecom company ing that business can thrive and make money built on
in Boston. values and based on a new vision.”
“It’s amazing the battles you can take on when you’re driven by
something bigger. Today, we’re proving that business can thrive
C and make money built on values and based on a new vision.”
-David Bogaty, Founder & President, WorldNet
9
CLeVeL | Spring 09
Bogaty’s vision is to build a company where it is fun and
meaningful to work. Pictured are four senior executives
and long timers: (left-to-right) Gloria Mulett, María
Virella, Francisco Muñoz y Mariely Rolón.
CLEVEL_1-11 9 5/15/09 7:01:25 PM
11. C DARING LEADERS
That’s the message
from Puerto Rico’s
leading hospital-chain
executive, who reveals
the secret behind
HIMA-San Pablo’s
impressive growth.
If you intend to follow
the prescription, be
forewarned: it takes
quite a pulse.
‘Risk taking is
visceral’
CLeVeL | Spring 09
10
CLEVEL_1-11 10 5/15/09 7:01:27 PM
12. DARING LEADERS C
T
he meteoric rise of HIMA-San Pablo is, by now,
well known in Puerto Rico. Since its founding a “We originally aspired to be as good as San Pablo,” he
short 21 years ago, the company has grown from confided. “And now here we are.”
the initial 300-bed HIMA Hospital in Caguas to
more than 1,115 beds among four leading hospitals The big risks today are major pieces of equipment—
today, easily the largest privately owned hospital and the latest high-tech treatment machines available
health system in Puerto Rico. nowhere else on the island and in only a handful of
hospitals in the U.S.—each costing millions of dollars and
No business grows this fast and reaches a dominant facing what to many is uncertain demand.
position in an industry—profitably, in HIMA’s case—
without taking significant risks along the way. But not to Rodríguez, who deploys a unique process
to arrive at these business decisions.
For co-founder, chairman, chief executive & chief
risk-taker Joaquín Rodríguez, the first risk was the “It’s visceral,” he assures, pointing to his gut. “With
decision to launch the business in the mid-1980s. He each of these machines, if people need it and no one
was an administrator at San Rafael Hospital in Caguas else has it, I figure people will have to come here for the
and faced the shut-down of the treatment, so we buy it.”
facility.
No fancy market research or analy-
Rodríguez joined partner sis. No sales projection or number
Carlos M. Piñeiro, each invested crunching. Just pure gut instinct.
$500 in cash, obtained the
financing and built what at the “That’s how we take these risks,”
time was a $68 million hospital, he added. “Thankfully, our senior
HIMA Caguas, staffed mostly management team sees it the same
with San Rafael doctors, nurses way,” even though he admits to
and employees. provoking lost sleep in his financial
team, which must justify major in-
“Once we recovered the vestments to bankers left scratching
$1,000, we had nothing to their heads. That’s more so consider-
lose, so we figured we would The cyberknife, a robotic surgery machine for ing that medical-plan companies in
cancer treatment.
“With each of these machines, if people need it and no one
else has it, I Àgure people will have to come here for the
C treatment, so we buy it.”
-Joaquín Rodríguez, Chairman & CEO HIMA-San Pablo
continue taking major risks to grow the business,” said Puerto Rico do not cover those treatments, leaving cash
Rodríguez. patients as the primary market.
The chief motivator all along, he says, has been a To be sure, while instinct-driven, a viability analysis is
relentless passion to become the best hospital and done. “We know roughly the size of the market for each
health system in the Caribbean, and one of the best in of these conditions in Puerto Rico, around the region
the United States. and in the U.S., and we charge less than any hospital
in the states, so we’re marketing aggressively to draw
11
“When you want to be the very best, you have to take patients from there.”
some big risks and offer treatments other hospitals do
CLeVeL | Spring 09
not provide,” he told C-Level during an exclusive inter- The winning card: medical plans in the U.S. do cover
view at his rather modest office in Caguas. the treatments.
HIMA’s numerous acquisitions and expansion deci- “The risk-taking may be visceral,” he says, “but it’s not
sions are obvious examples, particularly the decision to dumb.”
acquire chief rival San Pablo in 2005.
CLEVEL_1-11 11 5/15/09 7:01:29 PM
15. C C - S TO RY
Connect you must, but
carefully
If you have a network or connect to the Internet,
you’re exposed to cyber risk. And what a risk it is! Loss of
priceless data. Damage to your brand and reputation.
Loss of consumer trust. Business interruption. Business ruin.
Here’s what’s at stake and what you can do.
W
ho would have imag- issues are no longer the exclusive Our growing dependence on
ined that technology domain of companies doing busi- the Internet has left us vulnerable
would become the ness on the Web. Today, few orga- to liabilities related to privacy,
double-edged sword nizations are immune from cyber intellectual property and digital
of the 21st Century. threats. Simply storing employee content disputes. And just a few
information electronically, having of the many threats that can be
The Internet and those very a basic website or communicating devastating to a company’s bottom
same high-tech systems that have via email, opens the door to a slew line include major network security
allowed businesses the ability to of new and unforeseen risks. breaches, denial of service (DoS)
store, use, share and organize mas- attacks (deliberate attempts by
sive amounts of information have Even the federal government is hackers to prevent legitimate use
opened a Pandora’s Box of orga- in a state of shock over its vulner- of a service), as well as new regula-
nizational vulnerabilities and risks ability to new threats. Accord- tions that require the notification
that give a whole new meaning to ing to a recent report ordered of individuals whose personal
the term catastrophic loss. by President Barack Obama, the information is compromised. And
government remains far too reliant the list goes on.
Back in the 1990s, when the on outdated and easily hacked user
CLeVeL | Spring 09
term “cyber risk” was first coined, it names and passwords. The report Not that private anymore
applied mainly to e-commerce and recommends a transition to new “Hacking is pervasive,” says
Internet-related companies, but technologies that feature token- Steven Haase, Risk Management
that’s not the case anymore. It’s based authentication (smart cards specialist & CEO of Insuretrust,
officially gone mainstream. or code-generating mechanisms during an exclusive interview with
that constantly change your pass- C-Level.
The reality is that computer net- word), biometrics and other related
14
work security and risk management tools. Continued on page 16
CLEVEL_12-21 14 5/15/09 8:06:40 PM
16. C - S TO RY C
15
CLeVeL |Spring 09
CLEVEL_12-21 15 5/15/09 8:06:41 PM
17. C C - S TO RY
“At least 20% of companies has been a data information se- companies an average of $202 per
have been victimized by hackers curity breach in which personal in- compromised customer in 2008,
or intruders, and some of them formation may have been illegally up from $197 in the previous year.
on many occasions. Often these accessed, lost or stolen. This amount does not include law-
incidents result in the dissemi- suits by those whose information
nation of personal information, Underlining the prevalence of was leaked, but only the costs for
which is why we are hearing so security breaches, Haase said that legal, investigative and adminis-
much about organizations that are since the law went into effect, trative expenses, as well as those
paying a high price for network as many as 50% of all citizens associated with customer support
security and privacy breaches. “ have been notified in writing such as information hotlines and
that their personal information credit monitoring subscriptions.
Phishing scams have also be- may have been exposed. He
come highly prevalent. Phishers pointed to a recent study by the No industry, nor the most
are people who send fraudulent Poneman Institute, a privacy & seemingly powerful and protected
email messages or create fake information management research organizations and institutions, are
websites designed to get people to firm, which indicated that the immune from breaches or are safe
reveal sensitive information. costs associated with information from determined hackers.
Regulations in 44 states and breaches can be staggering and
Puerto Rico require organizations are on the rise. In a recent highly publicized
to notify individuals in a timely According to the study, case, it was revealed that the World
manner when they believe there each data breach incident cost Bank Group’s computer network
Continued on page 20
Which of these cyber risks are you exposed to?
Risk-assessment guide you may use to evaluate your vulnerability
COVERAGE GENERAL EXPOSURE TO LOSS
CATEGORY
Security Coverage Maintains sensitive information on the network
Rogue employee could cause breach of security or send out a virus that harms 3rd parties
Could be subject to regulatory civil actions if a breach of network security occurs
Utilizes a hosting company for some/all of the company’s data
Privacy Coverage Maintains paper files with sensitive information
Stores sensitive information (paper files) offsite at non-owned/non-controlled locations
Staff carries sensitive information on their laptops and/or maintains computer data away from the
office
Uses a privacy statement on the company’s websites
Content, Advertising Publishes significant digital contentadvertising on the company’s website
& Intellectual Prop. Publishes significant non-digital contentadvertising
Coverage Maintains 3rd party intellectual property on the networks
Owns numerous domain names
First Party Coverage Generates significant revenue over the web, or would suffer a significant loss of revenue if
network operations are impaired
Could suffer a severe permanent loss of data
Could be subject to notification costs if a breach of network security occurs
CLeVeL | Spring 09
In the event of a breach, the company may incur significant crisis management & PR expenses
Could be vulnerable to cyber extortion
Emerging Risks Maintains blogs, chat rooms, or other social networking capabilities
Cyber stalking
Is exposed to an aggregation loss potential
Errors & Omissions Provides information technology products or services
Coverage Owns the rights to copyrighted software code
16
Provides non-information technology products or services
CLEVEL_12-21 16 5/15/09 8:06:42 PM
18. C - S TO R Y R O U N D TA B L E C
Wake up!
That’s the urgent cry from four local experts, who
suggest measures all businesses can take immediately
to minimize their cyber risks
E
very business person has connectivity, you’re at risk,” warned Education and coaching begin
gotten the message that Luis Valencia, president of STTC, with a vision. “How do you view
technology changes all the another local consultancy. cyber risks?” asks Pérez. “For most
time. Hardware, software, business people, cyber risk is a cost.
networks and systems have become Fuentes and Valencia are two of Technology is an investment, but
moving targets you must follow four leading Puerto Rico experts who protecting against its risks is seen
and invest in continually, every year participated in a recent roundtable as a cost. The question they ask
throughout the year, in order to held at Fulcro Insurance in Old San is, ‘What equipment and insurance
remain competitive. Juan to recommend steps businesses coverage do I need to buy to be
can take to mitigate and manage the protected?’ But this cannot be seen
But few business people seem many forms of cyber risk. They were as a cost, as something you can
to realize that the same principle joined by Eddie Molina, director of simply install or a policy you can
applies to the cyber risks posed by risk & advisory services at auditing just buy and you’re done.”
that very same technology. & accounting firm Torres Llompart
Sánchez Ruiz, and Ramón Pérez “Cyber and network security,”
“This is never static,” said Emilio Blanco, partner in charge of com- added Fuentes, “has become com-
Fuentes, CEO of Knowlity, a local IT mercial risks, claims and information moditized. People buy protection off
consulting firm. “The threats faced technology at Fulcro. the shelf, like anti-virus programs,
by a business are dynamic. There is thinking that will get it done.”
always a risk that must be man- What can you do about cyber risk?
aged, including threats we’re not 1. Education and Vision 2. Integrated team approach
17
even aware of right now. Since we “Businesses in Puerto Rico have been Instead, all experts agree that a
can’t control when risks arise, their very slow to catch on and make the business must take an integrated
CLeVeL | Spring 09
degree of complexity, and much less changes necessary,” Molina said. approach to cyber risk, a seamless
eliminate every incidence, we must “The place to begin, therefore, is combination of people, process and
manage the risk.” education. Executives must learn technology.
what’s at stake and what they have
“As soon as you connect a to do. A big mistake would be to as- “It has to be a team approach,”
cable for network and Internet sume you know. Get help instead.” said Molina.
CLEVEL_12-21 17 5/15/09 8:06:43 PM
19. C C - S TO R Y R O U N D TA B L E
“It’s all right for the IT manager But cyber risks have become so and less expensive to implement, and
and department to take the lead, but complex and varied per industry that plan to increase your protection over
the CEO has to be on board to create lawmakers and regulators have been time.
the culture and sense of priority,” unable to keep up.
explained Fuentes. “The Human “Make peace with the fact that
Resources Department must be “If you’re just complying with regu- you’re always going to be exposed to
integrated to ensure proper training lations, you’re exposed to significant some extent, given the nature of cyber
of everyone involved and create the additional risks,” said Valencia, who risk,” he added. “The important thing
awareness among all employees. recommends that all companies go be- is to have the most protection possible
The COO must also work hand-in- yond regulatory requirements and set at the price you can afford at any
hand with IT to implement the right up the protection they actually need. given time.”
processes and make sure the company
is aligned in every possible way.” 4. Wise use of money 5. Vendors and applications
“Given unlimited time and money, a “Every vendor you subcontract and
In other words: technology, people business would be able to buy lots of software application you buy for your
and process working in sync and con- protection. But no one has unlimited business comes with a potential cyber
stantly updating. time and money, and that requires that risk,” said Valencia.
you be more practical,” said Fuentes.
3. Beyond regulation The answer: design a cyber risk
Federal and local regulations provide His suggestion: have your cyber risk review for each one. “Your suppliers
a starting point, forcing companies team engage in a constant evaluation should answer a set of questions
to implement a minimum standard of your risk position and needs, invest about their risk position and exposure,
of cyber risk protection, mainly to in the technology and insurance particularly if they are exposed
protect consumers against privacy protection you can afford, start with to your data or connected to your
breaches. the low-hanging fruits that are easier network.”
“We need to be conÀdent that the client is
taking cyber risk seriously and is doing what
CLeVeL | Spring 09
needs to be done; that the company is not
“As soon as you connect a cable for network negligent. Then we design an insurance
and Internet connectivity, you’re at risk.” policy that Àlls the gaps that arise inevitably
from a company’s risk avoidance measures,
- Luis Valencia, president of STTC since we know they are unable to prevent all
risks and potential damages.”
- Ramón Pérez, partner in charge of
C commercial risks, claims & information
technology, Fulcro Insurance C
18
CLEVEL_12-21 18 5/15/09 8:06:45 PM
20. C - S TO R Y R O U N D TA B L E C
6. Insurance coverage measures, since we know they are a moment will come when most
Cyber risk has become an emerging unable to prevent all risks and po- companies will be OK, or we will
field in the insurance industry. A tential damages.” face a major crisis, perhaps in one
well-designed policy can cover a or two high-profile companies, and
business for damages and liability Insurance coverage also contem- people will learn the hard way,” said
that technology fails to prevent, plates a rapid response in case of Valencia.
such as loss of data, lawsuits for a hit. “In cyber risk, the insured’s
privacy breaches, network break- reaction time has to be immediate,” Today, he added, every com-
downs, business interruption, and he added. “This isn’t like a hurricane pany has certain kinds of insurance
more. that we can see coming. It’s more policies and protection against
like a fire that happens with no such things as workplace accidents
But before writing a policy, insur- warning and creates damages that and product liability because we’ve
ance companies want to be sure have to be recovered immediately.” gained awareness over time and
that the business is taking every have learned from the tragic experi-
step possible to minimize the risk by Gradual, or forced by a crisis ences of others.
taking other steps.
Given how far behind local “Let’s just hope,” he concluded,
“We need to be confident that the businesses find themselves in “that it doesn’t take a tragedy to
client is taking cyber risk seriously their cyber risk management and create awareness and spark action
and is doing what needs to be done; protection, the four roundtable on cyber risk.”
that the company is not negligent members anticipate the problem
in how it handles this matter,” said will be solved one of two ways.
Pérez. “Then we design a policy that
fills the gaps that arise inevitably “Either people will gain the
from a company’s risk avoidance awareness gradually over time and
“Businesses in Puerto Rico have been very “This is never static. The threats faced by a
slow to catch on and make the changes
19
business are dynamic. There is always a risk
necessary. The place to begin, therefore, that must be managed, including threats
is education. Executives must learn what’s we’re not even aware of right now. Since we
CLeVeL | Spring 09
at stake and what they have to do. A big can’t control when risks arise, their degree of
mistake would be to assume you know. complexity, and much less eliminate every
Get help instead.” incidence, we must manage the risk.”
- Eddie Molina, director of risk & advisory - Emilio Fuentes, CEO of Knowlity
C
services, Torres Llompart Sánchez Ruiz
C
CLEVEL_12-21 19 5/15/09 8:06:50 PM
21. C C - S TO RY
Continued from page 16
was compromised. One of the largest repositories of information are exposed to the dangers posedby
sensitive data about the economies of every nation malicious insiders and, in some cases, employees
had been raided repeatedly by as many as six outsid- with poor judgment.
ers over the course of a year, and it still remains a
mystery how much information was gleaned after the One example is a case in which an employee
highly restricted treasury unit’s network was deeply at Progressive Casualty Insurance Co. wrongfully
penetrated by spyware. accessed information on foreclosure properties she
was interested in buying. Following a complaint
Internal threats by a woman who said she was contacted by the
The financial sector, including banks, securities employee about buying her house under foreclosure,
firms and insurance companies, have long been a Progressive was forced to notify its policyholders
hotspot for security attacks and breaches. that their confidential information may have been
wrongfully accessed by an employee who was fired.
A survey conducted by consulting firm Deloitte &
Touche found that 83% of financial services firms Cyber risks, such as these, can cause deep and per-
have acknowledged that their information technol- haps catastrophic financial and reputational damage.
ogy (IT) systems had been compromised by attacks Business is interrupted, priceless data lost and brand
from the outside in the year prior. equity—the trust of customers—undermined.
Security threats, such as viruses, malicious code, High price of remediation
sabotage and identity theft, have historically caused There is also a penalty for not complying swiftly
significant financial losses at these institutions. with notification laws. In New York, the attorney
general’s office penalized a multinational corpora-
Retailers, even those whose systems were up to tion for waiting until June to notify authorities of a
date with the latest standards for data security, are possible loss of computer data that was uncovered
another industry group hard hit by security breaches. in early May.
One example is a massive network breach suffered
by Hannaford Bros. Co, when up to 4.2 million credit The company’s losses were compounded when
and debit card numbers were stolen during the card they were also forced to pay all costs of the inves-
approval process at its grocery stores in the North- tigation as a result of not notifying the more than
east and Florida. half-million potentially affected people prior to July.
But even that data breach paled in comparison But catastrophic losses in data breach cases can’t
CLeVeL | Spring 09
to the one suffered by the parent company of the necessarily be measured in dollars and cents. Many
TJ Maxx and Marshalls chains, in which up to 100 of those individuals whose information is compro-
million credit cards were exposed in the U.S. and mised or who receive data breach notifications,
Puerto Rico. lose faith and respect in the entities they believe
were responsible for protecting their personal
But not all malicious attacks are from outside information.
hackers. Even those companies that are most dili-
gent about perimeter security of their networks and They tend to blame the organization for not
20
CLEVEL_12-21 20 5/15/09 8:06:54 PM
22. C - S TO RY C
having sufficient controls or safeguards in place whether it is online giant eBay or a mom-and-pop
to protect their data, and even if they don’t suf- site that sells home-made jelly, an interruption of
fer any negative consequences from the breach, service caused by a down website could result in
they are likely to lose trust and confidence in the significant loss of revenue.
organization.
Blogs, which are becoming increasingly popular in
This image-impairing incident can turn out to be a business, bring with them new liabilities. Organiza-
public relations nightmare for some companies and tions lose their ability to maintain tight controls
in the long run, prove even costlier than the notifica- that protect them from legal action. That makes
tion and remediation, or the steps taken to avoid the them responsible for the actions and comments of
damage. (See related story.) individuals outside their organization, as well as to
lawsuits related to defamation, invasion of privacy,
Loss of revenue is not the worst consequence an or- infliction of emotional distress and copyright trade-
ganization can face following a security breach. It can mark infringement.
also find itself an unwitting accomplice to a crime.
Also, more and more lawsuits are cropping up for un-
Stalking is more prevalent than one might anticipated legal infractions, such as websites not being
imagine, and company databases and the Internet compliant with the Americans with Disabilities Act.
have become a prime fertile ground for stalkers to Retail giant Target recently settled a class-action
access information. If personal information about an lawsuit with the National Federation of the Blind
individual being stalked is negligently passed on to for not making its website compatible with screen-
a perpetrator, and as a result that person is harmed, reading software which vocalizes visual information
the source of the information that was negligent in on a computer screen.
protecting the information could be held liable for
injuries suffered by the victim. Not making its site accessible to the blind cost
the retail giant $6 million in awards to claimants
Emerging Risks and in changes to make the site accessible to the
If network security and privacy breaches aren’t blind.
enough for organizations to contend with, there’s
certainly no shortage of emerging cyber-related risks. The increase in outsourcing of customer service is
also another new trend driving up the possibility of
Mobile computing and laptops that store sensi- security and privacy breaches.
21
tive information, and the use of cell phones to store
and transfer data, open up new opportunities for The Poneman study found that breaches by
CLeVeL | Spring 09
information to fall into the wrong hands and result third-party organizations such as outsourcers,
in devastating losses for companies. contractors, consultants and business partners were
reported by 40% of respondents, up from 29% the
The Internet has revolutionized the way many previous year, which indicates that the sharing of
companies operate. For some, it has become the only information and data exposes new and increased
way they do business. For web-based companies, risks.
CLEVEL_12-21 21 5/15/09 8:06:55 PM
23. C A L E V E L A B OV E
Doing well
Keeping your employees healthy, it
turns out, is not just good for them.
It’s also good for your bottom
line, particularly when it becomes
CLeVeL | Spring 09
cultural. The key to managing the
risk of illness and workplace injury:
wellness.
22
CLEVEL_22_31 22 5/15/09 6:01:56 PM
24. A L E V E L A B OV E C
I
f your business development team brings you a loyal and more inclined to stay with you for the long
product or expansion that yields $3 for every $1 haul.
invested, you would probably reward them with a
hefty bonus and an incentive trip to Las Vegas. And that means less turnover and greater reten-
tion, and you don’t need us to tell you how much that
That leaves HR professionals and management would mean to your bottom line. A lot!
gurus scratching their heads at the hesitation of CEOs
when faced with an investment in a cutting-edge As the word spreads outside your company, you at-
wellness program. tract better talent, often at lower salaries or compen-
sation packages than you would otherwise have to
Various national and global studies have confirmed pay, since people are drawn to companies that offer
that every $1 invested in a comprehensive wellness better working conditions.
program yields roughly $3 in bottom-line results.
But it’s not just logic yelling at you. It’s also
Dig into the issue and it’s easy to see why. Pure numbers: a cut in health care costs of up to 55%,
logic says that if an employee stops smoking, eats reduction in short-term sick leave of up to 32%, and
better, loses weight and exercises often—and spreads productivity increases of up to 52%, according to
these healthy habits among the entire family at home, the U.S. Department of Health and Human Services.
as well as among colleagues at work—illnesses, inju- Statistics on such things as the reduction in workplace
ries and doctors’ visits will drop significantly. injuries and plan utilization are equally eye popping.
That means far less absenteeism and utilization of If the health of your employees, therefore, is a big
the medical plan, which in turn translates into lower risk to manage, just as you manage other risks, well-
health care costs for your company. ness is an indispensable risk-management strategy for
your business.
It also means far less presentism—workers who are
present, but unable to concentrate and focus fully, Wellness 101
or to perform with the vitality and enthusiasm that Wellness is a combination of techniques and programs
23
yields greater productivity. Health problems, you see, designed to manage and improve the health of your
have this nasty tendency to divert a person’s attention employees both at work and at home. It falls into
CLeVeL | Spring 09
from the work at hand. three broad categories: personal health maintenance,
work-life balance and workplace injuries.
Logic also says that if employees achieve improved
quality of life at work and at home and owe it primar- Personal health maintenance includes good eating
ily to their company’s wellness efforts—if they have and exercise habits, prevention techniques, disease
you to thank for it—they will feel far more committed, management for existing conditions, proper use of
CLEVEL_22_31 23 5/15/09 6:01:58 PM
25. C A L E V E L A B OV E
Wellness is a
C combination
of techniques
and programs
designed to
manage and
improve the
health of your
employees both
at work and at
home.
It falls into three
broad categories:
personal health
maintenance,
work-life balance
and workplace
injuries.
CLeVeL | Spring 09
24
CLEVEL_22_31 24 5/15/09 6:01:59 PM
26. C
doctors and medicines, ergonomics, and more. Here, sitting all day in a chair, typing all day in a comput-
your company would offer workshops, seminars, er and standing all day behind a cash register. There
educational materials, incentives and one-on-one are established and highly proven strategies to deal
interventions by trained wellness experts. with all of the above and keep your employees not
just safe, but more importantly healthy.
Work-life balance entails what the name implies:
company policies and practices that provide employ- The Lausell example
ees and executives a more holistic balance between A logical first step would be to seek the help of
work and priorities at home, such as child care and wellness experts who can step into your company
elder care. Perhaps several employees need to work and get it done.
at home and telecommute some days of the month
instead of being at the office all the time. Perhaps “The important thing is for the company’s senior
they need more flexible working hours, whether per- leaders to be committed to wellness and the benefits
manently or temporarily to deal with a sick elder. it brings,” said Marie Carmen Serrano, assistant vice
president of the Employee Benefits Practice at Fulcro
Prevention of workplace injuries is more common- Insurance, a leading insurance broker & risk man-
ly known among CEOs, particularly in such prone agement company in Puerto Rico.
settings as construction, manufacturing, restaurant
kitchens, docks, and heavy-lifting work. Less known “That’s important because best results are achieved
are injuries in more sedentary office settings such as when the wellness program is integrated, compre-
hensive and long-term, as opposed to segmented
and temporary, and for that you need the
staying power
and investment
that comes
from com-
mitment.”
To illustrate,
Serrano points to
Empresas Lausell,
which began its
wellness program in
2000 and is still going
strong.
“At Lausell, well-
ness has become
part of its culture.
It’s a way of doing
business, of relating
to employees and
“We’re convinced that to the extent employees do wellness on
25
C their own and support each other in the process, the results will
be even better. It’s also part of our culture to genuinely care
CLeVeL |Spring 09
for employees and make sure they’re as happy and fulÀlled as
possible, and their health is a critical part of that mission.”
- Alberto Recio, CEO, Empresas Lausell
CLEVEL_22_31 25 5/15/09 6:02:02 PM
27. C A L E V E L A B OV E
producing top notch results,” added María Díaz, health A wide range of conditions—diabetes, obesity, choles-
educator & Fulcro’s wellness point person. terol, blood pressure, arterial disease, asthma, others—
as well as workplace injuries and days lost as a result,
The first thing the Fulcro team did at Lausell, as they show marked improvements.
recommend that all companies proceed, is a thorough
evaluation of employee health conditions and attitudes, Consequently, Lausell is spending about 35% less
the health plan’s utilization, working conditions at the per employee on health care than it would without the
company, OSHA injury reports, and other such indicators. wellness program.
The data analysis is painstaking, tracking gender, age,
type of work, injury per occupation, existing conditions, Needed: vision
and other risk factors. “It has been a great success story at our company, and
we encourage other companies to do the same,” said
That in hand, they presented Lausell with a compre- Lausell CEO Alberto Recio.
hensive wellness program to cover all gaps and improve
performance in a series of steps across several years, “We’ve strived to make it cultural in our case, since
“The important thing is for the company’s senior leaders to
C be committed to wellness and the beneÀts it brings. Best
results are achieved when the wellness program is integrated,
comprehensive and long-term, as opposed to segmented
and temporary, and for that you need the staying power and
investment that comes from commitment.”
- Marie Carmen Serrano, Assistant Vice President
Employee BeneÀts Practice, Fulcro Insurance
allowing the company to phase in the investment and we’re convinced that to the extent employees do
measure progress as they went along. wellness on their own and support each other in the
process, the results will be even better,” he added. “It’s
The package includes any combination of the follow- also part of our culture to genuinely care for employees
ing: safety and health committees, clinics, conferences, and make sure they’re as happy and fulfilled as possible,
workshops, internal communications for awareness and and their health is a critical part of that mission.”
knowledge, disease management, individual employee as-
sistance, nutrition and exercise interventions, and more. So given this overwhelming case in favor of wellness,
why do so many CEOs say no?
In the case of Lausell, a company of 580 employees
manufacturing windows and doors at six sites around “It’s mainly lack of awareness and vision, and a
the island, more than 45 health-related intervention and reluctance to pull employees out of their jobs to attend
CLeVeL | Spring 09
awareness activities have been held, in addition to other sessions,” said Fulcro’s Serrano.
techniques. A solid 98% of participants report improved
lifestyle changes as a result. During this time of deep recession, when cutting costs
(like health care) and improving performance are top
Employee participation in the wellness program, priorities, having better vision and pulling employees
which varies from year to year based on several factors, away from their jobs is exactly the prescription the
has been as high as 43%, and company executives are doctor should order.
expanding the program to include more.
26
CLEVEL_22_31 26 5/15/09 6:02:05 PM
29. C C R I S I S TO A P E X
Unit #1 under fire.
CLeVeL | Spring 09
28
CLEVEL_22_31 28 5/15/09 6:02:06 PM
30. C R I S I S TO A P E X C
From ashes
to history
Following back-to-back Àres in December 2006,
29
which produced the biggest local insurance claim
CLeVeL | Spring 09
in history, the Palo Seco power plant rebounded
to become one of the most advanced in the
Hemisphere. The story reveals critical lessons any
business can follow.
CLEVEL_22_31 29 5/15/09 6:02:14 PM
31. C C R I S I S TO A P E X
Unit #1 fully rebuilt. Control room before
O
n December 29, 2006 at 4:00 p.m., an PREPA replaced the damaged or destroyed equip-
electrical failure at the Puerto Rico ment with more modern technology, as the old
Electric Power Authority (PREPA) Palo tech was no longer available. The control room
Seco power plant in San Juan caused and switch gear are now state-of-the-art, able
a fire that engulfed an 85 megawatt (MW) to manage the plant with greater efficiency and
generating unit, better known as Unit 1. lower costs.
At 10:00 p.m. the following day, a second elec- Among the new technologies, Palo Seco now
tric failure reduced the plant’s control room and features a gas-insulated substation (GIS), one of
switch gear to rubble and ashes, forcing the whole only two substations of its kind in the world. The
602 MW plant to shut down and sending ripple other one is operational in Japan.
effects throughout the entire power grid.
The plant’s personnel, as well as PREPA’s senior
The Palo Seco fire became the biggest such loss team, gained priceless insights and knowledge they
of any government agency or private company in are now applying to other parts of the system.
the history of Puerto Rico, with insurance claims
surpassing the $230 million mark. Cost hike avoided
During the crisis, PREPA had to deal with anoth-
Today, the Palo Seco plant has been rebuilt. er big issue. While Palo Seco was shut down for
CLeVeL | Spring 09
Today, Palo Seco has been rebuilt. The control room and
C switch gear are now state-of-the-art, able to manage the
plant with greater efÀciency and lower costs. Among the new
technologies, Palo Seco now features a gas-insulated substation
(GIS), one of only two substations of its kind in the world. The
other one is operational in Japan.
30
CLEVEL_22_31 30 5/15/09 6:02:15 PM
32. C R I S I S TO A P E X C
...right after the fire ... and brand new
repair, the agency was forced to rely more on other “We have had the privilege of working hand-in-
plants. But those plants use more expensive fuel hand with PREPA from the very first moment to
than Palo Seco, and the agency faced the prospect demonstrate to the agency’s insurers the magnitude
of passing that extra expense on to consumers. of the loss,” said Arturo Ortiz Rodríguez, partner in
charge of business development at Fulcro Insurance,
The answer: activate the agency’s extra-expense the firm that designed and brokered PREPA’s insur-
coverage, a feature of its insurance policy that cov- ance program.
ers PREPA for the higher cost during the repair.
“Overall, PREPA has been able to recover a signifi-
The higher-cost challenge was particularly cant amount of money from its insurers, avoiding
daunting given Palo Seco’s strategic location on the the need to pass the cost to its customers.”
grid and the fact it supplies a whopping 16% of the
grid’s generating capacity. This coverage avoided Because of the sheer size of the loss and the mul-
having to pass these higher operational costs to its tiple related technical issues, the insurance claims
customers. community in Puerto Rico now considers the Palo
Seco case to be “once in a lifetime”, he added.
Because of a well designed insurance coverage
and PREPA’s ability to maintain service to its cus- For the sake of all businesses and government
tomers, the impacts of the events of December 2006 agencies in Puerto Rico, let’s hope it’s once in many
were mild and short lived. lifetimes.
31
CLeVeL | Spring 09
Because of a well designed insurance coverage and PREPA’s
C ability to maintain service to its customers, the impacts of the
events of December 2006 were mild and short lived.
CLEVEL_22_31 31 5/15/09 6:02:22 PM
33. C NEXT LEVEL
A new
model
CLeVeL | Spring 09
If ever there was an example of a dramatic reinvention
in business, we have one right here in Puerto Rico.
Because more than a reinvention, El Amal has created a
health-clinic model unique in the world, that serves as a
solution to rising health care costs & an inspiration to all.
32
CLEVEL_32-41 32 5/15/09 6:03:16 PM
34. NEXT LEVEL C
W
hen most people think of El
Amal these days, they think of
the bankruptcy reorganization
recently filed by the 37-year-
old pharmacy and retail company.
What they don’t know is the real—indeed,
revolutionary—reorganization taking place
behind the scenes, one that promises to
catapult the company from bankruptcy—it
expects a doubling of its revenues as a result
of the change—into global stardom.
That’s because when news of the novel
model reaches Congress and the White
House, as it surely will, El Amal may very
well become the sort of private-sector-led
solution President Obama is looking for in
his crusade against ballooning health care
costs—a crisis bankrupting businesses and
families across the United States and Puerto
Rico.
“This is the first time we tell our story,”
said Sultan Yassin, vice president of new
business development and the mastermind
behind the reinvention, in an exclusive in-
terview with C-Level. “We think that when
President Obama hears the story, he just
might use us as a model for the rest of the
country.”
It is nothing short of a revolutionary change of behavior El
C Amal seeks, for “every person in Puerto Rico to acquire a new
habit, the habit of prevention, and drop their bad habits, like
unhealthy diets, zero exercise and zero annual check-ups,”
said project mastermind Sultan Yassin.
Goal: new habits
Pharmacies used to be mainly about pre-
scription drugs, until they became “mini
Kmarts,” as Yassin explains: “little depart-
ment stores with everything from gardening
products to coffee bars to household goods.”
33
El Amal bought into the model, but the
category became commoditized by a prolif-
CLeVeL | Spring 09
eration of competitors that made it all but
impossible to differentiate the brand and
win. Making matters worse, “margins have
been squeezed on the prescription end by
health insurers.”
CLEVEL_32-41 33 5/15/09 6:03:18 PM
35. C NEXT LEVEL
The convenience, pharmacy,
remaining retail offering
C and urgency room will draw
people in. But what really
excites Sultan Yassin and
his El Amal colleagues is the
potential of persuading every
customer-patient who walks
through their doors to adopt
year-round prevention for
improved health care and a
better life.
El Amal’s management had a decision to make. “We emergency room visits in Puerto Rico), as well as provide
would either stay the course and fight it out, or break year-round prevention and patient care.
away in a new direction.” They chose a new direction:
the El Amal Health Clinic, of which one is now operational All with the extended hours of a pharmacy, which
on Piñero Ave. in Río Piedras, with plans for most of the doctors’ offices and other clinics do not offer, and 30+
remaining 38 locations to convert in the next 2-3 years. locations around the island. Cutting-edge technology
accelerates everything. And doctors will see you by
CLeVeL | Spring 09
There are, of course, other health clinics. But none appointment at the hour scheduled. No four-hour waits
delivers the unique combination El Amal has launched. and excessive time lost from work.
The prescription counter stayed, as did a less varied but
still robust retail offering, mostly to meet basic needs. The convenience, pharmacy, remaining retail offering
The space freed by the eliminated retail products is and urgency room will draw people in. But what really
occupied by a full-fledged clinic and “urgency room”: excites Yassin and his El Amal colleagues is the potential
doctors, nurses and equipment to attend to people’s of persuading every customer-patient who walks through
urgencies that are not emergencies (fevers, cuts, pains, their doors to adopt year-round prevention for improved
34
and the like, which constitute roughly 70% of all health care and a better life.
CLEVEL_32-41 34 5/15/09 6:03:19 PM