Issue 113 - July 2021
Welcome aboard the S.S. Authority! We are pleased to announce the California JPIA’s 26th Annual Risk Management Educational Forum, titled S.S. Authority: Voyage Through the Sea of Risks, is changing course to an in-person event at the Catamaran Resort Hotel in San Diego, October 6–8, 2021.
We’re all aboard as our finest navigators ensure you and your crewmates find safe harbor, no matter the weather. The Authority charts each Forum for members to study topics and issues relevant to local government in areas such as legal liability, workers’ compensation, employment law, public safety, organizational thinking, governance, and legislation.
On deck to inspire us is keynote speaker Captain Richard Phillips. The captain is the author of A Captain’s Duty: Somali Pirates, Navy SEALs, and Dangerous Days at Sea, detailing his dramatic encounter with modern-day pirates and his remarkable rescue. The story was also turned into an Academy-Award and Golden-Globe nominated film.
Don’t be left high and dry this October as we voyage through the sea of risks. May you have fair winds and following seas as you begin your journey toward the Authority’s premier annual educational event for California JPIA members.
While Forum registration is free for members of the California JPIA, registration does not include hotel accommodations. Registration is also limited to public agency officials and employees, and the Authority’s business partners.
Registration information will be made available in the coming weeks. For Forum-related questions, please send us an email.
Risk Management Awards
Each year, the California JPIA recognizes six members for their risk management achievements. The Risk Management Awards will be given to those that have demonstrated the best overall performance in the Liability Program and the Workers’ Compensation Program. To select the winners, Authority staff evaluate various factors that reflect an organization’s risk management efforts, including the cost of claims and their progress towards completing action plan items.
There are a total of six winners, three each in the Primary Liability and Primary Workers’ Compensation Programs.
For the Primary Liability Program, winners are selected in the following categories:
- Non-municipal agencies
- Municipal agencies with police exposure
- Municipal agencies without police exposure
For the Primary Workers’ Compensation Program, winners are selected in the following categories:
- Non-municipal agencies
- Municipal agencies with public safety exposure
- Municipal agencies without public safety exposure
The award winners will be recognized and honored at this year’s Risk Management Educational Forum.Print Article
The California JPIA has renewed its sponsorship of the California City Management Foundation (CCMF) for the fourteenth consecutive year.
As the premier advocacy and support organization for city managers, CCMF promotes and encourages excellence in city management in all of California’s 482 incorporated cities and towns. The California JPIA shares CCMF’s dedication to advocating for healthy council-manager relations and supporting city managers to ensure stable, successful communities.
“City manager leadership is critical to cultivating safe conditions in the communities they serve,” said California JPIA Chief Executive Officer Jon Shull. “The Authority’s support of CCMF helps develop well-informed city managers who support healthy risk management cultures in their organizations.”
A Foundation Circle Sponsor since 2015, the California JPIA received the CCMF Corporate Sponsor Award in 2019 in recognition of its contribution to the city management profession.
“The California JPIA has our sincere gratitude for continuously supporting hundreds of CCMF members as they pursue excellence in city management,” said Ken Striplin, president of CCMF and city manager of the City of Santa Clarita, the newest member of the California JPIA. “Not only are you a longtime top-tier sponsor, but many CCMF members take advantage of your risk-mitigation model: controlling costs by reducing claims frees up critical funding for their city programs and services. Thank you for providing city managers with the resources to meet their challenges head-on.”
The California JPIA and CCMF will partner to present a panel at the 2021 League of California Cities Annual Conference and Expo in Sacramento this September. During the session, “Building an Effective City Council-Manager Team from Day One,” Shull will lead a discussion among CCMF Executive Director Ken Pulskamp, City of West Hollywood Mayor Lindsey Horvath, and West Hollywood City Manager David Wilson about developing and maintaining a dynamic council-manager relationship that will serve the community at the highest level amid all situations.
The Authority also will engage with the city manager community throughout CCMF’s upcoming program year, including returning events such as in-person seminars and conferences, as well as the annual member dinner and biennial golf tournament at the League of California Cities City Managers Conference in Monterey in February 2022.Print Article
Working toward compliance with the Americans with Disabilities Act (ADA) can be an intimidating mission for public agencies. The Authority offers the ADA Assistance Program to members looking to take a tangible first step toward compliance. To incentivize members in this effort, the Authority provides an allowance to each participating member to help offset the cost of developing a current and complete ADA transition plan.
Disability Access Consultants (DAC), an Authority business partner, works closely with members to conduct the assessments, inspections, and data collection needed to help develop the transition plan and evaluations. Regional Risk Managers work with member agencies and DAC to tailor an effective approach towards becoming compliant with the ADA.
The ADA Assistance Program is scheduled to run through 2023, so members are strongly encouraged to plan for program participation in order to start the process toward ADA compliance and to lower their exposure to accessibility-related issues. This preparation may include a scoping call with a regional Risk Manager to determine a unique and workable plan for each member agency.Print Article
As Cities, Utilities and Others Increasingly Become Targeted, Privacy & Cybersecurity Partner Leeann Habte Gives Guidance in PublicCEO
Originally published on June 29, 2021. Reprinted with permission from Best Best & Krieger LLP.
Recent ransomware attacks on utilities and municipalities have heightened awareness of the all-too-common, costly threat. Hackers are stealing and disrupting data and shutting down operations — with a shifting focus on critical infrastructure that can impact everyday services and utilities.
A Global Issue with Local Implications
The threat has become so imminent, the Biden Administration released an executive order on improving the nation’s cybersecurity earlier this month. The comprehensive guidelines are featured here, but key takeaways for any municipality’s IT department include employing:
- Multi-factor authentication
- End-point detection and response
- A reliable cyber security team
- Updated patching systems
- Segmentation in your networks
Prevent the Siege
There are preventative measures to safeguard your municipality to take now:
- Prepare a security incident response plan. This plan is essential because, in the event your municipality is hit by ransomware attack, a series of emergency measures need to be immediately activated to protect you and your constituents – it requires contracts, relationships with forensic analysts, recovery of data and much more. This plan should be tabletop tested to help determine which staff will be an essential part of your response team, gauge where you get stuck, how you can utilize resources, how to avoid leaks, order of communications and other key issues that may only come about with a full run through.
- Invest in security infrastructure and insurance. Large municipalities may review their security plans to address current threats, while smaller ones can outsource security to have the specialized expertise and shared cost of an outsourced security solution. Cybersecurity insurance is critical, and certain insurance requires use of their vendors for maximum coverage. There may be exclusions for ransomware payments so the security incident response plan needs to include review of the insurance coverage.
- Have appropriate vendors in place. Security is only as good as your vendors handling IT and operations. Think through how your municipality operates, conduct appropriate diligence on vendors, and have contracted protections in case of ransomware attacks that affect data or operations. Ensure you have vetted personnel and/or vendors who can stop an attack and recover your network. This will require extensive forensic analysis to determine if data was stolen and how far the attack penetrated your systems. Should it become necessary to negotiate with ransomware attackers, turn to an organization that specializes in this — they know attackers and can help navigate the considerations of whether to pay.
- Engage legal counsel. You will also need legal counsel with experience in data security and privacy to advise on your regulatory obligations to report the incident and to mitigate any harm that may result if data was accessed or stolen. There are certain legal prohibitions on paying foreign actors and potential consequences if those entities are identified by the federal government. There are also legal requirements for breach reporting to individuals whose data was compromised. Review of the security incident under attorney-client privilege will help you minimize your risks if you are later sued. Although law enforcement involvement would seem like an obvious first step, there is actually little that they can do to help you as the crisis unfolds and their involvement will be important after the fact to help locate and identify the perpetrators of the attack.
- Engage a specialist in crisis communication. You may need to engage your municipality’s public information officials or hire a public relations firm. Having a communication plan in place is essential to determine the who, what, when, why and how of the incident to your constituents and stakeholders. All communication efforts will need to include input from forensic analysts, legal counsel, address whether a data breach occurred and a review of what data was compromised.
- Have a back-up system and tested back-up plan. If data is not backed up, it is more likely you will need to pay ransom to get data back. Ransomware may encrypt data so it can’t be used, may exfiltrate data and threaten to publish it on the dark web, or may stop systems from operating and affect key infrastructure. A continuity plan needs to be in place so a municipality’s key services can continue to operate.
- Conduct targeted employee training. Train your employees to prevent phishing attacks, as this is the most common way ransomware gets access to your system and use precautions like two-factor identification when employees access your networks.
A ransomware attack can negatively impact your municipality in several practical and legal ways. The best defense it [sic] to be prepared and have a plan in place with vendors and legal counsel on standby so they can move immediately if this happens.
This article first appeared in PublicCEO on June 29, 2021. Republished with permission.Print Article
This edition of the legislative update tracks a wide-ranging group of bills which may have significant liability or workers’ compensation implications for members. It is always important to note that bills may go through significant revisions, and members are encouraged to use the below information as a snapshot of each bill’s trajectory at the time of publication.
AB 1455 (Wicks). Sexual assault by law enforcement officers: actions against public entities: statute of limitations.
Summary: The Government Claims Act sets forth the general procedure for the presentation of claims as a prerequisite to commencement of actions for money or damages against local public entities, as defined. This bill would exempt a claim arising out of an alleged sexual assault by a law enforcement officer if the alleged assault occurred while the officer was employed by a law enforcement agency from all state and local government claim presentation requirements. This bill would exempt a claim arising out of an alleged sexual assault, as defined, by a law enforcement officer if the alleged assault occurred on or after the plaintiff’s 18th birthday and while the officer was employed by a law enforcement agency from all state and local government claim presentation requirements.
SB 16 (Skinner). Peace officers: release of records.
Summary: This bill would make every incident involving force that is unreasonable or excessive, and any sustained finding that an officer failed to intervene against another officer using unreasonable or excessive force, subject to disclosure. The bill would require records relating to sustained findings of unlawful arrests and unlawful searches to be subject to disclosure. The bill would also require the disclosure of records relating to an incident in which a sustained finding was made by any law enforcement agency or oversight agency that a peace officer or custodial officer engaged in conduct involving prejudice or discrimination on the basis of specified protected classes. The bill would make the limitations on delay of disclosure inapplicable until January 1, 2023, for the described records relating to incidents that occurred before January 1, 2022. This bill significantly expands existing requirements to retain and disclose personnel records under the California Public Records Act and imposes overly punitive civil fines and other monetary damages against local agencies. Local governments and agencies across the state have already been working to comply with the increased records retention and disclosure requirements imposed under SB 1421 (Chapter 988, Statues of 2018). This bill goes even further and unnecessarily expands upon those provisions, creating an excessive administrative burden and new costs for local agencies already struggling under budgets severely limited by COVID-19.
SB 270 (Durazo). Public employment: labor relations: employee information.
Summary: This bill, commencing July 1, 2022, would authorize an exclusive representative to file a charge of an unfair labor practice with the board, as specified, alleging a violation of the above-described requirements only if specified conditions are met, including that the exclusive representative gives written notice of the alleged violation and that the public employer fails to cure the violation, as specified. The bill would limit a public employer’s opportunity to cure certain violations. Creating new financial damages to be paid to labor unions by public agencies that fail to comply would only increase compliance and litigation costs in public agency budgets and divert those funds away from public benefit. Furthermore, the bill contains a limited right to cure the violation that does not uniformly apply. Public employers would be limited in the number of times they could exercise their right to cure in a 12-month period. After correcting three data errors in a 12-month period, a public employer would be subject to an unfair labor practice claim and subject to unspecified civil penalties. The limitation is arbitrary and may result in large public agencies being vulnerable to sizeable civil penalties for data errors without an opportunity to cure more than three errors.
SB 284 (Stern). Workers’ compensation: firefighters and peace officers: post-traumatic stress.
Summary: Current law, under the workers’ compensation system, provides, only until January 1, 2025, that, for certain state and local firefighting personnel and peace officers, the term “injury” includes post-traumatic stress that develops or manifests during a period in which the injured person is in the service of the department or unit, but applies only to injuries occurring on or after January 1, 2020. Existing law requires the compensation awarded pursuant to this provision to include full hospital, surgical, medical treatment, disability indemnity, and death benefits. This bill would make that provision applicable to active firefighting members of the State Department of State Hospitals, the State Department of Developmental Services, the Military Department, and the Department of Veterans Affairs, and to additional peace officers, including security officers of the Department of Justice when performing assigned duties as security officers and the officers of a state hospital under the jurisdiction of the State Department of State Hospitals or the State Department of Developmental Services, among other officers.
SB 299 (Leyva). Victim compensation: use of force by a law enforcement officer.
Summary: Current law provides for the compensation of victims and derivative victims of specified types of crimes by the California Victim Compensation Board from the Restitution Fund, a continuously appropriated fund, for specified losses suffered as a result of those crimes. Current law defines various terms for purposes of these provisions, including “crime,” which includes any public offense wherever it may take place that would constitute a misdemeanor or felony. This bill would revise the definition of “crime” to include any public offense described above regardless of whether any person is arrested for, charged with, or convicted of the commission of the crime.
SB 335 (Cortese). Workers’ compensation: liability.
Summary: This bill reduces the period of time that employers are allowed to investigate a claim for benefits prior to making a coverage decision. For most claims, the investigation period is reduced from 90 to 45 days. For claims covered by legal presumptions, the investigation period is reduced even further to 30 days. The bill also proposes to increase the amount of mandated employer-funded medical care that must be provided to injured workers – from $10,000 to $17,000 – during the period of time a claim is being investigated. This bill would also mandate an unprecedented and unwarranted expansion of penalties on employers that would result in massive and repeated benefit expansions for workers covered by certain legal presumptions. This provision would be applied retroactively.
SB 606 (Gonzalez). Workplace safety: violations of statues: enterprise-wide violations: employer retaliation.
Summary: Current law requires the Division of Occupational Safety and Health to issue a citation for a violation of provisions relating to the spraying of asbestos, or any standard, rule, order, or regulation established pursuant to specified provisions of the California Occupational Safety and Health Act of 1973 if, upon inspection or investigation, the division believes that an employer has committed a violation. Existing law imposes penalties of certain maximum amounts depending on whether the violation is serious, uncorrected, or willful or repeated. Current law authorizes the division to seek an injunction restraining certain uses or operations of employment that constitute a serious menace to the lives or safety of persons, as specified. This bill, instead, would require the division to issue a citation for a violation of provisions relating to the spraying of asbestos, certain employment safety related provisions of the Labor Code, or any standard, rule, order or regulation established pursuant to specified provisions of the California Occupational Safety and Health Act of 1973 or other safety related provisions of the Labor Code if, upon inspection or investigation, the division believes that an employer has committed a violation.
The Authority will continue to monitor these bills, as well as others, in an effort to keep members informed about the state’s legislative landscape.Print Article
The California JPIA welcomes the City of Santa Clarita, a new member and participant in the Authority’s Excess Liability, Excess Workers’ Compensation, and Property Insurance Programs as of July 1, 2021.
“The City of Santa Clarita is proud to be a new member of the California JPIA,” said Director of Administrative Services Carmen Magana. “The city has always valued safety for both patrons and city staff and looks forward to collaborating with the California JPIA to strengthen risk management policies and protocols further. From day one of the application process, the California JPIA demonstrated a passion, proficiency, and eagerness in all areas of liability, claims management, contract administration, and employee safety. As a result, when it came time to recommend an action to Santa Clarita’s City Council, it was clear that the California JPIA was the city’s top candidate.”
Santa Clarita, home to a population of approximately 213,000 residents, is the third-largest city in Los Angeles County. The city, which occupies just over 70 square miles, is located approximately 30 miles northwest of Los Angeles in the Santa Clarita Valley. Incorporated in December 1987, Santa Clarita encompasses the communities of Canyon Country, Newhall, Saugus, and Valencia.
Santa Clarita provides services to the community including parks, recreation trails, and open spaces, as well as an aquatics center, community center, and ice-skating rink. The city also hosts the California Institute of the Arts and supports robust art and cultural resources including gallery spaces, public art projects, artist development workshops, and youth art education programs.
“The California JPIA is proud to support the City of Santa Clarita staff’s mission to deliver the best and most cost-efficient municipal service to the citizens and City Council of Santa Clarita,” said California JPIA Chief Executive Officer Jon Shull. “It is clear that they understand the risk management issues related to the services that they provide and will benefit from the Authority’s reliable and economical coverage and services.”
Credited with one of the lowest crime rates of any city in Los Angeles County, Santa Clarita contracts with the Los Angeles County Sheriff’s Department for police services, and the Los Angeles County Fire Department provides fire protection services.
“The California JPIA is very excited to have the City of Santa Clarita join its growing membership,” said Senior Risk Manager Tim Karcz, who will work directly with the city. “From the outset of the application process, it was obvious that city management understands and adheres to proper risk management practices. We look forward to a continued partnership.”
Welcome, City of Santa Clarita, to the California JPIA!Print Article
The City of Laguna Niguel and its City Council held an open house at the Crown Valley Community Center (CVCC) at Crown Valley Park on June 26 after postponing the initially scheduled opening due to the coronavirus pandemic.
The opening of the CVCC represents the completion of the Crown Valley Park Improvement Project, the single most significant capital improvement investment by the City of Laguna Niguel in its 31-year history of incorporation. Since its completion, the CVCC has received two distinguished awards: the 2020 Outstanding Urban or Land Development Project Award from the American Society of Civil Engineers (ASCE), Orange County Branch; and the Excellence in Facility Design Award from the California Park and Recreation Society (CPRS).
The CVCC will serve over 240,000 people each year through facility rentals for special events, meetings, and programs. At 30,000-square feet and three stories tall, the building has multi-purpose classrooms, a dedicated art room, fitness room, dance room, collaborative tech room, multi-purpose room with a 300-person dining capacity, and a catering kitchen. The lower aquatics level has locker rooms and classrooms that open to the pool deck, while the upper level features an outdoor rooftop patio overlooking the community pool, providing views of the Niguel Botanical Preserve. The CVCC will also house the city’s Parks and Recreation Department staff.Print Article
To help members identify and reduce the cost of claims involving cases where the application of governmental immunities may be a potential dispositive defense, the California JPIA has launched ReClaim, a new awareness campaign. This important, data-driven initiative will help members understand and address high-impact claims so that they can redirect critical funding toward important programs and services.
Hazardous Recreational Activity Immunity is the first of three specific governmental immunities on which the California JPIA’s ReClaim campaign will focus this summer. To receive an alert when new materials are available, please contact Management Analyst Courtney Morrison.
The Golden State’s diverse geography cultivates active communities. California beaches, lakes, public parks, and outdoor facilities serve as playgrounds for recreation enthusiasts ranging from surfers to mountain bikers.
To encourage local governments to provide recreational opportunities that improve resident activity level and quality of life, the California Government Code protects public entities from liability arising from injuries sustained during activities that carry a substantial risk of injury to participants or spectators. Hazardous recreational activity immunity eliminates the fear of liability for accidents or injuries that might occur.
Government Code section 831.7(b) defines “hazardous recreational activity” as:
A recreational activity conducted on property of a public entity that creates a substantial, as distinguished from a minor, trivial, or insignificant, risk of injury to a participant or a spectator.
The code contains a non-exhaustive list of activities that qualify as “hazardous recreational activities,” such as any form of diving into water from other than a diving board or diving platform, bicycle motocross, boating, cross-country and downhill skiing, and rock climbing.
The purpose of hazardous recreational activity immunity is to prevent recreational users who might injure themselves during hazardous, unsupervised activities from attributing their injuries to conditions of public property by eliminating liability unless the public entity failed to either maintain the property or to warn of known dangerous conditions on public property not inherent in the activity itself.
Patterned on California Civil Code section 846, which provides qualified immunity for private landowners against claims by recreational users, the statue was intended, for example, to prevent hang gliders or rock climbers from suing a public entity when that person is injured during the activity. Cases applying section 831.7 immunity generally have done so only in the context of injuries sustained by both participants and spectators during voluntary, unsupervised, and unsponsored activities (such as injuries sustained during an after-hours adult basketball game).
The protections afforded by hazardous recreational activity immunity can be a powerful tool for combatting liability claims. Like any tool, it must be used properly and regularly maintained. To maintain its effectiveness, agencies must adhere to these three standards:
- Warn participants of known dangers by posting signs on entrances and fences, and including disclaimers on promotional flyers, or by obtaining signed waivers. Inspect and maintain signage regularly.
- Public entities should have routine, documented, maintenance and inspection procedures in place to ensure equipment is in good working order. Equipment should be maintained in a way that it would not cause injury to a person who is exercising due care while using the equipment.
- Although a fee can be charged to participate in an activity, it will eliminate the immunity. A public entity can still mitigate liability by having participants sign a liability waiver. Parking fees, fees collected from general permits, and admission fees will not abolish the immunity.
For more information, please read the California JPIA’s white paper on hazardous recreational activity immunity. The white paper presents more detailed discussion on the scope of the immunity and how courts have applied exceptions, as well as specific tips on how public agencies can preserve the immunity.Print Article