☰ Navigation

1-888-643-2217 Email ABEX
Keeping you updated

Archives

Insurance Needs for Marijuana Dispensaries

Posted on by

Marijuana dispensaries, like any other business, have specific insurance needs. In fact, the marijuana industry presents a number of unique risks—risks owners and operators should be aware of in order to avoid major financial losses. This Coverage Insights provides a general overview of the policies that dispensaries and similar businesses should consider.

General Liability Insurance

General liability insurance is a must-have for all organizations, especially considering it’s often required if leasing a business space for your dispensary. While specific policy provisions can vary, general liability insurance typically provides protection up to $5 million and can include the following:

  • Occupiers’ liability—This form of coverage protects dispensaries if and when an accident occurs. For example, occupiers’ liability will cover any medical costs if a customer is injured on your property from a fall or other incident.
  • Completed operations—This type of coverage protects you in the event of a lawsuit from rendered services. This is especially useful if a customer sues you for harm or damages that they claim were caused by the services you provided. Completed operations insurance often pays for litigation expenses, damages, settlements or related awards.

General liability insurance covers a wide array of risks for dispensaries and is an invaluable form of coverage. What’s more, protection from general liability policies can be extended if you add new locations, products or services.

When acquiring general liability, or any other coverage for that matter, it’s important to be upfront about the nature of your business and operations. If a carrier was unaware that you ran a dispensary, they can void a policy when you need it most.

Product Liability Insurance

In the event that one of your dispensary products causes harm to your customers, product liability insurance can provide protection. This is an important consideration, as the products that dispensaries sell can be dangerous to consumers. The following are some examples to keep in mind:

  • Product malfunctions—Vaporizing tools and smoking devices are prone to defects and can malfunction under certain conditions. Just one breakdown can lead to major injuries, and your customers may hold you responsible.
  • Overdosing—It’s incredibly easy to overconsume edibles and concentrates, which can give rise to a claim. Consumable marijuana is a primary concern for dispensaries, as it is a relatively new product—one that’s easy for customers to misuse or abuse. In the event that a customer is harmed by one of your dispensary’s products (e.g., suffers physical pain, experiences anxiety attacks), they may sue your business.
  • Product poisoning—Even if you take all the proper precautions, marijuana can still be dangerous. Raw flower and refined products all carry the risk of poisoning from pesticides or heavy metals. If a customer is harmed by one of your products, your dispensary may have to cover any medical and legal costs associated with the claim if you aren’t prepared with the proper coverage.

If these types of incidents occur and a customer is harmed, your product liability policy will kick in and cover the damages, including medical costs, legal defence costs and settlement fees. While it can be included under a general liability policy, product liability can be purchased as stand-alone coverage.

Property Insurance

Property insurance is one of the most common forms of coverage and is a critical component of any risk management strategy. Property insurance can provide general protection for items related to your operation, including things like office furniture, dispensary equipment, computers, inventory and other essential supplies.

Covered perils can vary, but often include fires, explosions, implosions, riots, vandalism, acts of terrorism and natural disasters. Of all the covered perils under property insurance, theft is particularly important for dispensaries. This is because, traditionally, dispensaries are more likely to rely on cash payments than other businesses, which, in turn, makes them more susceptible to theft.

Property coverage is important for all segments of the marijuana industry, including retailers, wholesalers, distributors, cultivators, manufacturers and harvesters. Through marijuana plant coverage and similar products, property protection can even be targeted to protect the following:

  • Living plant material, like seeds, marijuana plants in the growth stage, immature marijuana seedlings, clones and mature plants.
  • Harvested plant material, including mature marijuana plants in the drying and curing process.
  • Finished marijuana stock that has been completely processed and is ready for sale.

Business Income and Extra Expense Coverage

Following a disruption, like a warehouse fire or a flood that halts operations, your dispensary can suffer serious financial losses. When this occurs, business income and extra expense coverage can help.

Specifically, this type of coverage protects any net income that you would have received had your business not suffered a fire, theft or other covered claim. This protection can also include expenses accrued from moving operations to another location.

Business income and extra expense coverage is crucial following a disruption, as it helps you recoup the costs of covered claims while your dispensary gets back on its feet.

Cyber Insurance

Every business that handles personal identifiable information—including names, addresses and credit card information—can be a target of cyber crime. The threat of a data breach is even more apparent when you consider that dispensaries often carry sensitive patient information for medical marijuana users. Moreover, dispensaries often store data related to inventory, which could be compromised following a single attack.

Your organization is legally required to take the necessary steps to protect customer data. While you can’t always prevent a cyber attack, the proper policy can shield you from legal liability as well as the cost of rebuilding or replacing equipment following a data breach.

Directors and Officers (D&O) Insurance

Every decision a company’s management team makes has the potential to be scrutinized by customers, employees and regulators. These parties may file a lawsuit against a dispensary for alleged wrongdoing. A dispensary’s owners and management team risk losing their personal assets if they’re ever involved in a lawsuit for a decision made in the course of performing their regular duties.

Directors and officers (D&O) insurance is the best way to protect the leaders of your dispensary from these types of exposures. Specifically, D&O insurance covers lawsuits brought by employees, investors, government regulators and other third parties, reimbursing organizations for legal defence fees and allowing businesses to continue operating following a claim.

For dispensaries, having the right D&O policy in place can attract outside investors, which, in turn, can help them expand their business.

Explore All Your Options

While coverage for marijuana dispensaries and similar operations is relatively new for insurers, the underwriting principles are no different than they are for general retailers. In addition to the coverages discussed above, it’s important to have a detailed understanding of your dispensary’s exposures and what additional policies you might need.

To learn more about your risks and to ensure your dispensary is prepared for any claim that may come your way, contact your insurance broker.

© Zywave, Inc. All rights reserved

Make Mental Health a Priority at Your Business

Posted on by

Globally, more than 300 million people suffer from depression. Depression is a leading cause of disability—one that can have a negative impact on employee morale and productivity.

In order to keep workers happy and healthy, employers need to understand how company policies and procedures can have a direct impact on mental health. The following are just a few workplace factors that pose a threat to your employee’s emotional well-being:

  1. Inadequate health and safety policies
  2. Poor communication and management practices
  3. Limited input on key workplace changes
  4. Limited employee support
  5. Inflexible working hours
  6. Unclear tasks or organizational objectives

Beyond understanding how the workplace can negatively impact an employee’s mental health, employers need to create a healthy work environment. The following are some activities to try:

  • Invite local, qualified mental health experts to speak at your place of business. These individuals can cover topics like nutrition, fitness and managing stress.
  • Sponsor employees and allow them to take part in things like charity events and fitness campaigns.
  • Encourage employees to form a wellness committee.

There may be situations where your organization is unequipped to address serious mental health concerns. In these instances, it’s important to seek the help of licensed mental health professionals.

While work can be fulfilling and good for an individual’s morale, it can also lead to serious issues in a stressful work environment. Addressing workplace concerns as they arise and enlisting the help of qualified experts can go a long way toward establishing a healthy and happy workforce. This, in turn, will ensure that your employees continue to produce quality and efficient work.

© Zywave, Inc. All rights reserved

What the GDPR Means for Canadian Businesses

Posted on by

With the severity of cyber attacks increasing on what seems like a daily basis, governments are now stepping in to provide guidance and keep the general public both safe and informed.

In Canada, the Digital Privacy Act (DPA), which amends the Personal Information Protection and Electronic Documents Act (PIPEDA), is the federal law that dictates how organizations respond to and report data breaches. However, these are not the only cyber-related laws Canadian businesses have to contend with, as Europe’s data breach regulations can have a sweeping impact on international businesses of all kinds.

In fact, any organization that operates or sells in the European Union (EU) or manages EU-based information could face major fines if they fail to comply with the General Data Protection Regulation (GDPR). As such, it’s crucial for organizations to have a general understanding of the GDPR and how to remain compliant.

What is the GDPR?

The GDPR, which comes into force May 25, 2018, is unique in that it is not simply limited to organizations that have a physical presence in the EU. Regardless of the location of a business, the GDPR applies to businesses that process personal data of EU-based individuals and:

  • Offer goods or services to an individual in the EU (even if those goods and services are offered at no charge)
  • Monitor the online behaviour of individuals from the EU

Based on these provisions, the GDPR can have a broad effect on organizations, regardless of their size, location or nature of operations. Effectively, those that trade in the EU or hold data of EU-based individuals must comply with the GDPR.

Fines and Compliance Requirements

Understanding the GDPR is important, especially when you consider that failing to comply can result in major fines and penalties—up to €20 million or 4 per cent of a company’s global annual turnover.

With the severity of these fines, just one GDPR violation can financially devastate an organization. That’s why it’s critical that companies understand what’s expected of them when it comes to GDPR compliance.

The following are five key features of the GDPR that businesses should be aware of:

1. Obligations for controllers and processors—The GDPR defines two distinct types of operations in its regulations—controllers and processors. The following are general definitions and standards that apply to these entities:

  • Controllers—Under the GDPR, any organization that collects, uses or discloses personal information of EU citizens may be considered a controller. Controllers are expected to protect the data of EU citizens and ensure that the processor who processes personal data on their behalf is also complying with GDPR rules. Controllers are also expected to conduct privacy impact assessments for any processing which is likely to result in a high risk and maintain records of all processing activities.
  • Processors—As mentioned above, processors process data on behalf of controllers. These entities must also implement appropriate safeguards, return or delete data once processing is complete, and notify the controller of any data breaches. Processors cannot subcontract any tasks without a controller’s permission.

2. Consent requirements—Per the GDPR, consent to process data must be given unambiguously by the owner of the data itself. Silence or inactivity does not constitute consent. In instances where an organization processes data for individuals under the age of 16, parental consent is required.

3. Mandatory data breach notifications—Following a data breach, affected individuals must be notified by the controller within 72 hours of the breach’s discovery. However, in instances where the breach could impact the rights and freedoms of affected individuals, the notification must be made without delay. Processors are also obligated to report the breach to the company that collects and/or controls the lost data.

4. Right to erasure—Per the GDPR, controllers are required to erase processed and/or stored personal data in the following situations:

If the data is no longer needed

If an individual objects to processing

If the processing was unlawful

5. Requirement for data protection officers—Under the GDPR, controllers and processors may be required to designate a data protection officer in the following scenarios:

  1. If data processing is carried out by a public authority or body
  2. If core activities involve regular and systematic monitoring of individuals on a large scale
  3. If core activities consist of large-scale processing of certain categories of data (i.e., data related to racial or ethnic origins, criminal convictions or political views)

While the above list outlines a number of the major GDPR considerations, it should not be used as a compliance guide. To review the final version of the regulation, helpful FAQs and summaries of key changes, visit the EU’s official website on the GDPR.

Ensuring Compliance

For organizations new to EU privacy laws, the GDPR can be overwhelming and confusing. Thankfully, Canadian businesses can do the following to ensure they are compliant and avoid potential fines:

  • Conduct a readiness assessment. Review the GDPR and determine if it applies to your business. If your organization determines that it’s subject to the GDPR, it’s important to evaluate how much EU data your business processes. Be sure to also examine the potential impact of the GDPR on your operations.
  • Identify compliance gaps. During your initial assessment, it’s important to identify any potential compliance gaps. In some cases, you may find that you are able to reduce your GDPR compliance burden by changing the way you store or track EU data.
  • Establish oversight. When it comes to GDPR governance, it’s important to take a structured approach. Continually document, model and coordinate potential GDPR issues and remediation strategies.
  • Implement a GDPR compliance program. After you’ve established key processes to identify compliance gaps, create a GDPR program to address potential concerns. This program should account for the following:
    • Governance
    • Policy management
    • Data life cycle management
    • Individual rights processing
    • Information security
    • Data breach management
    • Data processor accountability
    • Training and awareness
  • Remain prepared. Once your GDPR program is in place, conduct ongoing assessments to ensure continued compliance.

While the GDPR may be similar to PIPEDA and other privacy legislation in Canada, organizations should never assume compliance. Even if your business has well-defined data management practices and privacy policies in place, all organizations must review their current system for GDPR compliance issues and fill in any gaps.

Round Out Your Cyber Risk Management Program

In today’s environment, organizations process massive amounts of personal data every day. This data is a popular target for cyber criminals, and just one breach can result in serious financial losses and reputational damages.

If that weren’t enough, businesses that don’t respond to these incidents in accordance with federal and international privacy laws face hefty fines and penalties. To better protect your organization, it’s important to speak with a qualified insurance broker.

Not only can brokers provide general guidance on any applicable data breach laws, they can also help you round out your risk management programs with custom insurance policies.

© Zywave, Inc. All rights reserved

Ontario Pay Transparency Legislation Could Be in Force by Jan. 1

Posted on by

Overview

The government of Ontario recently announced legislation—Bill 203, the Pay Transparency Act, 2018—that would require employers to track and publish compensation information. The goal of this legislation is to close the wage gap between women and men in the province.

Bill 203, which would establish new requirements for increasing hiring and payment practices transparency, has passed first reading and is making its way through the legislative process. The proposed legislation could be passed as early as Jan. 1, 2019.

In order to prepare for the legislation, organizations need to be aware of how Bill 203 could affect their business.

How Bill 203 Could Impact Your Business 

If passed, Bill 203 would impose a number of pay-related requirements on employers. Specifically, the bill would require the following:

  • Recruitment—Once in force, Bill 203 would prevent employers from asking for or seeking information regarding an applicant’s compensation history. However, applicants can volunteer this information if they are not prompted. During the recruitment process, employers would also be expected to provide a compensation range in publicly advertised job postings. Notably, these restrictions do not apply to any publicly available compensation information.
  • Transparency reports—If passed, Bill 203 would establish a number of reporting requirements related to compensation. Among these requirements, employers would have to publish pay transparency reports that highlight information related to the employer, its workforce composition, and compensation differences with respect to gender and other prescribed characteristics. In addition to submitting these reports to the government, employers would be required to post these reports online or in such a way that employees can easily view and access them. Specifics related to pay transparency reports, including their format and key features, will likely be finalized following a consultation period or once the legislation is passed.
  • Reprisal—One of the key features of Bill 203 is the way it prevents employers from taking retaliatory action. Under the proposed act, employers are prohibited from intimidating, dismissing or penalizing employees for doing either of the following:
    1. Inquiring about their compensation or pay transparency reports
    2. Giving information about the employer’s compliance or non-compliance with the bill’s requirements to the government

Enforcement measures will likely begin with Ontario’s public service organizations. After the initial consultation, the new rules will apply to employers with more than 500 employees, followed by employers with more than 250 employees. In addition, these new measures will work hand in hand with existing pay equity measures in Ontario, including the Equal Pay for Equal Work requirement found in the Employment Standards Act and the Pay Equity Act.

Once passed, the government may appoint compliance officers to conduct compliance audits. These audits could be performed without a warrant and monetary penalties would likely be enforced. While there is currently no official timetable, Bill 203 is primed to have a major impact on employer’s hiring practices and reporting requirements.

To learn more and read the current version of Bill 203, click here.

© Zywave, Inc. All rights reserved

ABEX Remains Independently Owned and Operated

Posted on by

It wasn’t us! Some of our brokers thought that ABEX Affiliated Brokers Exchange Inc. was a part of the acquisition by iA Financial Group. To clarify, it was ABEX Brokerage Services, an MGA serving life insurance and investment advisors in Western Canada that was involved in the acquisition.

We have no affiliation with either of the companies and remain independently owned and operated. Our brokers can now breathe a sigh of relief!

To read the article that prompted the broker inquiries, please click here.

Blog

FOLLOW OUR BLOG

Receive notifications of new posts automatically.

ABEX - AFFILIATED BROKERS EXCHANGE IS ON FACEBOOK.

Like us on Facebook
Connect with us on LinkedIn

CONNECT WITH US ON LINKEDIN