RxDC Reporting: What Employers Should Do Before the June 1 Deadline
Each year, group health plans must report detailed prescription drug and healthcare spending data to the Centers for Medicare & Medicaid Services (CMS). This reporting—commonly referred to as RxDC reporting—is due by June 1 and applies to most employer-sponsored group health plans that offer prescription drug coverage.
The Return-to-Office Reset: How Benefits Are Being Re-Engineered in 2026
After several years of experimentation, many employers are tightening hybrid schedules or requiring more in-office days. This “return-to-office reset” is reshaping benefits strategies as organizations look for ways to support commuting employees, improve onsite experience, and maintain flexibility. What began as a workplace policy shift is now driving a broader rethinking of how benefits can reinforce culture, productivity, and retention.
Phishing Attacks Are Evolving: Can Your Staff Spot Them?
Phishing attacks targeting schools have changed. They’re no longer limited to poorly written emails asking someone to “click here.” Today’s phishing messages are often well-designed, personalized, and delivered through multiple channels—email, text messages, phone calls, and QR codes posted on campus.
Utah HB 508 Changes DFCM Bonding Requirements for State Construction Projects
A new bill was recently introduced and ultimately passed in the State of Utah. HB 508 was signed by the Governor on March 26, 2026, and could have lasting impacts on the Utah construction market.
Summer School Student Workers: Best Practices to Reduce Risk for Schools
Many Texas public school districts hire high school students for summer roles—supporting summer programs, clerical and departmental work, campus organization projects, childcare support, and limited food service assistance. These positions can benefit both students and districts, but they also introduce unique compliance, safety, and supervision considerations because the workers are minors in a school environment.
Iran Conflict Drives Cyberattacks, Highlighting Security Preparedness
As the Iranian conflict continues to unfold, cyberattacks on businesses and infrastructure continue to escalate. On March 12, a cyberattack targeted medical technology company Stryker Corporation, reportedly wiping more than 200,000 devices worldwide and deleting 50 terabytes of corporate data.