Serving Colorado's Counties

The IRS has announced the 2024 Health Savings Account (HSA) contribution limits. The self-only limit increased by $300 from 2023, while the family limit increased by $550. The IRS also provided the minimum deductible and maximum out-of-pocket expenses for the high deductible health plans (HDHPs) that function with HSA’s. The rates take into account inflation and cost-of-living adjustments, as well as rounding the rules under Internal Revenue Code Section 223.

Contributions and Out of Pocket Limits for Health Savings Accounts and High Deductible Health Plans

For 2023For 2024Change
HSA Contribution limit
(employer + employee)
Self-only: $3,850
Family: $7,750
Self-only: $4,150
Family: $8,300
Self-only: +$300
Family: +$550
HSA catch-up contribution (age 55 or older) *$1,000$1,000No change (set by statute)
HDHP minimum
Self-only: $1,500
Family: $3,000
Self-only: $1,600
Family: $3,200
Self-only: +$100
Family: +$200
HDHP maximum out-of-pocket amounts
(deductibles, copays, and other amounts, but not premiums)
Self-only: $7,500
Family: $15,000
Self-only: $8,050
Family: $16,100
Self-only: +$550
Family: +$1,100
*Catch-up contributions can be made any time during the year in which the HSA participant turns 55 or older.

HSAs are always set up under an individual’s name and are never held jointly. When the HSA is linked to a family or an employee plus one HDHP, the HSA is subject to the higher family coverage contribution limit. The IRS has not established an “employee plus one” category for contribution limits.

What This Means for Counties

For 2024, the individual IRS contribution limit for HSAs increased by $300 while the family limit increased by $550. An individual enrolled in “employee plus one” coverage will be subject to the family contribution limit. The County Health Pool will provide updates regarding IRS contribution limits for upcoming years.

For any questions or for more information, please contact CTSI at 303-861-0507.

Personal data has increasingly become a target of hackers. Twitter, Target, and Yahoo are a few of the companies that have experienced data breaches that left their customers vulnerable to identity theft, brought on FCC investigations, and exposed the companies to litigation. Taking the necessary steps to protect personal data protects you from a data breach’s public relations and legal consequences.

Limit the Data Collected

Do not collect unnecessary information. If you do not have the information in the first place, it cannot be stolen. In a complaint against RockYou, a mobile gaming site, the FCC alleged that the company unnecessarily collected children’s e-mail addresses and passwords. They then stored the addresses in an unencrypted format. Consider how much sensitive information you really need to collect and have a system in place to delete out-of-date, unneeded information regularly.

Limit Access to Data

Limit the number of people who can access personal data. Only allow employees with legitimate need-to-know access to sensitive data. The FCC action against Twitter noted that most employees had wide-reaching and unnecessary access to customer data. Twitter failed to enforce password changes or automatic account lockouts after several failed login attempts for administrative passwords. According to the FCC, these failures made Twitter vulnerable to multiple hacks. Avoid Twitter’s missteps by limiting access to sensitive data, requiring periodic password resets, and locking accounts after multiple failed login attempts.

Encrypt Data

Use industry-accepted encryption methods when storing and transmitting data. Data needs to be protected at all points of the transmission route. It is not enough to encrypt your server. If you need to transfer sensitive data, make sure that data is encrypted during transmission. This includes data stored on mobile devices (i.e., laptops, hard drives, etc.). A data breach involving the social security numbers, disability ratings, and other personal information of 26.5 million veterans occurred because a Department of Veterans Affairs analyst had his laptop stolen. Incidents like this can be avoided by encrypting the data during storage and requiring user authentication at all points of access.

Create a Data-breach Response Plan

Developing a data-breach incident plan can protect county employees and data. Part of your incident plan should involve regularly backing up critical data. In a recent case involving ransomware, a CTSI member lost crucial data because they did not regularly back up their files to a separate secure location.

What This Means for Counties

In case of a data breach, contact the CTSI property and liability claims department immediately for help with an assessment of your exposure and the critical next steps. As a CAPP member, your county has coverage in place to help manage the loss and navigate the legal and digital steps to take after a breach occurs. For more information, contact CTSI at 303-861-0507.

For over 30 years, CTSI and your pools have successfully navigated each year’s challenges and consistently provided comprehensive services to pool members. In an effort to protect all members and minimize the potential for financial surprises late in the year, the CTSI Board would like to remind the members of all the Pools (CAPP, CWCP, and CHP) of their commitment to remain a member in good standing throughout the policy year. In the event a member of any of the Pools is considering their option to withdraw from membership, each Pool’s bylaws provide that they must give notice of intent to withdraw, for each Pool concerned, before October 1st of the year preceding the new policy year that begins on January 1st.

Notice of Intent to Withdraw

This notice of intent to withdraw is a requirement to leave the respective Pool. Submission of a withdrawal notice affects budgeting options for the pool for the upcoming year but is non-binding on the member and can be rescinded at any time up to the start of the new policy year. If the notice of intent to withdraw is rescinded, the member will automatically retain membership in good standing for the following policy year.

This requirement allows the Pools to give adequate notice to carriers from whom the Pools will purchase stop-loss, excess, and reinsurance coverage and give timely statutory notifications to the Division of Insurance. Moreover, this furthers CTSI’s ability to protect members who do not intend to consider withdrawing and to make timely adjustments to the budget in the event the member decides to follow through with their withdrawal from membership.

Failure to provide notice as required by each Pool’s bylaws may result in the loss of protections afforded to withdrawing members, including potential claim runouts and equity distributions or benefits.

The Pools have proven their worth to the membership throughout their existence for insurance and associated services and still offer the best long-term solutions for members’ needs. This notice requirement is an expression of each member’s commitment to every other member to preserve the special benefits of local government risk pooling now and for the future.

What This Means for Counties

Members cannot withdraw from membership in any of the Pools during a policy year and must give proper notice by October 1st if they are considering withdrawal from membership for the upcoming policy year. Compliance with this requirement preserves all of their rights as a withdrawn member if they choose to follow through with their withdrawal. Failure to give notice as required could impact their future interests in claim runouts, distributions of equity, etc. A copy of all Pools’ Bylaws can be found in the Members Only section on our website at For more information, contact CTSI at 303-861-0507.

Because boilers and pressure vessels can explode, causing property damage, injury, and death, the state of Colorado has a Boiler Inspection Section, part of the Oil and Public Safety division, that enforces nationally adopted standards on installation, operation, maintenance, and repair. Boilers and pressure vessels in commercial and public buildings must be inspected either annually or every two or three years, depending on BTU input. 

Inspections may be conducted by either a Colorado Boiler Section inspector or by a special inspector. Special inspectors are inspectors employed by an insurance company licensed to sell or provide insurance for boilers or pressure vessels in Colorado who holds a valid commission as inspector issued by the National Board of Boiler and Pressure Vessels. 

What Does an Inspection Check?

A boiler or pressure vessel inspection checks nine different items:

  • Nameplate
  • Relief Valve or Safety Valve
  • Control Safety Devices
  • Boiler Room Piping
  • Combustion Air
  • Flue Pipe Connections
  • Expansion Tanks
  • Boiler Room Condition
  • Internal Inspections

For more information about each of these items, view the state provided document What the Inspector Looks for when Inspecting a Boiler. Also, consider this free guide that steps you through a checklist of specific items to consider before an inspector arrives. 

How Much Is an Inspection by a State Inspector?

A boiler or pressure vessel inspection conducted by a Colorado Boiler Section Inspector requires an inspection fee and a certificate fee based on the BTU input of the boiler/vessel. Currently, an initial inspection after installation costs $100 with a $25 certificate fee. A State Inspector must perform initial inspections; however, subsequent inspections can be performed by special insurance inspectors. 

How to Schedule a No-fee Inspection?

CAPP members have the option of arranging a free boiler inspection through Liberty Mutual Insurance, which offers boiler and pressure vessel inspections as part of their equipment breakdown insurance. To schedule an inspection, contact Liberty Mutual at 877-526-0020 or by email at  Please provide the following information: company name, address of location needing service, contact person with telephone number, Liberty Mutual policy number. 

What This Means for Counties

Beyond the initial inspection, CTSI members do not need to pay to have boiler and pressure vessels in county buildings inspected. Counties should contact Liberty Mutual Insurance at the number or email provided to arrange for an inspection. For assistance in arranging a boiler or pressure vessel inspection, contact CTSI at 303 861 0507.

When creating the Fair Labor Standards Act (FLSA), Congress did not want to discourage people from volunteering for civic, charitable, or humanitarian causes. Instead, it wanted to prevent the abuse of minimum wage or overtime requirements through coercion or undue pressure upon individuals to “volunteer” their services.

Definition of Volunteers

The FLSA defines a volunteer as an individual who performs hours of service for a public agency for civic, charitable, or humanitarian reasons, without promise, expectation, or receipt of compensation for services rendered.

Individuals are considered volunteers when they offer their services freely and without pressure or coercion from an employer. There are no limitations or restrictions on the types of services private individuals may volunteer to perform for public agencies.

Individuals are not considered volunteers if they are employed by the same public agency to perform the same type of services as those for which they propose to volunteer. For example, a county nurse cannot volunteer nursing services for that same county.

When Can Volunteers Be Paid?

According to the FLSA (29 CFR 553.106), volunteers may be paid expenses, reasonable benefits, and/or a nominal fee for their services without losing their status as volunteers. A volunteer may receive:

To determine if an individual will lose their volunteer status under the FLSA, the total amount of payments (expenses, fees, benefits) must be examined in the context of the economic realities of the particular situation.

What This Means for Counties

Colorado counties rely on volunteers to perform a range of tasks. Counties should know the rules for when a volunteer can be compensated so a volunteer’s status does not crossover to an employee under Federal and State law. For more information, contact CTSI at (303) 861 0507.

Many counties use “non-statutory” volunteers to help with the fair, vaccination clinics, property clean-up, etc. Counties also use “statutory” volunteers for the sheriff reserve, search and rescue, fire, and ambulance service. There is a difference between non-statutory and statutory volunteers. Workers’ compensation does not cover non-statutory volunteers for injuries incurred while performing services for the county. Conversely, statutory volunteers are covered for workers’ compensation per C.R.S. 8-40-202 while they are in the scope and course of their duties for the county.

For non-statutory volunteers, CTSI offers a low-cost accident protection plan which provides medical and accidental death and dismemberment coverage. This coverage is secondary to any other medical or other insurance coverage the volunteer may have. Currently, 27 counties insure nearly 2,138 volunteers.

Non-statutory or statutory, your volunteers should be treated in a similar manner as your employees with regard to training, assigning supervision, and providing clear instructions as to their job duties. Volunteers require as much, if not more, training and guidance than full-time staff. County employees may volunteer to serve in a volunteer program so long as their activities do not directly relate to their county job.

Counties are well aware of the benefits volunteers bring to the organization. But counties should also be aware of the liability associated with volunteers. Concerning liability, your county has the same risk exposure with volunteers as you have with your employees. Therefore, appropriate screening is necessary. For Colorado Counties Casualty and Property Pool (CAPP) member counties, your county has the same liability protection for your non-statutory and statutory volunteers as you have for your employees. For non-statutory volunteers, it is good risk management to secure a signed Volunteer Acknowledgment and Waiver of Liability form. Please consult your county attorney for specific language. The waiver should include language similar to the following:


I, (the “volunteer”) as a volunteer for the county, do hereby and forever release and discharge the County (“county”) government and respective board members, officers, employees, agents, and volunteers from any and all claims, actions, expenses, liabilities, or damages of any nature whatsoever, including costs and attorney’s fees, arising out of any personal injury or any loss or damage to property in any way resulting from or otherwise relating to my participation as a county volunteer.


I fully understand and agree to provide my services to the county as a volunteer in a volunteer capacity.

I fully understand that the county will not provide or pay for medical treatment for injuries that occur within the scope and course of my volunteer activities. I fully understand that as a volunteer, I do not work for the county as an employee; therefore, I am not entitled to workers’ compensation benefits, and the county cannot provide lost wages or permanent disability benefits for the volunteer’s regular employment.

I fully understand and agree that if I use my personal vehicle while conducting volunteer county business, my personal automobile insurance is my responsibility and primary to any other insurance that may exist. (This also applies to county employees and statutory volunteers.) I fully understand and agree that if I use any of my personal property while conducting volunteer county business, the county will not provide insurance coverage or be financially responsible should damage or loss occur. (This also applies to county employees and statutory volunteers).

I fully understand that as a county volunteer, I am covered by the county’s liability insurance to the same degree and conditions as a county employee. (This also applies to county employees and statutory volunteers).


Counties should be aware of the difference between non-statutory and statutory volunteers. Counties should implement risk management procedures for volunteers in a similar manner as is done for employees (i.e., background checks, driver license checks, application process). For more information, contact CTSI at 303 861 0507.

Phishing emails are malicious emails that ask the reader to click on a link that will ask for the recipient’s username and password or will install harmful software on the receiver’s computer and network; they can look almost identical to legitimate emails. Cybercriminals will often take the time to copy logos from legitimate companies and even mimic the text of an email. The best way to avoid a phishing scam is to hover the mouse over the link you are asked to click on and view the web address. If the web address does not contain the company name or looks suspicious in any way, do not click on the link. 

Why Did you Receive the Email?

Another step you can take to identify phishing emails is to consider why you received the email in the first place. Most companies send confirmation emails only if you signed up for a new service or made a change to your account, such as updating information. If you did nothing to trigger such an email, be suspicious. Also, be wary of emails that do not fully load or display correctly. Many companies bundle plain-text and HTML versions of emails together to ensure that they display correctly on multiple email clients; cybercriminals often do not bother with this step, so their emails may display with missing graphics or text.   

Cybercriminals can steal email signatures from people you know and with whom you regularly do business. If you receive an email with an attachment, a request to divulge information, make a money transfer, buy something, or pay an invoice, even from someone you know, approach it with suspicion and then look for reasons to trust it. Never allow an email attachment to “Enable macros” in Microsoft Office. If you open a PDF that wants you to log in to Microsoft, don’t do it. A PDF has nothing to do with Microsoft 365. If you’re curious why the individual is asking you to do something or if they sent you something you weren’t expecting, pick up the phone and call them.

How is the Email Worded?

Phishing emails are often sent to large groups of people in the hopes of tricking a handful of recipients into taking the bait, so look out for generic subject lines and greetings. The text of the email is often vaguely threatening or alarmist, stating that if you do not click on the offered link or enter your personal information, your account will be closed or your data compromised. Legitimate emails will never ask you for your personal information or password. Any organization you are a member of already has this information.

What This Means for Counties

CTSI does provide coverage for cyberattacks (see for cyber policy); however, the best way to protect your organization from cybercrime is to be diligent and proactive. Trust your instincts. If something about an email seems off (e.g., an unusual request, odd URL, etc.), be suspicious. Do not click on attachments or links if there is any doubt about the validity of an email, even if the sender is someone you know. Contact the sender and ask if they sent you the email. For questions about recognizing and avoiding cybercrime, contact CTSI at (303) 861 0507.

It’s that time of year when counties across the state hold their county fairs. Your county can limit its risk exposure and promote a safe environment by following these tips.

Post your Facilities with Equine Liability Signage

Colorado law allows counties to protect themselves from potential liability involving equine activities such as rodeos and horse shows due to the inherent risks involved with activities associated with horses and llamas. To be immune, the county must post warning signs or correct known dangerous conditions that could lead to injuries for participants in these activities. Willful negligence is not excluded from liability.

Maintain Walkways and Fairgrounds

It’s not uncommon for a fairgoer to be injured from a slip and fall. Minimize your risk by assigning personnel to keep the walkways free of debris and maintained in good condition. If a member of the public is injured while on county property, CAPP provides premises medical pay coverage.

Make sure fencing is secure, especially in the rodeo arena. More than one instance has occurred when a steer has crashed through a fence and injured spectators.

Insurance Coverage for the County Fair Board and its Volunteers 

Colorado Counties Casualty & Property Pool (CAPP) member county employees, appointed boards, and county volunteers have liability coverage through CAPP. The County Workers Compensation Pool provides workers’ compensation to member county employees and appointed board members while in the scope and course of their duties for the county. Fair volunteers (except certain statutory volunteers) are not covered for workers’ compensation. Volunteers should sign a waiver form. The CWCP & CAPP Operations Manual has sample waiver forms at A volunteer accident protection plan is available through CTSI, which provides minimal medical coverage secondary to the person’s own health insurance for non-statutory volunteers. Contact Brenda at CTSI, 303-861-0507, extension 110, for more information.

Event Participants

Event participants are not eligible for premises medical pay and are not covered for liability or injuries to themselves. Participants should sign waivers of liability.

Vendors at the County Fair

CAPP does not protect or defend the liability of vendors or service providers at the fair. For example, the stock producers for your rodeo or food vendors must have their own liability insurance.

People Using County Facilities

For other summertime activities, people often use or rent the county’s property for a private event such as a wedding reception, dance, or flea market. CAPP does not protect or defend the liability of non-county people putting on an event at your fairgrounds or county property. Tenant Users Liability Insurance Program (TULIP) coverage is available to cover the people putting on the event because if they do not have their own liability insurance, their personal assets could be at risk. Contact CAPP’s broker, Tracy Paladino, at 1-800-889-2614, for a quote.

What This Means to Counties

By following these tips, you’ll keep your county’s summertime festivities fun and safe and limit your county’s risk. Contact CTSI  at 303-861-0507 for more information.

The Fair Labor Standards Act restricts the use of child labor. The most recent changes to the law in 2010 expanded and clarified the types of activities and occupations forbidden to youth under the age of 18. Review the various restrictions to ensure that your county is in compliance. Remember that even where the rules do not apply to volunteers, allowing a minor to engage in an activity that is regulated or considered hazardous can increase potential liability in the event of an injury.

Representative Hazardous Duty Restrictions on Youth Aged 16-18

Generally, hazardous occupations involve using or exposure to various hazardous tools, power-driven equipment, and naturally dangerous conditions such as heat, pressure, fire, chemical hazards, explosive substances, and the like. Here are some examples:

Representative Hazardous Duty Restrictions on Youth Aged 14-16 and Younger

This would include all restricted activities for the older age group, plus the following:

These provisions may be viewed on the Electronic Code of Federal Regulations (e-CFR) website. Child labor regulations are covered in Title 29, Subtitle B, Chapter V, Subchapter A, Part 570 -Child Labor Regulations, Orders and Statements of Interpretation. Be careful to review both the CFR and the links to the Federal Register Material. 

What This Means for Counties

Review your youth employee occupational assignments and determine a plan for addressing any needed changes. For more information, contact CTSI at (303) 861 0507.

According to the CDC, 9 people in the United States are killed every day in crashes that are reported to involve a distracted driver. Defined as any activity that takes a person’s attention away from the primary task of driving, distracted driving is an ever-increasing problem as more and more technology creeps into our vehicles, dividing our focus. Texting, cell phone use, eating, changing the station on the radio, or even carrying on a conversation all count as distracted driving. There are three types of distractions while driving: 

Types of Distractions

Many common activities people engage in while driving can be distracting. One of the biggest and most risky is cell phone use, which causes visual, manual, and cognitive distractions. According to insurance claim data, 19% of auto accidents in 2019 were caused by phone-based distractions.  

Driving is a complex task that requires the full focus and attention of every driver on the road. People tend to think that they are good at multitasking, especially while driving; however, study after study has found that the brain cannot give full attention to more than one task at a time. Distracted driving can cause life-changing injuries, and it can be fatal.

Tips to Avoid Distracted Driving

The best way to avoid distracted driving is to limit distractions before putting the vehicle in drive. Plan your route before starting the trip, as even GPS navigation systems can be a distraction. Set the radio, climate controls, etc., before driving. Do not eat while driving. If you are taking a long trip, plan to stop for food and rest breaks. Put cell phones out of sight and out of reach. Set your cell phone to send an automatic text informing anyone who texts that you are driving and will contact them later, or better yet, turn off your cell phone while in the car. According to one study, using a cell phone while driving reduces your focus on driving by 37%. 

Counties can help prevent distracted driving by establishing clear procedures for what is and is not acceptable behavior in county vehicles, such as banning employees from cellphone use while driving. Make safe driving a priority with training plans that encourage employees to pull over if they need to make a phone call, check a map, send a text, or engage in other potentially distracting activities.  

What This Means for Counties

Auto accidents pose an enormous risk to the county pools and endanger county employees. Implement clear policies that discourage distracted driving in county vehicles. In addition, provide training to county employees about the risks of distracted driving. CTSI offers several safety videos on distracted driving, including “Hang up and Drive” and a “Defensive Driving Refresher” webinar at Members will need to log in to view the videos. For more information about the dangers of distracted driving or for information on implementing a fleet safety program, contact CTSI at (303) 861 0507.