Client information is the most valuable commodity the insurance industry has in its possession—and protection of that precious resource in the age of electronic transactions is imperative to the industry’s growth and survival.
“If the industry does not do a good job of protecting information, then it will blow all that we are doing with modernization and real-time technology out of the water,” says Jeff Yates, CEO of the Agents Council for Technology. “Customer privacy and security must be a major [focus] of the industry.”
To help make sure the industry recognizes data security as a top priority, insurance regulators are stepping in. Massachusetts, for example, has adopted some very strong and specific privacy regulations that agents there need to be well versed in.
And federal laws require companies to spell out their privacy rules and notify customers of any breech.
Carriers, too, are “getting agents’ attention” with errors and omissions coverage, notes Yates. To obtain E&O coverage, producers must have a concrete plan in place to protect client data.
Insurers are also mindful of the need to protect personal information while mining it for business-advancing data.
Carriers want to leverage the information they’ve collected over the years and have built electronic gateways that allow transmission of information between modern and legacy systems.
The challenge is keeping the systems secure and free of intrusion from viruses or hacking—thereby enabling the carrier’s underwriters a wealth of data to better judge the writing of risks while protecting the client’s personal information.
“No insurer wants a data spill,” says Frank Petersmark, chief information officer advocate with X by 2 Inc., a technology-consulting company. “The last thing you want to see is your name in the Wall Street Journal.”
For agents looking for solutions to the data-protection question, one answer is cloud computing, says Petersmark.
In a cloud-computing situation, the information-storing servers are no longer housed in the agent’s office. Instead, they are administered offsite, removing much expense and data-security administration from agents and carriers.
Doug Johnston, vice president of partner relations and product innovation with insurance-industry software provider Applied Systems Inc. in University Park, Ill., says cloud computing offers "superior physical and electronic data protection." But he warns agents do need to be concerned with "third-party services that are offered as online services."
He says there are a burgeoning number of these service providers, raising questions about how data is handled and what the plans are for it.
“Where is the data going, and do you have an agreement with all of those you are doing transactions with to keep that data secure?” asks Johnston. “There is a whole movement of data that no one is thinking about.”
Johnston says agents are most responsible for the data’s security because they collect and transmit it. They have to stop doing business as usual and be more aware of the potential liabilities.
He recommends that agents read and understand the license agreements to ensure clients’ data is secure and not shared.
This story was corrected on Sept. 13 at 2:09 p.m. related to Doug Johnston's comments on cloud computing and third-party service providers.