KEY TAKEAWAYS:

--San Jose, California, will be a test case. It began requiring liability insurance for gun owners on Jan. 1, 2023.

--It remains to be seen whether gun ownership liability will become the next frontier for insurance companies — though if it does, it could become a big business.

----------

Regardless of where one stands on gun control, it’s no secret that gun violence is a prominent issue in the U.S. — one many agree is worth making policy changes to solve. In fact, some 95% of Americans support some form of restriction on firearm access, according to an April 2023 ValuePenguin survey.

But there could be another way to minimize the threat of gun violence — one that’s compatible with the right to bear arms.

According to that same survey, 75% of Americans believe that liability insurance should be required for gun owners. If such a policy were to be widely enacted, future firearm regulation could end up, at least in part, in the hands of insurance companies.

In fact, this policy is already being tested in one American city.

San Jose passes first U.S. law mandating gun liability insurance

Last year, San Jose, California became the first American city to mandate liability insurance for gun owners. The Gun Harm Reduction Act, which also requires owners of firearms to pay an annual gun harm reduction fee, went into effect on Jan. 1, 2023.

Along with providing coverage for losses, medical costs and deaths due to an accidental use of a firearm — such as a child accessing a gun and unintentionally shooting someone — the liability insurance requirement could encourage gun owners to be more thoughtful about the security of their guns' handling and storage.

Insurance companies often reward safe behavior. For instance, a homeowner might get a discount for installing smoke and carbon monoxide detectors or buying homes closer to fire stations. Car insurance companies also use a driver’s history of accidents and traffic violations, including personal safety measures like seat belt laws, when calculating rates.

In a similar way, gun owners might be given incentives to take a gun safety class or ensure their firearm is kept in a safe. After all, if the gun is lost or stolen, the owner would still be held liable for any damage it caused until they reported the weapon missing.

Gun owners in San Jose who fail to comply with the act will not lose their guns or even be faced with criminal charges. They may, however, face steep fines for their choice to forgo insurance: the penalty starts at $250 for your first violation. If you receive a second violation within a year, the fee jumps to $500. After that, you’ll pay $1,000 every time you receive a violation within a year from your first offense. 

See also: Keys to Limiting Litigation Liability

Could liability insurance prevent gun violence?

The measure is part of a broader movement toward stricter gun control laws in majority-Democrat cities. But detractors say the act may not deter the most common and disturbing type of shooting events in America: intentional ones. 

Liability insurance only covers accidental damages. And in the vast majority of firearm-related injuries and deaths, the shooter was acting with intent, even if that intent was self-defense.

According to the Educational Fund to Stop Gun Violence, unintentional shootings (the kind liability insurance would apply to) account for less than 2% of all gun deaths. Of course, those deaths are still tragic, especially when accidentally inflicted by unwitting children who gain access to firearms stored unsafely. (Everytown Research keeps an index of unintentional  shootings by children; at the time of this writing, there have been 114 of them in 2023 thus far.)

Additionally, many gun owners already have liability insurance coverage for accidental firearms-related damages through their homeowners insurance policy.

Time will tell whether the measure will have an effect on the overall rate of gun violence in San Jose and, thus, whether such a policy stands to help ameliorate the problem in other parts of the country.

Insurance or no, most Americans support gun restrictions

Liability insurance mandates are only one tool in the effort to minimize gun violence, but most Americans agree that some sort of restriction is called for.

Of those surveyed, most support gun restrictions based on documented mental health issues (73%) and criminal history (70%).

Most respondents also supported limitations based on age, proof of gun safety training and proof of safe storage, along with proof of gun ownership liability insurance. Some 41% also supported requiring gun ownership permits, while only 5% of Americans think there should be no restrictions on gun ownership whatsoever.

It remains to be seen whether gun ownership liability will become the next frontier for insurance companies — though if it does, it could become a big business. Almost half of respondents say such insurance should be purchased on a per-gun basis. Although the average gun owner might have just one or two firearms, there’s a not-insignificant class of “super-owners” who own more than a dozen. That’s a whole lot of opportunity for insurers — and, we can hope, a whole lot less needless violence.

My 93-year-old mother was taken by ambulance to the emergency room last Tuesday in the middle of the night, with acute pneumonia, and died Friday afternoon. 

I tell you that partly to explain why I'm being so brief this week and partly to allow me to make a quick point about how much crazy complexity our healthcare system has added in the U.S. We've all become worn down by the cost and complexity, like the proverbial frog in the water that's being brought to a boil, but the issues grab you by the nosehairs when, for instance, you're helping your siblings clean out your mother's apartment and find statements from earlier encounters with the healthcare system.

While I haven't yet seen the bill for my mother's final trip to the hospital, I can imagine what an ambulance ride, a visit to the emergency room and three days in an ICU cost. The bill will be many thousands of dollars, perhaps tens of thousands (covered by insurance, but still...). 

By contrast, what was the bill when she broke her leg skiing in 1955? The break was severe enough that she required an operation and spent a night in the hospital. So, the bill mounted all the way up to $46.60.

The telegram she sent my father cost almost as much as the charge for use of an operating room ($3).

How about the bill from 1967, when my sister Katy was born in the same hospital where my mom died? It was a difficult birth, so my mom and sister spent six nights in the hospital. The entire bill came to $419.75.

I'm not dinging the quality of care by any means. The folks at St. Clair Hospital in suburban Pittsburgh were great, to a person, and my mom felt loved and supported as she left this world behind. She died with her intellect and personality intact and had recently spent a great deal of time with her eight kids, her 17 grandchildren and her three great-grandchildren, including at the weddings of two of the grandkids. She just wore out after a series of health problems. Sign me up for that sort of exit when my time comes.

There is just such a stark contrast between my experience of healthcare today and what I saw in those old bills. The one from 1955 was just a page torn from a notepad, on which someone had used a typewriter to check boxes and to add the dollar amounts (the very small dollar amounts). By 1967, the hospital was using a computer, but the bill was almost as simple as the earlier one. Neither showed any of the elaborate coding that comes with today's bills, as hospitals employ small armies of professionals to make sure they maximize what the insurer and patient will pay -- this, even though I'm sure insurance covered those earlier bills, as my mom worked for United Airlines in 1955 and my dad worked at Westinghouse in 1967. 

I'm not proposing a solution, at least not today. Today, I'm just passing along what I hope was some intriguing historical perspective from the meticulous files my mom kept -- and to maybe rant a little.

My mom's name was Yvonne, by the way. She lived a long and splendid life. Rest in peace, Mom.

Cheers,

Paul

KEY TAKEAWAY:

--Innovation goals cannot be achieved with traditional, repetitive, paper-based processes. Insurers need to take five technology-based steps to accelerate innovation.

----------

Insurers, globally, are on the proverbial edge of disruption as they are constantly facing challenges due to changing customer needs, increased customers' expectations, heightened competition from insurtech firms and increasing regulatory requirements. Now, customers want to be onboarded not in days but in minutes. They are no longer willing to wait for weeks and months to settle claims. The pressure on insurance carriers and adjustors is mounting to accelerate product innovation. Maintaining the status quo is not going to work. 

They need to launch innovative products faster, transform the underwriting process, improve policy administration, speed claims processing and enhance risk compliance. These business goals cannot be achieved with traditional, repetitive, paper-based processes. 

Considering the well-known inertia of insurance companies and propensity to be slow about technology adoption, how can they fast-track innovation in the top gear and speed up go-to-market strategies?  

1. Accelerate time to market by partnering with technology services providers

Most insurance carriers don't have enough tech capability, but they can forge partnerships to capitalize on other firms' expertise in new-age technologies to expedite product innovation. For instance, such collaborations can be established with insurtech service providers to create fit-for-purpose customized solutions based on unique business requirements.

2. Adopt Advanced Products to Automate Processes

Insurers can take advantage of advanced technology platforms to develop fit-for-purpose products and bring them to market quickly.

With advanced policy management systems, insurers can automate time-consuming tasks such as underwriting and issuance. Brokers can develop feature-rich software for end-to-end policy management, client services, underwriting, claims processing and more. A customizable self-service portal can be developed to let brokers, intermediaries and agents automate receiving customer requests, creating quotes, guiding prospects/customers and selling policies. 

See also: From Vision to Product (Part 1)

3. Leverage Platform Development Accelerators 

Platform accelerators can fast-track innovation by enabling insurers to leverage pre-built functionalities, integrations and modernization capabilities. These accelerators also can provide consulting on products, on platform development and enhancement, on integration with other enterprise and third-party applications and on comprehensive implementation and support.

4. Take Advantage of New-Age Tech Services 

An adjustor client of ours used optical character recognition (OCR), machine learning (ML) and technologies such as Pytorch and Fast AI to correct a problem with bad data they were getting from surveyors and to quickly generate accurate reports on property damage. The company is now settling claims faster and generally providing better service.

Other tech services to take advantage of include:

Cloud

Migrating to the cloud offers a significant advantage over traditional environments in terms of the speed with which new capabilities, business features and products can be developed, tested and launched. Using application programming interfaces (APIs), insurers can quickly connect their systems with third-party providers, enabling them to access new functionality and data. Insurers can also easily host insurance platforms, facilitating the deployment of cloud-native applications.

Low Code

Low-code development services can allow insurers to rapidly build, test and deploy new products in underwriting, claims management and claims processing and policy management systems. Even small insurance companies can innovate faster with low code.  

Robotic Process Automation (RPA)

RPA can automate repetitive and rule-based tasks, such as data entry, validation and policy administration, minimizing manual errors and freeing employees to focus on essential tasks. RPA also improves process efficiency and accuracy, leading to faster product development and a more streamlined customer experience.  

5. Adopt Digital Modernization 

In the traditional insurance model, launching a product is very difficult. Insurers have to invest significant time and resources into designing the policy, as evaluating underwriting risks and deciding premiums may take considerable time. However, if the insurer has migrated to the cloud, they can leverage the power of data analytics and machine learning and automate the entire underwriting and pricing aspect. As a result, an insurer can cater to fast-changing consumer needs. 

The Crux

Factors such as regulation and product complexity have made insurers slow to innovate. However, technological advancements have reduced the barriers to entry, so insurers must step up their game on product innovation to retain their competitive edge and grow business. 

KEY TAKEAWAYS:

--Being data-driven is becoming more difficult because of the sheer volume and complexity of the data being generated. Data privacy concerns also complicate matters, as does the potential for bias in AI models.

--Organizations can take four steps to overcome the obstacles and tap into the benefits of an intense relationship with their data.

----------

With AI's potential to dramatically change how businesses operate and make decisions, becoming data-driven has never been more important. However, as technology advances and the world becomes increasingly connected, organizations are finding it more and more difficult to become truly data-driven. Organizations are collecting more and more data from consumers, but the processing and harnessing of this data stays limited.

Let’s explore some of the key challenges that organizations face in the age of AI and discuss potential solutions.

Challenge 1: Data Volume and Complexity

One of the main reasons that becoming data-driven is becoming more difficult is the sheer volume and complexity of data being generated. With the rise of IoT devices, social media and digital transactions, it’s estimated that by 2025, 175 zettabytes of data will be created annually. This exponential growth in data has made it increasingly difficult for organizations to process, analyze and draw insights from their data.

Moreover, the complexity of data has also increased. Unlike traditional structured data, which can be easily stored and analyzed in relational databases, the majority of the data generated today is unstructured or semi-structured. This includes data from social media, images, videos and natural language text. Processing and analyzing this type of data requires advanced techniques, such as machine learning and natural language processing (NLP), which can be resource-intensive and require specialized skills.

Challenge 2: Data Privacy and Security

Data privacy and security concerns have also grown in the age of AI. With data breaches and cyberattacks on the rise, organizations must navigate a complex landscape of regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), to protect their customers’ data. These regulations impose strict requirements on how organizations collect, store and process personal data, adding complexity to becoming data-driven.

Moreover, as AI models become more sophisticated, they can inadvertently learn and reveal sensitive information about individuals. For example, machine learning models trained on large datasets have been found to memorize and leak details about individuals, such as their medical records or credit card numbers. As a result, organizations must be cautious when using AI to analyze their data and take steps to ensure that they protect sensitive information.

Challenge 3: Data Bias and Fairness

Another challenge is ensuring that data and models are free from bias and promote fairness. AI models learn from data, and if the data used to train these models is biased, the resulting predictions can also be biased. This can lead to unfair treatment of certain groups, such as when AI is used in hiring, lending or medical diagnosis.

Addressing data bias and ensuring fairness requires organizations to carefully curate their data, develop techniques to detect biases and apply methods to mitigate these biases. This process can be time-consuming and requires a deep understanding of both the data and the domain in which the AI model will be applied.

See also: Achieving a 'Logical Data Fabric'

Potential Solutions

Despite these challenges, organizations can still become data-driven in the age of AI. Some potential solutions include:

1. Investing in Data Infrastructure and Tools: By investing in scalable data infrastructure and tools, organizations can better manage and process the growing volume and complexity of data. This includes investing in cloud-based services, data and advanced analytics platforms that can handle both structured and unstructured data.
2. Fostering a Data-Driven Culture: Encouraging a data-driven culture can help to overcome some of the challenges associated with becoming data-driven in the age of AI. This involves promoting data literacy, providing training and education on data and AI, and encouraging collaboration among data scientists, domain experts and decision-makers.
3. Implementing Robust Data Governance: Establishing a robust data governance framework can help organizations tackle data privacy and security challenges. This includes implementing data encryption, access controls and regular audits to ensure compliance with data protection regulations.
4. Developing Ethical AI Guidelines: To address the challenges of data bias and fairness, organizations should develop ethical AI guidelines and best practices. This can include investing in research to detect and mitigate biases in AI models, incorporating fairness metrics into model evaluations and developing diverse and inclusive datasets.

Becoming data-driven in the age of AI presents a unique set of challenges. However, by investing in data infrastructure, fostering a data-driven culture, implementing robust data governance and addressing ethical considerations, organizations can navigate these challenges and harness the full potential of AI.

KEY TAKEAWAYS:

--IoT sensors can accurately forecast not only the likelihood of a flood event, but more importantly identify exactly which buildings or facilities will be affected. A combination of flood forecasts, nowcasts and real-time IoT data can let companies act before or during a flood event to mitigate the impact.

--The spread of IoT technology will likely increase the use of parametric insurance, with payments triggered by precise data from IoT sensors.

----------

Rising risks from flooding in every part of the U.S. will require an innovative response from insurers and risks managers, and the Internet of Things (IoT) is set to become key to how risks will be managed and mitigated.

Flood data facts 

Today, half of all U.S. economic losses from flood are due to pluvial flooding (Nature.com 2022). At the same time, current flash flood warnings lack actionable data, as they cover large geographies, which generate many false alarms, with a resultant lack of action. In addition, a threefold increase in damage to commercial property from climate-related risk is now predicted by risk analysts XDI 1000 by 2050. 

A recent study by the Pew Charitable Trusts found flooding in the U.S. is a year-round threat. (Flooding Is Nearly a Daily Occurrence Throughout the U.S.)

While flooding from large-scale extreme weather events such as hurricanes tends to grab headlines, they are only part of the nation’s flood story. The Trusts analyzed storm data and other events, including heavy rains and rapid snow and ice melt, which now cause varying degrees of flooding across the country, often inundating homes and businesses, compromising infrastructure and impairing local economies.

Pew’s analysis of the National Oceanic and Atmospheric Administration’s Storm Events Database, which includes reports from a variety of government and nongovernment sources, found that, since 2000, at least one flood occurred in the U.S. on nearly 300 days per year, on average. The NOAA database also shows that all 50 states and the District of Columbia were affected by flooding in 2021. 

See also: The New IoT Wave: Small Commercial

The knock-on effect

The flooding has led to a more cautious approach from underwriters to the coverage they offer, which has been made all the more difficult by reinsurers’ reluctance to provide capacity for natural catastrophe risks in the 1/1 and 1/4 renewals. Primary markets have had to raise their attachment points significantly, assuming more of the risks themselves. 

They are becoming far more deliberate in how they deploy capacity that is, in effect, unsupported. Those concerns are passed down to the policyholder in the shape of higher deductibles, lower limits and higher premiums.

As a result, we are seeing a tangible shift in focus away from simply post-event restoration and recovery to a system of robust risk management with prevention and mitigation pre-event at its heart.

IoT is the answer

To deliver such a strategy early identification will be key, and technology can and will play a significant role.

Policyholders, be they personal homeowners or businesses, need to be able to identify the threat of flooding before the event so they can put in place flood mitigation systems to reduce damage and loss of property.

For business, the ability to reduce the losses and the impact can be the difference between success and failure -- over 40% of businesses fail to reopen after suffering a flood event. And IoT sensors can accurately forecast not only the likelihood of a flood event, but more importantly identify exactly which buildings or facilities will be affected. A combination of flood forecasts, nowcasts and real-time IoT data can provide insights into flood risk, letting companies act before or during a flood event to mitigate the impact.

See also: The Intersection of IoT and Ecosystems

Plugging the protection gap

Insurers will be able to redesign how they can offer insurance cover, likely using more parametric products. Because parametric covers require the ability to access unequivocal independent data on which the payment can be triggered, it is where IoT sensors that can measure the height of water at a given point come into their own.

For businesses that have had challenges settling past flood claims, parametric insurance, backed by highly accurate IoT sensors, offers greater certainty about when and how claims are paid. 

It will even allow insurers to better understand their clients’ individual risk and offer parametric coverage where conventional insurance isn’t viable, while delivering accuracy in underwriting product structure and pricing.

All in all, IoT sensors enable insurers to work with their clients to mitigate and manage flood risks better, which should consequently help reduce the number of businesses for which a flood event spells failure, especially in hardening economic and financing conditions

KEY TAKEAWAYS:

--When a patient attempts to register online for the first time, they should be asked to capture a government-issued ID through their computer webcam or mobile device. The registrant should then be instructed to take a live selfie, which ensures that the person listed on the ID is the same as the person trying to open the account.

--After an account has been opened, medical offices and pharmacies can approve future treatment and prescription requests simply by requesting a new selfie of the patient.

----------

Being a chief information security officer (CISO) in today’s healthcare environment is increasingly challenging. The modern threat landscape forces healthcare CISOs to protect not only against malware and ransomware attacks but also to defend against more traditional vulnerabilities in legacy equipment. 

Between the headlines discussing ransomware groups and organized cybercrime, organizations may not have fraud prevention squarely on their radars. They should. Fraud costs the U.S. healthcare industry more than $50 billion annually, according to data from the National Health Care Anti-Fraud Association. 

Identity theft is at the root of the industry’s insurance fraud problems. When someone’s identity gets compromised, malicious actors can use that patient’s information to make fraudulent claims with providers. This not only harms the patient but also the healthcare organizations left to deal with the phony claims. 

To help combat this issue, healthcare can borrow countermeasures from the finance industry. The financial sector has turned to the Know Your Customer (KYC) process to verify the identity of their clients and help prevent financial crime. Similarly, healthcare providers can adopt Know Your Patient (KYP) processes to address the rising threat of insurance fraud. 

Knowing your patients

In the world of finance, the KYC process is a central component of the modern regulatory environment. KYC helps institutions verify their clients’ identities and ensure they are not being used in any money laundering activities. In confirming the client’s identity at the beginning of the customer journey — when that customer first attempts to open a bank account — organizations are able to keep malicious actors from gaining entry to their systems in the first place. 

The KYP process functions similarly in healthcare. KYP is designed to help eliminate fraud risk at the front of the patient experience by strengthening the onboarding process and verifying at the beginning of the journey that someone is who they claim to be. 

Considering the rate at which the healthcare industry is falling victim to fraud, now marks a good time for organizations to reevaluate their security protocols and explore the adoption of a KYP program. 

See also: How Synthetic Data Aids in Healthcare

Developing the program

Establishing an effective KYP program consists of a few key components in tandem with a continuing authentication process. Organizations must remember that identity verification cannot be a one-time event and necessitates a more elaborate approach. 

To begin the process, organizations need to verify that a patient matches up with their government-issued ID. When a patient attempts to register online for the first time, they will be asked to capture their ID (such as their driver’s license, passport or other form of ID) through their computer webcam or mobile device. The registrant will then be instructed to take a live selfie, which ensures that the person listed on the ID is the same as the person trying to open the account. The biometric template created at this step will be useful for future authentication.

Once the ID and selfie have been collected, organizations will need to determine whether the provided ID is legitimate and if the selfie matches the picture on the ID. 

There are a handful of warning signs that may indicate a particular ID is fraudulent or being misused. Fraud detection analytics can reveal if an individual has any potential history with, or active connections to, fraudulent activity. Additionally, minimum age requirements may affect a registrant’s ability to open an account. 

Depending on the outcome of these various checks on the government-issued ID and the biometrics of the individual, the KYP program will provide a verdict for the organization to permit or deny the registrant’s new account. If the patient’s ID correlates with the biometric results, the process is complete and the account will be opened. 

After an account has been opened, medical offices and pharmacies can approve future treatment and prescription requests simply by requesting a new selfie of the patient. With each selfie taken, a new biometric template is generated for comparison with the template that was initially captured at enrollment to authenticate the returning patient.  

See also: Why to Customize Employee Healthcare Plans

Building a stronger future

It can be difficult for modern healthcare organizations to strike the right balance when it comes to fraud deterrence. They want to make the identity verification process seamless while deterring fraud and reducing friction for actual patients who are merely attempting to seek care. 

A sophisticated KYP program is intended to help organizations find that balance by letting in the legitimate patients and simultaneously keeping fraudsters out. By employing identity verification and authentication, providers can quickly confirm real patients, adhere to regulations and help thwart costly instances of insurance fraud.

KEY TAKEAWAYS:

--With many traditional life insurance agents retiring, AI can step into the gap and present customers with the right proposal at the right time.

--AI-powered chatbots can also sweeten the customer experience by providing 24/7 customer service, answering questions and resolving issues in real time.

--Insurance agents can also use AI to refine their messaging process across different media channels, as well as to reduce fraud.

----------

Breakthroughs in machine learning and AI mean that insurers can tap into insights from vast troves of data and refine their operations on a more granular level than ever before. Consequently, insurance companies are finding new ways to enhance the customer journey, streamline operations and make better decisions. 

Machine learning and AI permit insurers to employ large data sets that would be a nightmare for humans to parse. According to Dror Katzov, CEO of Atidot, many insurance companies only use 20% to 30% of their data. There is much more that could be used to improve the customer experience, from digital policy delivery to better customer engagement and claims management.

AI can help insurers identify customer behavior and adjust product offerings accordingly. Just consider what it can do for life insurance. With many traditional life insurance agents retiring, there is an opportunity for AI to step into the gap and present customers with the right proposal at the right time. AI can continuously model the different situations that consumers face and provide better risk models to help insurers make savvier decisions, which opens up the means for more dynamic pricing. For example, an AI model could be trained to recognize if a person has started going to the gym and offer them a better insurance rate for adopting a positive lifestyle change.

AI-powered chatbots can also sweeten the customer experience by providing 24/7 customer service, answering questions and resolving issues in real time. This frees customer service agents to handle more complex issues. Moreover, AI can also personalize product offerings based on customer data, making it easier for insurers to provide the right coverage at the right price and to produce client-advocacy documents, such as cover letters, in much less time. 

Insurance agents can also use AI to refine their messaging process across different media channels. Jeff Root, managing partner at DigitalBGA, says the assistance offered by AI will obviate the need for many types of instructive classes. “You should never have to buy a course again,” Root says. “All the courses selling you Facebook ads for any sort of life insurance… you can get the information online through this [Chat GPT] AI bot.” Aside from helping businesses generate leads through social media platforms such as Facebook and Google, AI can also help businesses be more agile and responsive to changes in the market.

For ages, fraudulent claims have been the bugbear of the insurance industry. (Florida, for instance, has been a bastion of fraudulent claims – so much so that many insurers have exited the area.) AI may help to remedy this situation by improving fraud detection, enabling insurers to quickly identify suspicious claims and prevent fraud before it occurs. Additionally, AI can enhance risk management by providing more accurate pricing and underwriting decisions, resulting in better outcomes for both insurers and policyholders.

All that said, there are challenges associated with the adoption of AI in the insurance industry. It has long been a burden for the industry to establish trust with the customer; AI can help automate more processes, but human oversight is still essential. 

See also: Technology and the Agent of the Future

Ethical and legal considerations constitute the main challenges surrounding AI. There are valid concerns about how AI is used to price insurance policies and how it may lead to unfair discrimination against certain groups. The European Union's General Data Protection Regulation (GDPR) requires companies to explain their decision-making processes when using AI and to provide individuals with the right to contest decisions made by automated systems.

Another challenge is the potential for bias in algorithms. AI systems learn from the data sets they are fed, and if that data contains biases, the AI system will also be biased. For example, an AI system may learn that individuals living in a certain ZIP code are more likely to make fraudulent claims, leading to discriminatory pricing or coverage decisions.

Privacy is also a significant concern. As insurance companies collect and analyze large amounts of data, it's important that this data is stored securely and that customer privacy is protected. Steps must be taken to prevent data breaches and exposure of sensitive information.

Finally, the effectiveness of AI in insurance depends on the quality of data that is being used. If the data is incomplete, inaccurate or outdated, the AI system will not be able to make accurate predictions or provide useful insights. For instance, although ChatGPT–the most popular AI chatbot in the world today–can deliver fast results, there is always the possibility of it offering up erroneous information. On a positive note, Nvidia has developed a new way to keep AI from "hallucinating," i.e. offering up incorrect or inappropriate content.

AI's potential for innovation is exponential. AI can help insurance companies meaningfully and efficiently use more of their data, improve customer engagement and refine their targeting process. Nonetheless, businesses interested in using AI should closely monitor developments in the space and be cognizant of the challenges associated with its adoption. With scrupulous implementation and judicious oversight, AI can supercharge the insurance industry and provide better services to customers.

KEY TAKEAWAYS:

--Organizations should begin with an assessment involving nine questions, then explore each for opportunities for consistent improvement.

--Organizations don't need superhuman efforts to be innovative. They need small actions that can compound over time. It is much easier to adjust the course of a ship in small tweaks than to change directions drastically. The passengers aboard will also prefer avoiding brute directional changes. 

----------

Contrary to popular perception, innovation isn't about transformation. The most effective innovation will come from small changes that compound over time.

One of my favorite examples of how small changes can snowball into bigger results is the 1% rule. If you improve an area by 1% every day, you will double your results within 70 days. Try the math on your end!

If organizations improved their innovation efforts by 1% every weekday, they would transform their output in a little over three months. 

Relying on big hits is unstainable. Industries built on big hits are also highly susceptible to droughts. A perfect example is the movie industry, which needs blockbusters to make the economics work.

In this article, you will learn how your organization can start to look for those 1% improvements that will add up to big changes in your innovation efforts.

Making Innovation Tangible

One of the biggest challenges organizations face when tackling innovation is ambiguity. What does it even mean to become more innovative? Without clear definitions, you will end up with meaningless words on a random wall somewhere.

To help make innovation tangible, I created an assessment called the Innovation Reality Check (IRC) that any team can run in a few minutes. It is meant to help you pinpoint areas within your organization that could be improved to create more innovative decisions.

There are nine questions in the assessment. For each question, rate your team or organization on a scale of one to five, with one being never, two being rarely, three being sometimes, four being frequently and five being always. 

The questions are as follows:

1. We check a consistent list of broad categories where innovation can happen
2. We start with the end in mind and work backward, letting go of present day constraints
3. We track the speed of our decisions and work to improve it whenever relevant
4. We have a process that encourages ideas from anywhere in the organization
5. We have a decision-making process that minimizes bias and politics
6. We encourage healthy debate of ideas regardless of role or status
7. We provide sufficient support and resources to allow ideas to flourish
8. We review successes for future process improvements while ignoring failures
9. We reward the behaviors that lead to innovation and not just the result

Here are some guidelines for understanding your rating.

• 30 – 45 = you are a consistently innovating organization
• 15 – 29 = you are attempting to innovate, but several factors need to be improved
• 0 – 14 = you’re not spending enough time or resources thinking about innovation

The first step in any endeavor is to know in what direction you should head. The assessment gives you some initial ideas, and I will help you understand the possibilities of each question.

See also: Insurers Aren't Innovative? Think Again!

Deconstructing Innovation Into Next Steps

Each question contains endless opportunities for improvements and better decisions. Here are some examples for each one:

We check a consistent list of broad categories where innovation can happen

My favorite list of innovation areas comes from The Innovation Formula by Michael Robert and Alan Weiss. They identified 10 areas where innovative ideas can be found, if analyzed correctly. For each area, I provide a recent example, but try to come up with your own. 

• Unexpected Successes = PetSmart and similar companies 
• Unexpected Failures = Napalm
• Unexpected Events = Pandemic
• Process Weakness = Uber identified the weakness in hailing taxis
• Changes in Industry or Market Structure = GM using customer segmentation to overtake Ford
• High-Growth Business Areas = The surge of Baby Boomers who are retiring wealthy
• Converging Technologies = AI generative tech
• Demographic Changes = Declining birth rates and their second order effects
• Changes in Perception = Remote and hybrid work
• New Knowledge = mRNA vaccines

In your organization, you should explore multiple categories for innovation opportunities. You could do that regularly to ensure that you're not missing out on big trends and changes.

We start with the end in mind and work backward, letting go of present day constraints

If you start with the present, you're constrained by reality. Starbucks popularized their "third place" idea, but it no longer makes sense. If they focused on the present, they would try to make their in-store experience more appealing. Instead, they are working backward from their ideal future to arrive at a better take-out experience and even walk-throughs.

We track the speed of our decisions and work to improve it whenever relevant

I wrote about the magic of Decision Speed in the previous article I wrote for this publication. Faster decisions are almost always better.

We have a process that encourages ideas from anywhere in the organization

Management doesn't have a monopoly on good ideas. The doorman of a hotel has a great sense for how the customer experience could be improved. Are you doing enough to encourage these ideas?

We have a decision-making process that minimizes bias and politics

I once worked with a CEO who micro-managed everyone. Their decisions revolved around what would make him happy. You can see how this approach limits growth and innovation.

We encourage healthy debate of ideas regardless of role or status

Teams need to debate the status quo, profit centers and the future. If you don't do that, the competition and the market will be for you. Think of all the companies that never adjusted to the future and are now gone.

We provide sufficient support and resources to allow ideas to flourish

Strong ideas require strong action. If you want to foster innovation, you need to put resources behind it. That could mean a dedicated budget for trying things or just mean allowing employees discretionary times—like Google did with their 20% time.

We review successes for future process improvements while ignoring failures

I'm skeptical of post-mortems on failures. Gucci doesn't care why customers don't buy, but they do care why their best customers keep coming back. The reasons for failure can often be varied, but the reasons for success are limited and easily replicable.

We reward the behaviors that lead to innovation and not just the result

Innovation is about failure, and you need to reward those behaviors that will eventually lead to success. Consider creating awards for the best ideas, best execution and even best effort. Reward success and the roads that lead to it.

Don't think too hard about which area is the best for your business. Choose one and look for the 1% improvement. Once you're done, repeat that over and over again. Do it consistently, and you can completely change your culture and approach to innovation.

See also: When Regulation Offers Opportunity

Conclusion

Peter Drucker viewed innovation as a new way to view the universe. He envisioned a world where humans were no longer limited to scarce resources. Instead, they could literally create the future regardless of perceived limitations. 

Organizations don't need superhuman efforts to be innovative. They need small actions that can compound over time. It is much easier to adjust the course of a ship in small tweaks than to change directions drastically. The passengers aboard will also prefer avoiding brute directional changes. 

I leave you with this story: In 2013, the Defense Advanced Research Projects Agency (DARPA) gambled on a new approach for making vaccines. It awarded $25 million to a relative newcomer called Moderna, with the hopes that the small investment would one day pay off. Ten years later, Moderna's mRNA vaccines helped humanity move on from a global pandemic.

Breakthroughs don't always look like home runs. They are often just small steps in the right direction.

KEY TAKEAWAYS:

--Mobile teams asking for in-app feedback and acting on it are better able to keep customers active and engaged in their mobile channels. Closing the loop with dissatisfied customers is crucial.

--The success rate of selling new services to a customer you already have is 60% to 70% versus 5% to 20% for new customers. 

---------

In Alchemer's 2023 Mobile Customer Engagement Benchmark Report, insurance (auto, home, life, renters and pet) apps were much more popular than other finance apps (fintech and banking). At the same time, our data showed that consumers were happier with their fintech and banking apps than their insurance apps.

The report compiles data from more than 1.2 billion app installs from Alchemer Mobile customers and the consumers who use their apps. As it does every year, the report provides insights into mobile customer behavior and what gets people to act. 

Ratings, Reviews and the Differences Between iOS and Android

Across all industries, iOS users were generally happier with apps than Android users. According to Statista, as of March 2023, 83% of apps had a rating of less than three stars out of five. Research also shows that apps with four or more stars are 89% more likely to be downloaded.  

Retention

Insurance apps had lower-than-average retention rates in 2022. The category had 30-day retention of 51% (compared with 67% across all categories), 90-day retention of 41% (58% overall) and one-year retention of 24% (42% overall). However, when brands invested in asking consumers for reviews (such as with a Love Dialog – the “Do you love our app?” feature within Alchemer Mobile), 30-day retention grew to 75%.  

See also: 3 Great Apps for Insurance Agents

Customer Sentiment

Positive customer sentiment for insurance was 73%, above the overall benchmark of 64%. While the high cost of switching contributes to customer retention, it doesn’t keep sentiment high. Mobile teams asking for in-app feedback and acting on it are better able to keep customers active and engaged in their mobile channels, extending the brand’s reach and deepening each customer’s brand relationships. 

In-app Surveys

Insurance brands have room for improvement when conducting in-app surveys. Insurance apps’ average survey response rate was only 12% (the overall benchmark was 13%). When mobile teams used surveys presented with a Note – a message or invitation from the brand – to ensure customers were bought into the survey before presenting it, the results were impressive: The average response rate to Note-linked surveys was 56%. Insurance brands should experiment with various engagement strategies across target segments this year. Additionally, these brands will want to close the loop with people so customers know their feedback has been heard and changes to the app are being made as a result of their feedback. 

Engaging customers appears to be the key to success in 2023 and beyond. Engaging customers through surveys is one of the easiest ways to improve ratings and reviews. Insurance brands prompted 35% of customers for surveys and received an average interaction rate of 37%. When Notes were used to invite consumers to participate in a survey, the response rate jumped to 56%.

The Value of Risks

Even though Risks (those consumers who answered “No” to the question, “Do you love our app?”) may be unhappy with an app, retention in the insurance category is just a few percentage points better for Fans (those consumers who answer “Yes” to the question “Do you love our app?”). Retention was 77% for Fans versus 73% for Risks after 30 days. This means that even though people at risk are unhappy with the app, they’re invested in making the app work better for them or it’s too hard to switch insurance companies, so they continue to do business with the insurance company, even when they're not satisfied with the app. Consequently, closing the loop with these patrons not only lets them know you heard them, but when you make changes based on their feedback, they are much more likely to convert from Risks to Fans. 

Keep What You Have

Mobile app retention will remain a vital metric for mobile product owners and managers across the insurance industry. Because acquiring new customers can cost five times more than retaining existing ones, many mobile product owners are shifting their focus to keeping the customers they have. Additionally, the success rate of selling new services to a customer you already have is 60% to 70% versus 5% to 20% for new customers. 

Better understanding of customer churn will drive product owners and managers to use tools in 2023 to improve app retention. Features like Alchemer Mobile's Love Dialog and Fan Signals can help. Carefully monitoring customer emotion shifts will enable smart communicators to respond with messages, promotions and surveys to better seize the opportunity.

KEY TAKEAWAYS:

--Hackers have infiltrated companies' IT networks through their suppliers, such as in the infamous SolarWinds debacle.

--Quantum computing greatly increases the ability to break encryption, making attacks through the supply chain far easier.

--Even though quantum computing is still in its infancy, companies should take four steps now to prepare.

----------

Quantum computing holds so much potential for the world, but inevitably it will also introduce new risks to your business. Chief information security officers (CISOs) may have already started considering what quantum computing means for their own infrastructure, but one area is often overlooked: the supply chain.

Supply chain providers can unwittingly introduce security vulnerabilities into your organization. These vulnerabilities can be exploited by attackers and expose your company to security incidents, ransomware, an unwanted reputational hit or all the above and more. And the ability for quantum computers to break today's encryption algorithms that keep our data safe will only exacerbate the threat.

Sophisticated attackers, who have your company in their sights, may consider using a variety of attacks against your suppliers to compromise them, and ultimately you. Once your supplier is compromised, they become a steppingstone into your organization.

For example, a supply chain attack plan was used and executed to notorious perfection with the SolarWinds cyberattack. For those unfamiliar, in December 2020, it was discovered that the service supply chain of SolarWinds, a U.S.-based IT management software provider, had been compromised. SolarWinds is a key provider of software and services to companies around the globe. The attack resulted in the theft of sensitive data from numerous government agencies, technology companies and other organizations worldwide.

The SolarWinds compromise steps became a blueprint for other attacks:

• Initial Compromise: The attackers initially gained access to SolarWinds' software build environment, where they injected malicious code into a software update for the Orion platform, a widely used IT management tool.
• "Trojanized" Software Update: The malicious code, referred to as the Sunburst malware, was included in the Orion software update and was signed with legitimate SolarWinds digital certificates, making it difficult to detect.
• Distribution of Trojan Software: The compromised software update was then distributed to SolarWinds' customers. When the customers installed the update, Sunburst malware was installed on their systems, allowing the attackers to gain persistent access.
• Lateral Movement: Once inside the SolarWinds customers' compromised organizations, the attackers used various tactics, techniques and procedures (TTPs) to move laterally across their networks and gain access to sensitive data.

Quantum computers process information in a fundamentally different way than classical computers. Quantum computers use qubits, which can represent both 0 and 1 simultaneously, and, as a result, quantum computers' power grows exponentially in relation to the number of qubits linked together. The expectation is that, with this power, quantum computers will multiply the effectiveness of several supply chain attack vectors that are in use today, specifically:

• Brute Force Attacks: Quantum computers can perform certain types of calculations exponentially faster than today's classical computers. This means they can run possible combinations of keys or passwords in a fraction of the time it takes a classical computer, making the effort of "guessing the right combinations of keys or passwords until the correct one is found" much more efficient and effective.
• Password Attacks: Quantum computers can also be used to break password hashes, which are used to protect user passwords in many systems. Password hashes are vulnerable to quantum attacks using Grover's algorithm, which can be used to find the original password from the hash.

While quantum computers have the potential to break many of the currently used encryption algorithms, the technology is still in its infancy, and large-scale quantum computers capable of breaking encryption are not yet available. However, it is important for companies to be aware of the potential risks and to take steps today to protect against them, including adopting post-quantum cryptographic algorithms and taking a strong cybersecurity posture. This effort includes reviewing the software and services you consume within your company - your supply chain.

See also: The Challenge of Quantum Resilience

To that end, CISOs should consider four steps:

1. Risk Assessments: Do your third-party vendors and suppliers have a plan to address post-quantum cryptography (PQC)? Perhaps they have a robust and mature security program that includes PQC. Risk assessments should be comprehensive enough to understand security controls and the maturity of those controls. You are going to find companies at different stages on their cybersecurity journey, and understanding that maturity level as it relates to the services being consumed by your organization is one way to evaluate risk for your organization.
2. Supply Chain Requirements: Draw a line in the sand to mandate that the security and integrity of the products and services provided meet certain standards. For example, you can require a SOC 2 report from your provider. The SOC 2 report is centered on a service organization's IT controls. It's an attestation report in which certain internal controls have been designed and implemented, and those assertions are audited by a qualified CPA firm. This may not be readily achievable but should drive desired business behavior. The White House has issued executive orders that emulate this approach by directing new security standards with a focus on adoption of emerging technologies, including post-quantum encryption.
3. System and Communications Protection: Take the time to understand the what, where, how and by whom regarding a product or service being provided, and then discover the constituents in your organization using them. Knowing these potential threat vectors can better prepare defense and response models to protect the organization as post-quantum technologies advance.
4. Incident Response Planning: Create response plans that include procedures for security incidents involving third-party vendors or suppliers. Supplement your current plans by understanding how critical suppliers would notify you about a security incident. Streamline those communications with the right resources in your organization so you can respond quicker and take timely action against an attack.

With some effort and proper planning, you will be able to reduce the quantum risk to your organization and improve your ability to respond to a service supply chain threat. Providing context to the risk in your supply chain, including threats from post-quantum computing, demonstrates a high-level of acumen all CISOs should be delivering.