Claims management has always been a combination of art and science. The science part tends to be fairly easy to understand, at least at a conceptual level. After all, insurers base a great many of their decisions on statistics and probability. They search for anomalies, applying filters to discern which conditions fall outside of acceptable boundaries. If something unexpected turns up, they flag it for follow-up.

The art of claims management is quite a different story, though. What makes a great claims professional is his or her ability to read through detailed accident reports, medical notes and legal documents to determine which elements are meaningful and which ones simply constitute background noise.

In many respects, the claims professional’s role is to take in very large amounts of analog information and distill it into a form that can be understood through a more analytical, scientific lens. This is difficult enough, just on the face of it. It calls for an understanding of medical terminology and practice and legalese and the ability to decipher accident and medical reports. And it requires a knack for retaining and synthesizing information from multiple sources.

That difficulty is compounded, though, by the fact that virtually every claim is really a moving target. New information flows in constantly. Every fresh data point must be ingested, evaluated and understood in the context of the claim as a whole. Given the complexity and duration of many claims, making sense of all that detail is no small feat.

Technology can improve this process dramatically, easing the burden on claims professionals by ingesting new information the moment it arrives, discerning its meaning and placing it in context alongside all the other information in the case. Technology can detect which conditions may indicate a high risk of litigation and which ones might raise concerns about poor medical outcomes. Artificial intelligence (AI) functions as a kind of intelligent assistant to the claims professional, pre-processing information and calling attention to the details that matter most.

The key that unlocks that door is called natural language processing, or NLP.

Predicting Litigation Risk in Commercial Auto Claims

Let’s consider what this might look like from the perspective of litigation risk in commercial auto claims. After years of record losses, insurance carriers got a short reprieve during the COVID-19 shutdowns of 2020. Claims shot back up in 2021, though, raising the alarm on loss ratios and the factors that affect them.

Litigation prevention is a key factor in that equation. Experienced adjusters typically understand which kinds of claim details indicate likely attorney involvement; but seasoned professionals can be hard to hire and retain these days, and it takes considerable time for a new hire to come up to speed.

AI can improve the speed and accuracy with which claims data is assessed. That helps your most experienced people be far more effective, and it gives your newer staff a leg up. Perhaps most importantly, AI can flag at-risk claims early, enabling you to steer potentially problematic cases to the most experienced adjusters in your organization or push to settle those cases pre-litigation.

See Also: AI Investment in Commercial Lines

Finding Structure in Unstructured Data

In the commercial auto space, there are five types of structured data that adjusters look at to determine whether it’s likely that attorneys will get involved. These are the types and number of vehicles involved, the location of the accident, type of accident, injury details and the amount of vehicle damage. Unfortunately, important details are often buried in the claim file in the form of unstructured data.

A great deal of the information collected for commercial auto claims comes from phone conversations between the adjuster and the various parties involved in the case. Other information comes from medical notes, police reports and email communications. In a perfect world, all of this information would be entered into a claim system as structured, standardized data. In the real world, it’s often cryptic and somewhat difficult to decipher.

Consider a claim that includes the following note: “Insd emp/drvr contact became uncomfortable, attempted to reset/fix and rear-ended clmt … chain reaction.” To an experienced reader, that may indicate fault and liability. To a novice, it might pass under the radar. In either case, it’s invisible to a quantitative scoring system unless it can be scored and rendered as structured data.

NLP parses human language to discern its underlying meaning. It can detect context, decipher abbreviations and distinguish among seemingly nuanced variations of a phrase that might have very different implications. NLP can understand unstructured data such as notes, assigning a quantitative assessment indicating the likelihood that the insured driver was at fault. In this example, NLP might flag the claim as high-risk because it matches patterns that indicate an elevated risk of liability.

NLP can also fill in missing details that might be provided in an adjuster’s notes but were never included as structured data, per se. A claim might contain a note that says: “Was the driver an employee? Yes. Is there an alcohol consumption policy? No.” Clearly, the claims manager gathered this information but may have been too busy to enter it properly as structured information in the claims system.

Other examples include verification of accident details (e.g., “photos from insrd confirms hvy impct accdnt”), details that provide clues as to the severity of injuries (“passngr went to ER … admitted for 2 days … mltpl tests … no injuries.”) or details about claimants (“unsure if CV is insured”).

NLP parses that kind of unstructured information, rendering it as structured data and filling in the gaps that otherwise go unnoticed. AI-powered NLP is always on, ready to ingest information the moment it arrives. That empowers claims managers to act promptly when there’s a material change to one of their cases.

The role of claims professional will not go away any time soon, if ever. Nevertheless, today’s technology can assist tremendously with an otherwise very burdensome process, freeing up claims professionals to focus on applying their judgment and expertise where it can make the biggest difference.

Across the country, the Great Resignation has seen professionals leaving their jobs and moving on for several reasons, including the COVID-19 pandemic, unsatisfactory or uninspiring working conditions, limited opportunities for growth and more. Just this March, a record 4.5 million people quit their jobs, leaving businesses with significant deficiencies in their workforces.

As we all know, concern as to how to attract the next crop of professionals is nothing new for the insurance industry. According to Insurance News Net, a quarter of the insurance industry is currently over the age of 55. We’ve faced a talent issue for several years and grappled with the best ways to tackle the challenge. Now, as the industry faces the looming threat of mass retirements from industry professionals and a challenging labor market to break into, it’s time to get down to brass tacks. Maybe the solution is simpler than we think. 

What the Industry is Doing Differently

Recently, the insurance industry has taken several different steps to address its talent deficit. For starters, we have seen growth in apprenticeship programs. These programs are designed to bring in nontraditional talent from a wide variety of backgrounds. Innovative programs like these aid in the recruitment of a variety of candidates, from parents returning to the workforce to high school students, to people from diverse geographic cultural and economic backgrounds, students with varying academic specializations and more. This hands-on experience gives them a taste of working in the industry and has proven valuable in showcasing the strength and variety of opportunities available within an insurance career.

At other businesses, we have seen the emergence of employee resource groups (ERGs). Serving as a tool for companies to show appreciation for their staff, ERGs create a safe environment for employees across backgrounds to share their experience working in the industry and learn from each other’s time at their companies. 

These measures and others have certainly moved our industry forward in terms of addressing the talent gap. At Pennsylvania Lumbermens Mutual Insurance Company (PLM), we are not afraid to think outside the box, but we also know that in addition to these new methods, more traditional methods of recruiting and retaining can continue to produce happy employees and good work product – provided companies invest the right resources into them. We have found great success in recent years providing prospective and current staff with the resources they need to develop careers in insurance that make them feel valued, appreciated, challenged and as if they are making a difference. 

A Focus on Education and Development

For longstanding industry professionals, education is key to keeping them engaged and inspired. Here, an emphasis on continuing education and developing varied skillsets can go a long way. 

At PLM, we require our employees to participate in continuing education. Career development is essential to building out our business and to the individual professional success of our team members. We encourage our employees to regularly participate in educational courses that further their talents and continue to grow their interest in the work. We also reward them financially for their efforts toward continuing education.

Additionally, we try to expose our staff members to several disciplines of the business so they can find what truly fits their skillsets and passion where possible. For example, we have people on our team who started in underwriting, switched to IT and then found their home working on our marketing team. We want our employees to feel they aren’t boxed into their current roles and have the chance to explore, try new experiences and expand their skills. 

Companies across the industry can improve their retention efforts with a renewed dedication to professional development. Staff members want to feel valued by their organization and want to believe they are making progress in their own careers. Working with them to develop their skillsets can be a valuable step forward.

See Also: Keys to Finding and Nurturing Talent

Work-Study Initiatives and College Internships

Insurance continues to have a reputation issue among younger audiences as an industry with limited intrigue, but by reaching them early, leaders can showcase not only the value of a career in the industry, but the value of insurance to society. They likely don’t realize that insurance is a key factor in keeping our global economy humming – providing opportunity for new retail, professional services, the creation of new life-saving medicines and more. Through education opportunities and practical experience, insurers can not only correct misconceptions about the industry, but paint the industry as the cog in our global economic engine that it is.

At PLM, we partner with the Cristo Rey Philadelphia High School, which has a work-study program that has allowed us to provide students with a clear, comprehensive introduction to both the insurance industry and the wood niche that we insure. Once a week, we work with their students to introduce them to the basics of an insurance career and show them how rewarding a career in insurance can be. Our partnership gives these students a glimpse at the inner workings of insurance, while also providing them with practical skills for their continued education. 

A more common tool used by the industry is of course college internships. College students looking to try new work and discover career paths can take advantage of internship programs to see if they fit in insurance. Often, we see college internships at companies in insurance or in other industries that only offer interns basic experience. Their work is often limited to administrative tasks, research projects and other hands-off responsibilities that don’t showcase the value of working in insurance. 

College internships should provide practical work experience and give interns a chance to really see what their day-to-day work would be like. They should also have the opportunity to try out different parts of the business and find what roles they truly enjoy. This can be helpful for the employer as well, as they could have a new hire in a few months who’s already been partially onboarded and exposed to the business, the team and company culture. At PLM, we’ve hired around five interns each year.

Show That You Care

Several recent studies have demonstrated that both new recruits and current industry professionals want to work in an environment where they feel they can make a difference. Part of the industry’s reputation problem has been a perception that a career in insurance is simply profit-oriented. What our industry has struggled to convey over the years is that insurance is an industry rooted in giving back.

In times of crisis, our industry provides critical protection and support to those in need. When a disaster occurs, insurance professionals are almost immediately on-site assessing damages and seeing what we can do to recoup what people have lost. 

The insurance industry actually has a big heart. A 2020 study from McKinsey found from 2015 to 2019, the industry donated around $560 million to $600 million to support those enduring hardships from food insecurity to homelessness and more. 

This dedication needs to be showcased to the next generation of talent. At PLM, we look to do this by folding volunteering and giving back into the fabric of our company culture. With our headquarters in Philadelphia, PLM leads several initiatives in the Philadelphia community throughout the year working with major nonprofits including the ASPCA, Ronald McDonald House, MANNA, Cradles to Crayons and more. We also match employee donations dollar-for-dollar to foster a culture of giving. Most notably, we annually host a month-long United Way campaign, which gathers our entire team for volunteering and giving initiatives. Last year, we had 100% participation and contributed a total of $205,411 for programs in the Philadelphia community. Through initiatives like these, we can highlight the industry’s dedication to giving and showcase our commitment to social good.

Moving Forward 

Like many industries today, insurance does have a talent problem. But our industry is working to combat this growing concern and has been for years. By continuing to innovate and come up with new programs to attract talent from a variety of backgrounds, as well as a renewed focus on tried-and-true measures with a new investment of resources, we’re up to the task. 

As an industry, we need to build on education and development programs, make a stronger commitment to recruitment initiatives and earlier outreach, and demonstrate our industry’s rich history of giving back and desire to engage our team members and our business efforts in initiatives for social good. This way, our industry can not only survive this talent crisis, but lead the way for others now seeing talent shortages of their own.

A seismic wave stirring for insurance data management may upend the decades-old data warehousing movement. Will the wave be colossal, like data warehousing, or will it peter out before hitting land, a la object-oriented programming?

I’m talking about data mesh. But what is data mesh exactly, and why is it gaining such momentum? I’ll get to that in a minute but, first, let’s look at why traditional data warehousing is coming up short.

Why Current Monolith Approaches Aren’t Working

Data is the lifeblood of insurance modernization, and stakeholders everywhere need current data now. Unfortunately, in many insurance companies, the data monolith just can’t keep up with demand. Data warehouses, data lakes, cloud warehouses and lake houses are all variations on a theme: a shared repository integrating operational data to meet cross-domain analytic needs – e.g., integrating claims with losses, campaigns with customers and revenue with producers. The paradigm is compelling in its simplicity and workability, but it has three inherent chokepoints:

• One data producer can’t keep up with many data consumers
• Data intelligence is at the source system, not in the backend data warehouse
• The data warehouse is an extra hop

Fivetran recently found that 86% of analysts report having to use stale data and that 90% report unreliable data sources. Technology is not the issue because the bottleneck is structural – the monolith. Organizations need a paradigm that achieves data decentralization and enables self-service while ensuring governance and control. Enter data mesh: equal parts organization, process and technology. 

See Also: Turning Data Into Action

Data Mesh

The concept of data mesh, which is gaining ferocious momentum with early innovators, was first published by Zhamak Dehghani in 2018. She defines its four cornerstones as follows:

• Domain Ownership: This principle says bye-bye to the onerous enterprise data model, ETL hub and centralized repository because these are chokepoints. Instead, data ownership is at the domain level (e.g., claims, losses) because these teams are closest to the data, and they can scale with the number of domains.
• Data as a Product: There will be data producers and data consumers. Producers will create data products that are discoverable, addressable, understandable, trustworthy, accessible, interoperable and secure in a self-service environment. To counter the tendency toward silos, domains will be accountable for creating and sharing data products, and success will be measured on metrics such as data quality and usage and consumer satisfaction. 
• Self-Service Infrastructure: Players in the data mesh will be enabled with an abstracted layer of data infrastructure (e.g., storage, CPU and SQL processing, workflow control) as a self-service platform that enables them to publish and manage data products using consistent, reusable patterns and models. 
• Federated Governance: Data mesh governance balances the needs for the domains to operate autonomously with the needs of global optimization and control. All data will be protected and regulatory-compliant. Security controls will be embedded into the platform with observability and auditability.

The vision for data mesh vision is akin to an “API enterprise” wherein all digital events are callable from a restful state. For the analytic side of the house, the vision is radical, holistic and often so sensible you find yourself asking, “Why didn’t we see this sooner?” Data mesh addresses the built-in limitations of a data warehouse by achieving decentralization (aka organizational parallel processing), moving data production closer to source systems where the intelligence is and eliminating the extra hop.

In a post-data warehouse world, data mesh may become the norm. Just as MPP (massively parallel processing) was once for edge cases and is now universal, domain-level data provisioning – aka organizational MPP – may become the dominate choice in a post-centralization world. However, for insurance companies, the vision doesn’t answer some of the critical questions, such as :

• Where do we get a single version of the truth?
• What about duplication of data engineer headcount creating cross-domain integrations (e.g., aligning earned premium and incurred losses by year)?
• How do we avoid run-away public cloud bills?
• What about our data warehouse organizations?
• Who owns reference data mappings across domains?
• How does a mature insurance company move from this universe to that one?

Domain-supplied data products need to co-exist with data warehouses because the investment and reliance on the latter are so great. That said, IT patterns are emerging from early data mesh implementations that drive much-needed self-service and decentralization. For example, there can be product marketplaces where consumers search for data and insights, view context (e.g. rules, latency), provision assets and provide feedback; data producer portals that provide a unified experience for producers to onboard, govern and manage data products, including tags, quality, business rules, definitions, and policies; and data catalogs as the vehicle that makes data products discoverable, understandable, trustworthy and accessible.

Demand for data in today’s insurance companies is outpacing supply, and, in most cases, the throttle is organizational rather than technical. The data mesh approach of pushing data product ownership to the domains to achieve greater scale is promising. In terms of the technology adoption curve, data mesh is somewhere between the first stage, the Innovators, and the second, the Early Adopters. It seems that innovators are concentrated in banking, and we need to hear their lessons learned. 

Now that we seem to have reached a tipping point and will see far faster adoption of electric vehicles, a key question arises for insurers: Will they be safer or riskier?

In theory, they'll be safer, if only because the massive battery power will allow for a profusion of sensors and related safety devices. But we all know how theories can play out in practice. So, Cambridge Mobile Telematics took a hard look at performance to date and found that the answer is... a definite maybe. 

The factors involved are complex, and the stakes are high, so it's worth taking a look at the countervailing forces they've identified and at their analysis.

On the one hand, the CMT report found that the greater acceleration possible with electric motors is leading to much higher risks from fast acceleration and from cornering for electric vehicles (EVs). Tesla drivers, for instance, were found to have acceleration risks that were 3 1/2 to four times higher than drivers of vehicles with internal combustion engines (ICE). Tesla drivers had 76% higher risks from cornering.

Tesla drivers also speed 7% more than ICE vehicle drivers -- though hybrids speed 18% less, and compact EVs speed 24% less.

Those high-risk behaviors don't, in fact, translate into higher accident rates for Tesla drivers -- but do for those seeking extreme performance. People who own both a Tesla and an ICE vehicle were actually almost 50% less likely to crash their Tesla, on a per-mile basis. Drivers of Porsche EVs, though....

The report says: "Porsche drivers are 129% more likely to accelerate, 40% more likely to hard brake and 15% more likely to speed in their Porsche. Porsche drivers are also 55% more likely to crash while driving their Porsche," than while driving their ICE vehicle.

The issues get more confusing when you start looking at variables that could change considerably over time, especially as the performance and range of batteries improve. At the moment, "the average trip for a compact EV is 10% shorter in time and 26% shorter in distance than ICE vehicles," the report says. The shortening of trips is even more pronounced in cold weather, when EVs lose 10% to 20% of their range. But battery technology is improving rapidly. 

Gasoline prices are another wild card. With the surge over the past two years, the percentage of trips taken in a Tesla by those with both a Tesla and an ICE vehicle has risen from 63% of the total in January 2021 to 70% now. But the surge in prices has been subsiding -- and nobody can know where they go from here, unless you somehow have figured out what happens with global supply chains and with the Russian invasion of Ukraine. 

As driver behavior, safety features, battery performance, gasoline prices and other factors sort themselves out, EVs may well turn out to be less likely to crash than ICE vehicles -- or not.

In other words, stay tuned.

Cheers,

Paul

P.S. If you want some detail on why I believe we're reaching a tipping point in terms of EV purchases, here is what I wrote on the topic in February. The clean air incentives in the Inflation Reduction Act that the Senate passed over the weekend should speed the move toward EVs. 

It is no small task to insure coastal properties. Coastal home and business owners need adequate protection now as much as ever, especially as climate change leads to more severe and frequent storms. Unfortunately, the nature of risk – especially catastrophic risk from hurricanes – has become harder to predict using traditional underwriting tools.

Florida's new $150 million “My Safe Florida Home” legislation and the "predict and prevent" philosophy it embodies, mandate that insurers provide policyholders a detailed explanation for denying coverage and offer free inspections and up to $10,000 in matching grants for home improvement and hurricane retrofitting projects. This new legislation aims to build a better future for Floridian homeowners, but insurance companies need the right tools and technologies, such as a property intelligence platform equipped with geospatial imagery, predictive analytics, and artificial intelligence (AI).

Banks, insurance companies and employee benefits providers have taken massive leaps throughout the pandemic to better personalize their offerings and deliver additional value to plan members. But the work is not over.

Now the metaverse, a network of 3-D virtual worlds focused on strengthening social connections, is touted as a solution to many of the workplace woes that have characterized the pandemic era. (Zoom fatigue, anyone?) Metaverse evangelists claim that deeper interactions with technology through virtual and augmented reality will have a transformational impact on distributed workforces.

Insurers and banks – already stretched thin by the demands of digital transformation – are wondering if investment in this new tech will pay off.

While the metaverse is still largely theoretical, there could be several ways group and voluntary benefits providers could further capitalize on existing trends using this emerging technology. Let’s speculate!

Is the metaverse mostly hype?

Metaverse hype exploded following Mark Zuckerberg’s highly publicized announcement in October 2021 that Facebook’s name would change to Meta and that the company’s strategic direction would shift to building out the metaverse. 

However, the concept of a virtual 3-D space where people meet, play games and conduct business using virtual and augmented reality devices goes much further back. The term “metaverse” actually emerged in the early ‘90s, and Meta is by no means the only major player in the space. Tech giants Google, Apple and Microsoft have all invested heavily in metaverse development, with foundational research going back several years. Virtual properties are being snatched up for tens of millions of dollars.

Certainly, the metaverse has no shortage of skeptics, and for good reason. The hype has often been over the top. But there is something there. Savvy financial services giants like JP Morgan and American Express have already claimed expensive digital real estate in the metaverse. 

There is serious movement in this space that should not be dismissed by insurers -- even if the VR headsets do look a little silly.

How Can Employee Benefits Insurers Profit in the Metaverse?

Extending virtual health offerings

Since the pandemic, health insurers have experienced increased demand for virtual health and wellness services, such as telemedicine. By delivering these services through the metaverse, insurers could capitalize on trends while offering a more immersive experience.

Several technology providers, such as XRHealth, already offer metaverse-based virtual telemedicine services that user avatars can access at any time of the day.

Remote workers could also participate in mixed-reality wellness programs and fitness classes alongside their colleagues. This can promote healthy living and build rapport among distributed workforces.

Life and health insurers could integrate metaverse services into their benefits. Insureds would then interact more closely with the carrier’s brand. 

Avatars and gamification offer richer experiences

Carriers are already deploying AI-based technologies like digital assistants to deliver timely and contextual customer service and coaching. The metaverse presents an opportunity to extend these capabilities by connecting with a user’s avatar. 

Avatars represent an individual’s entire digital identity in a far richer way than we’ve seen previously. As people conduct more “in-person” activities using avatars, insurers will have more data than ever to develop personalization strategies. 

Carriers can leverage metaverse gamification to deliver rich experiences. For example, Cigna partnered with Microsoft to create a mixed-reality digital health tool called the "BioBall." The ball is a handheld, electronic orb that works with a virtual reality headset to navigate users through an interactive game while collecting their health metrics and flagging potential risks.

That’s a little more exciting than an online form!

Voluntary benefits tailored to the metaverse

Depending on how ubiquitous metaverse technology becomes, underwriters may very soon have troves of new data at their fingertips to more accurately and quickly evaluate a plan member’s risk. 

Using digital enrollment platforms, sales teams can recommend additional voluntary coverage based on a plan member’s activity level and other data points tied to their user avatar. This data may not be available through more traditional methods.

Additionally, popular voluntary benefits like identity theft protection will have a more important role to play in the metaverse. When a plan member’s identity can be tied to his or her digital avatar, that may create a bigger risk of identity theft.

New voluntary products tailored to distributed workforces “residing” in the metaverse may be commonplace in the next five years.

See Also: Beware the Metaverse

Responding to real-world, metaverse-related health risks

As plan members increase their usage of metaverse technology, they may be increasing their exposure to additional real-world risks. Metaverse distraction could be dangerous.

Some insurers are already responding. Seguro GO is an insurance policy designed to protect Pokémon GO players from accidents, thefts and injuries that may occur while players interact with the popular, augmented-reality game. 

Lengthy interactions within the metaverse may expose insureds to chronic health conditions tied to a sedentary lifestyle. With tools like digital coaches, insurers can establish a positive foothold in the metaverse and improve plan members’ physical wellbeing.

Insurers should also consider the mental-health risks users are exposing themselves to by protracted stays in the virtual world. We saw firsthand the mental health crisis that unfolded during the pandemic as screen time went through the roof. Will the metaverse really be any better?

Life and health insurers should pay close attention to how users interact with the metaverse and design wellness products and programs that encourage healthy digital habits, perhaps by leaning into the metaverse itself.

Will the metaverse disrupt employee benefits?

Inevitably, new insurtechs will exploit the metaverse, posing potential risks (and partnership opportunities) to more established players. At present, there is no way of knowing whether they will be successful in disrupting the industry, or even if the metaverse itself will be a success in the long run. Today, we are just speculating. 

The metaverse could have significant implications for traditional benefits distribution models. As carriers deploy customer-engagement strategies across the metaverse, it is likely that direct-to-consumer sales will increase further than they already have in recent years due to the more immersive brand experience offered within metaverse applications.

The metaverse won’t disrupt the fundamentals of the insurance business, but it will almost certainly change the relationship between insurers and insureds. As the technology matures, benefits carriers can offer more robust digital coaching, personalized benefits selection, collaborative digital wellness programs and new products to meet the coverage demands of metaverse denizens.   

Artificial reality, AI, gamification and other elements of the metaverse aren’t new. Whether you call it the metaverse or not, technology is changing rapidly, and it’s hard to predict where it will take us. Leaders of benefits insurers must help their companies stay on top of trends and positioned to take advantage of the metaverse and evolving tech.

Some of the largest insurance carriers no longer pay ransoms. The Office of Foreign Asset Control (OFAC) has deemed many hackers terrorists, making it illegal for insurance companies to pay their demands. The insurance industry faces pressure to shift its solution from ransom payment to incident recovery as more businesses request coverage. And while the war in Ukraine has caused a slowdown in ransomware attacks, experts predict these attacks will soon come back with a vengeance. It's time to think about solutions that benefit the insured and the insurance industry.

Hackers are getting smarter, and their targets are getting smaller. In Q4 of 2020, the median size of companies that incurred ransomware attacks was approximately 235 employees. In Q2 of 2022, the median company size dropped to 105 employees. Small and medium-sized organizations with limited cybersecurity resources are easier to breach and often rife with data that can be ransomed or sold on the black market. Also, hackers know that breaching organizations of this size receives less attention from law enforcement. Still, any company that uses mobile technology, engages with external partners or vendors, accepts credit cards or other forms of online payment or stores confidential customer, partner or other digital information is susceptible to a cyberattack and, therefore, in need of cybersecurity insurance and strong cybersecurity measures.

According to Sophos' report, "The State of Ransomware 2022," ransomware attacks are happening more often, doing more damage and growing more sophisticated. Last year, 66% of surveyed organizations were hit by ransomware -- an increase from 37% in 2020. Last year, businesses experienced 50% more cyber attack attempts each week compared with 2020. Equally alarmingly, the average ransom payment increased from $84,000 in Q4 of 2019 to over $800,000 in 2021. What's more, the increasing ubiquity of cybercrime leads to more claims, so, when a business is attacked, they run the very real risk of facing a longer recovery time as insurance companies and incident responders' resources are stretched thinner with rising demand.

It will take more than raising premiums and putting more limits on the businesses that can qualify for cybersecurity insurance to prevent increased claims and higher costs; insurers must insist their clients be aggressive about cybersecurity protection. This doesn't mean simply installing off-the-shelf cybersecurity products that don't fully protect businesses from sophisticated threats. Businesses may be at greater risk than they realize. The costs to recover and rebuild after a ransomware attack include more than hiring a qualified incident response team. Companies must also factor in downtime, lost data, customer service and exposing customers' confidential data, all of which could be devastating.

See Also: Why Hasn't Cyber Security Advanced?

Thankfully, there are 10 critical cybersecurity components insurance providers can recommend to reduce their customers' cyber risk levels, including confirming the implementation of:

  1.  Multi-Factor Authentication (MFA): Too often, companies rely solely on single authentication tactics like Touch ID. However, smart devices can recognize more than one thumbprint, and even fake fingerprints can successfully bypass sensors at least once nearly 80% of the time. While not an entirely bulletproof solution, MFA effectively creates additional hurdles for would-be attackers. Confirm that your customers practice MFA, even if it simply involves the additional authentication step of sending a one-time SMS to a trusted user's device to ensure they're a valid user.

  2.  Endpoint Detection and Response (EDR): EDR is an endpoint security solution that continuously monitors end-users' devices to detect and respond to cyber threats like ransomware and malware. Urge your customers to seek out EDR solutions that provide these four critical capabilities, according to Gartner: the ability to detect security incidents, contain the incident at the endpoint, investigate security incidents and provide remediation guidance.

  3.  Immutable Backups: Unlike conventional data backups, immutable backups are files that can't be modified in any way. In the event of a ransomware attack or other data loss event, your customers can rely on immutable backups to instantly restore their assets and maintain regulatory data compliance requirements -- without having to pay any ransom fees to get their (likely compromised) data back.

  4.  Managed Detection and Response (MDR): MDR is a cybersecurity service that combines technology offerings and (human) expertise to provide threat hunting, monitoring and response. By helping your customers engage with MDR services, you can support them in quickly identifying and limiting the impact of cyber threats, and they won't need to hire additional, costly security staff to do so.

  5.  Patch Management: Patch management involves identifying, acquiring, testing and installing software patches (or code changes) that are intended to fix bugs, add features or address security vulnerabilities. Many businesses forgo patching their systems, assuming doing so could disrupt critical application integrations. However, failing to patch a system's vulnerabilities creates an open door for hackers to enter and wreak havoc.

  6.  Employee Awareness and Training: A company's cybersecurity is only as strong as its weakest link, and all it takes is one employee -- even a well-intentioned one -- to cause that chain to break. Make sure your customer organizations have employee awareness and training programs in place that formalize and enforce cybersecurity best practices, such as the use of strong passwords, MFA and accessing sensitive files only from trusted devices, for instance.

  7.  Privileged Access Management (PAM): PAM is a security mechanism used to identify, authorize, manage and monitor privileged users across an entire organization. By ensuring your customers are using PAM tools, you can help them deliver secure, privileged access to critical assets while also satisfying key compliance requirements.

  8.  Data Encryption: One of the most effective data security methods, data encryption translates data into another form so only users with access to a secret key or password can read it. By ensuring your customers encrypt their data, you can help them protect their private information, sensitive data and the communication between their applications and servers.

  9.  Email Filtering: Email filtering services check all incoming and outgoing emails for spam, malware and suspicious links, and then organize these messages into respective categories and folders. Implementing email filtering is an easy and accessible cybersecurity best practice that can ensure risks like phishing emails and malware never appear in your customers' inboxes.

  10. Attack Surface Monitoring: Attack surface monitoring involves the continuous identification and monitoring of attack vectors across an organization's entire IT infrastructure. Most importantly, it's done from the perspective of an attacker. Make sure your customer organizations regularly perform vulnerability scans and penetration tests to verify their actual attack surface. It's dangerous for companies to assume they have all their attack surfaces covered!

Experts predict a new wave of cybercrime and increased attacks on smaller businesses. Now more than ever, your customers need help reducing cyber risk, and, as their insurance provider, you're in a unique position to provide trustworthy support today. Confirm that your customer organizations (as well as your own!) are implementing key cybersecurity best practices and receiving support from experienced cybersecurity professionals that offer state-of-the-art services. The prosperity and longevity of your and your customers' businesses depend on it!

*|MC_PREVIEW_TEXT|*

From the Editor: The Biggest Issue Facing Workers' Comp As tough as staffing is throughout the insurance industry, the world of workers' comp has things doubly bad -- it has to deal not only with its own staffing issues but those of its clients.  As Mark Walls, vice president of client engagement at Safety National, explains in this month's interview, many companies are having to ask employees to do more to cover for gaps in staffing. Companies are also being less rigorous about pre-employment physicals and may rush people into action. The risk of injury is rising as a result. At the same time, workers' comp carriers and third-party administrators are having to deal with their own shortages of adjusters, nurse care managers and so on, while dealing with caregivers that are struggling to line up enough doctors and nurses. The result? Not pretty. There's no easy answer, but carriers and TPAs are finding that they are more likely to attract and retain talent if they provide flexibility by letting people do more work at home.  Work-from-home creates its own set of problems, though, for all employers. I'll leave it to Mark in his interview to explain the subtleties, but suffice it to say here that it's important to designate an area for work in the home. Otherwise, any activity at any time in any spot in the house could be interpreted as being related to work, meaning that any injury could produce a claim.  The good news is that the long-term trends in workers' comp remain positive, as carriers and employers keep making work environments safer. Automation will also reduce risk.  But combined ratios have climbed from perhaps 85% to 100% or more, and any uptick in claims and expenses would send them even higher. So, the path ahead may be bumpy for a while. Cheers, Paul  Read the Full Interview READ MORE Threats, Openings for Workers' Comp What if external factors overwhelm the workers' comp system's century-old ability to balance the rights of employees and employers? Read More 'Scalable Compassion' in Workers’ Comp As much as claims representatives want to help individuals, there has been no feasible way to provide compassion at scale. Read More Smartest Idea for High-Hazard Businesses When an employee says they’re too tired to finish a physically demanding task and need to rest, that needs to be okay. Read More Case Study on Using AI in Workers' Comp Taking in extra data points and thinking in a different way has let us make better decisions about how to route claims, and more. Read More Identifying Fraud in Workers’ Comp One of the best tools for fraud prevention is to let employees know that false claims will not be tolerated and that penalties are stiff. Read More Should Workers’ Comp Be So Litigious? It’s time to dedicate resources on several fronts to get back to the original intent of the workers' compensation system. Read More FEATURED THOUGHT LEADERS Richard Victor Thomas Ash  David Fontain David Bacon  Stacey Gunn Greg Moore View all ITL FOCUS topics

Between 3% and 10% of total U.S. healthcare spending each year amounts to fraud, according to the National Healthcare Anti-Fraud Association. Facing potential multimillion-dollar losses, insurers invest significant resources into weeding out fraud and protecting their financial interests. 

Conducting a healthcare fraud investigation is a laborious process that can take weeks at the minimum. Most of that time is spent sifting through information from multiple sources, piecing it together like a jigsaw puzzle to reveal a complete picture of the provider-member relationship. Only a small proportion is dedicated to actual decision-making. 

But it doesn’t have to be that way. 

Dynamic problems vs. manual solutions 

Healthcare fraud is a dynamic problem, with fraudsters constantly changing their tactics to evade detection. Yet many insurers are tackling this growing issue using only manual tools – multiple databases, pivot tables and Excel spreadsheets – which are difficult to adapt to new scenarios. 

Unsurprisingly, this approach leaves insurers constantly playing catch-up with fraudsters, as investigators spend days manually looking into cases. In the current environment, some fraud is missed by insurers, while false positives are too frequent. Plus, when an insurance investigator does spot something fishy, they often lack the data to validate their findings. 

Evidence suggests that the pandemic and the rise of telehealth led to an increase in insurance fraud – as stringent telehealth rules were relaxed overnight, enabling providers to bill insurers for an enormous range of medical services provided virtually. 

So – in this increasingly digitized healthcare landscape – it’s clear that insurers must modernize their back office to protect against healthcare fraud. That’s where artificial intelligence (AI) and machine learning (ML) tools come in. These technologies enable insurers to create dynamic solutions to a dynamic problem. Here’s how. 

How AI Helps

AI enables insurers to optimize employee time. Rather than spending tens of days on research, caseworkers can rely on AI to analyze relevant, contextualized data and generate alerts accordingly. This both increases the efficiency of insurance investigators and improves customer experience. 

Consider the telehealth example. Imagine you’re an investigator working with rudimentary manual tools like pivot tables and Excel spreadsheets. You might spend hours assessing providers’ telehealth billing data before finding one that seems to be filing a suspiciously high number of claims. Bingo – you've spotted a fraudster! Not so fast. After embarking on a lengthy investigation, you find that this "discrepancy" can be attributed to the way the provider in question is coding a certain category of services. False alarm. 

Though the insurance investigator in this scenario acted completely reasonably, they inadvertently wasted significant resources chasing this dead-end lead. If this investigator had been equipped with AI-powered analytical tools, the same billing data could have been processed and interpreted in minutes – rather than hours. What’s more, AI would’ve produced significantly fewer false alarms, enabling the investigator to dedicate their time to following up on genuine leads – which means even more time saved.

AI’s second superpower is uncovering trends or patterns that simply aren’t easily recognized – thereby revealing hidden fraud. 

Let’s take the example of prescribing controlled substances via telehealth consultations. Rules governing this practice were significantly relaxed during COVID-19. As a result, this area of prescribing has become a fraud hotspot. This has both financial implications for insurers and potential public health ramifications – for example, if fraudulently prescribed opioids were to be sold on the streets.

AI is great at uncovering fraudulent prescriptions issued via telehealth. It can quickly spot suspicious prescribing patterns by aggregating all relevant data – including relationship analytics between members and providers. Has there been a spike in prescribing? Have these members been issued this prescription before? If not, why now?  

What’s more, AI can analyze huge quantities of publicly available data from the internet – forums, social media, Google reviews and more. For instance, if a physician was at a conference or on vacation during a particular week, how could they possibly have completed several dozen telehealth consultations each day?

See Also: Can AI Solve Health Insurance Fraud?

Striking the right balance 

This isn’t about replacing special investigations units with AI. Instead, it’s about enabling employees and AI tools to work together symbiotically. 

There’s no doubt that AI can analyze data in a fraction of the time it takes a human analyst – and with a much higher degree of accuracy. However, healthcare is – and will always be – a people business. Complex, life changing decisions made each day by insurers on the behalf of members and providers will always need human input. 

Let’s take the example of "fraud" perpetrated by healthcare providers. This falls broadly into two categories. The first category is composed of otherwise-well-meaning providers who might sometimes round up appointment times by 10 or 15 minutes and receive a higher insurance payout. The second category is made up of serious fraudsters, who consciously and consistently set out to defraud insurers. 

With AI and human employees working in tandem, insurers can easily uncover both groups. But they can also retain the freedom to handle the issue with compassion – punishing genuine fraudsters, while educating providers who’ve committed minor abuse.

That’s why – without a hint of irony – it seems obvious that AI is exactly what’s needed to bring humanity back into healthcare fraud investigations.

After almost 15 years of increasingly effective technological developments in the AI/ML arena, we are at a point where the algorithms and the trained models are well-known and the overall architecture of neural nets is well-understood. However, the quest for reasonable ROI from AI/ML projects continues, with data issues impeding wider adoption.

The current and still evolving technologies coined loosely under the term data-centric AI could help many industries tackle issues with data and make help make meaningful progress in reaping benefits of AI/ML sooner than later.

Insurance as an industry should take the lead in adopting data-centric AI technologies in providing better customer experience to the insureds.

Issues with data

Many of the following have been well-documented and are issues for which solutions have been emerging for some time: 

• Sovereignty and regional aspects
• Privacy and security
• Accuracy
• Bias and explainability, responsible and ethical AI/ML
• Interruption
• Unavailability of large data sets
• Bespoke model training

Adhering to aspects of data like sovereignty with all the current and emerging regulations requires insurers to essentially train AI/ML models in country or in some cases in the region where the models will be used to predict business insights. Because data is indicative in the context of regional and local market dynamics, AI/ML models should be trained locally for avoiding bias and making them explainable in the local context.

Another issue is that the pandemic caused major disruptions to business data, essentially weakening the efficacy of pre-trained models. This led many insurers to spend time and effort in re-training deployed models, as many of them built bespoke models in-house. 

See Also: The Data Journey Into the New Normal

What Is Data-Centric AI?

It is loosely defined as AI/ML that depends on data that is engineered to a) account for domain-specific nuances while also factoring in the regional/local context, b) handle regulatory aspects like the appropriate amount of anonymization, c) remove bias from data that is used for training, d) depend on smaller but relevant data sets when large data sets are not available and e) potentially use synthetic data that is generated by tools that try to maintain statistical similarity to real data.

This engineering of data goes beyond the traditional sourcing, cleaning and basic, algorithm-related tuning that happens today. Increasingly, tools to help visualize and engineer data are appearing in the market.

The data-centric AI and related tools are aimed at enabling business domain experts who can manage AI/ML initiatives without the need for a large team of data scientists and IT experts.  

What should the insurance industry do?

The insurance industry should look at data-centric advances in AI/ML and take the opportunity to lead in providing a better experience for insureds. Here are some suggestions for insurers as they embark on and in some cases re-look at their current AI/ML initiatives:

• Depend on foundational models
  • There is a growing movement in many industries to depend on pre-trained models and use them as foundational elements to improve efficiency in the context of a specific entity. This includes training specific areas that need improvement. This is as opposed to re-training the entire model. 
• Use smaller but relevant data sets
  • The insurance industry is rich with data; however, it Is not at the scale that consumer-facing entities collect data that enables them to train machine learning models for increasingly better accuracy. Moreover, there are questions for which the answers are not clear or are evolving. Who owns the data? Can the data be used for analysis? To what extent is the industry comfortable with anonymization technologies?

In this context, Insurers should start looking at engineering the small but relevant data sets that are easily available and can help improve accuracy of the models.

• Evaluate use of newer anonymization technologies
  • Technology that allows advanced analytics on encrypted data are maturing and should help insurers build business cases that involve their partner data.
• Build data engineering organizations – not just IT teams
  • AutoML technologies help move the skill gap in using AI/ML to the left, meaning knowledgeable business analysts should be able to do most of the tasks of a data scientist. AutoML technologies have traditionally not focused on allowing non-IT teams to engineer data, but tools for helping them do so for better model accuracy are emerging and are increasingly contributing to the data-centric AI movement.
• Use synthetic data selectively
  • Tools that generate synthetic data to supplement the smaller data sets that insurers depend on today are gaining traction. While many of the tools may not generate data that removes bias and do not necessarily maintain statistical integrity of the data that is required for effective models, they are a good start. At the outset, an easier way to start using synthetic data is to apply on a subset of the AI/ML system where there are issues with accuracy.
• Train models regionally
  • Increasing regulations on data in many countries may necessitate the training of AI/ML models in-country or in-region. This has the added benefit of reducing bias in training, probably will make it easier to explain the decisions put out by the algorithms and may be more accurate. However, in the past, scalability of training models locally and regionally has been an issue. With data-centric AI/ML tools augmented by AutoML tools, insurers should be able to set up a highly efficient business operation in training models locally.
• Build a framework and governance for responsible and ethical AI
  • The EU is leading the way in helping define a framework for responsible and ethical AI. Insurers should review their output and look at data-centric AI technologies as the foundational elements to define a bespoke framework for their business and set up governance to prevent and mitigate liabilities resulting from their use of AI in making business decisions.

Conclusion

It is imperative that insurance as an industry gets beyond the hype of the "I" in AI and becomes more pragmatic in their use of AI/ML technologies for generating business insights. The recent evolution of AutoML technologies helped shift the required skills to the left and reduced dependency on data scientists and IT teams. However, many of the issues with data necessitate the rethinking of the use of AI/ML in a data-centric way, helping business domain experts to engineer data and address many of the macro-issues and in the process, improve efficacy of trained models and keep them relevant in their continued use over a period of time.