Web users, especially business owners, already have plenty of good reasons to be careful with what they put online. Shifts in public perception, the increasing threat of data leaks and continual attempts to steal your identity might be enough. However, new state rules for New York’s insurance companies could highlight another worrying trend. What you post could affect your premiums. It’s already legal for insurance companies, including life insurance and business protection insurance providers, to use public data to decide what you pay. From credit scores to court records and now including your Twitter feed, they can effectively use nearly anything they want to set insurance prices. Now, however, New York is taking a bold step forward as the first step to codify the practice. Discrimination by race, sexual orientation, faith and other protected classes is still illegal, but the use of personal data to inform insurance decisions is a trend that many are worried other states will follow. See also: New Efficiencies in Life Insurance   Your data is just another way for insurance companies to measure your risk and make more efficient decisions. Regulations are designed to keep the needs of the companies and their customers both satisfied, but many are concerned that it’s just giving the providers license to be more invasive when deciding premium rates. Your rates aren’t only decided by what information you fill out; examinations are reaching further and deeper into our data than ever. The automation of the industry is making it easier to collect and collate data from many sources, but there’s always a human involved in the judgment, and many are concerned that business protection and life insurance providers expose too much. Social media use in setting insurance premiums isn’t commonplace, yet. Only one of 160 insurers in New York use it, but “big data” is spreading across industries, showing the power of using data from diverse sources. At the moment, social media is used to determine falsehoods in applications, but there’s no reason it can’t be used in ways that customers might consider more invasive. And while discrimination is prohibited, some fear there’s nothing to stop providers from doing deeper dives. In many cases, the deeper you look into anyone, the more likely you are to uncover something that could be used to raise their premiums. Algorithms may seem impartial, but they are designed by humans with all of their own biases. One textbook example is COMPAS, which predicted where crime would occur based on criminal justice data from the U.S. The tool vastly overestimated rates of recidivism for black defendants while underestimating the same risk for white defendants. This trend of using social media data might not be widespread just yet, but there are justified fears that social media surveillance and investigation will become more common as reliance on the technology spreads. As such, it may be even harder for customers to see what affects their premiums, as much of it could be determined by big data gathering information from dozens of sources and obscure algorithms used to highlight risk factors. This risk of surveillance, even if it has no application in reality, affects how we use the internet. A trend toward “deleting Facebook” arose shortly after its sizable data breach last year. Data-sharing from sites and businesses of all kinds has seen use of virtual private networks (VPNs) skyrocketing. This might seem prudent, at first, but if our social media use is being so closely monitored, then we’re less likely to use those platforms to talk and associate freely. The issue isn't just in the data we share, but also the data we consume. If a business protection insurance provider looks at who you follow on Instagram, what’s to stop it from deciding premiums based on whether you follow high-risk individuals, even if you are not a high-risk individual yourself? The same goes for health and life insurance companies, which could raise premiums because someone is seen as a higher risk because they are part of suicide prevention groups on Facebook. Business are already under great scrutiny for their social media, mostly by customers, which is justifiable. However, when it comes to business protection insurance and key man insurance, the premiums for protecting the people and assets most important to your business’s growth could be rising for reasons that are more obscure than most will be able to work out. We don’t know how far into your posting history insurance providers can go in their search for data, so it’s best to create a strong social media policy as soon as possible. The law is always slow to catch up on technology. While many fear that the wheels may not turn in time for smart, context-driven regulation, other solutions are being looked for. Some want broad restrictions on the ability of insurance providers to use public information, while others are fighting for great transparency. Some consider it of utmost important that insurance companies be clear with what data drives their premium setting, as well as when new algorithms and data sources are used to adjust them. See also: How to Resuscitate Life Insurance  However, insurance companies have a vested interest in protecting their algorithms and how, exactly, they find their premiums. Protection of trade secrets and other intellectual property is part of what keeps them competitive. Furthermore, if the widespread ignoring of terms and conditions on the internet shows anything, it’s that notices of new algorithms may not register with the majority of customers. Most people simply don’t understand the technology that could be used against them. More detailed regulations, such as a need for algorithmic impact assessment, are looked at as another potential solution. In answering questions that find out the data that insurance providers use, why they use it, what they test and whether they have tested the system for bias, discrimination could be halted in its tracks. The insurance industry and its customers rely on the ability to use the data available to set premiums based on risk level. However, the threat of discrimination is driving concerns.

On June 26 of this year, Connecticut Gov. Ted Lamont signed HB 7424, the state budget bill. Among the provisions in this over 200-page piece of legislation: “The bill repeals the state’s information security program law, replacing it with provisions substantially similar to the National Association of Insurance Commissioners (NAIC) insurance data security model law.” This is remarkable for two reasons. The first is Connecticut doing something no state west of the Mississippi has done – adopt the NAIC Model Law. The second is the Connecticut legislature actually repealed outdated laws before it adopted the new ones. Clearly, these people have never been to California. Which brings us to the California Consumer Privacy Act of 2018, or what is now affectionately known as the CCPA. Insurance companies are anxiously anticipating the outcome of several assembly bills amending the CCPA that are awaiting action by the Senate, now that the legislature has returned from summer recess. Regardless of the changes, it remains likely – even though unnecessary – that the CCPA will “go live” on Jan. 1, 2020. Given the number of cans kicked down the road by the legislature this year on important CCPA issues, it will be difficult for regulators to provide much needed clarity by the July 1, 2020 rule-making deadline. What regulations are adopted will likely be subject to quick change once the Jan. 1, 2021, iteration of the CCPA takes shape during next year’s legislative session. It will also be difficult for the attorney general to provide advice to businesses or third parties on how to comply with the CCPA, a requirement the attorney general feels, correctly, is a bit at odds with his obligation to enforce the CCPA. Maybe that, too, will be part of the 2020 agenda. In the meantime, insurance companies are faced with an increasing number of privacy and data security requirements not associated with the CCPA. For insurers doing business in New York or states that have adopted a form of the NAIC Insurance Data Security Model Law, compliant practices are being developed right now. In the case of New York and its Cybersecurity Requirements for Financial Institutions, 23 NYCRR 500, the “go-live” date was March 1 of this year. The New York regulation became effective one year after publication but also had a two-year transitional period before full compliance was required. That implementation process could have been emulated for the CCPA. Instead, there appears to be a hard effective date of Jan. 1, 2020 even as key amendments are still being negotiated. And remember, while the attorney general cannot bring an enforcement action until the earlier of July 1, 2020, or the adoption of regulations, lawsuits can happen right away. More accurately, lawsuits can commence after the 30-day notice and right-to-cure provisions are triggered. The CCPA has a series of “data exceptions” that are evolving. While entities such as insurance companies are not exempt from the new law, certain personal information (PI) of “consumers” is. Among those exemptions is PI collected that is also subject to the Gramm-Leach-Bliley Act (GLBA), 1999 legislation that ushered in privacy protections and rules for the safeguarding of PI by financial institutions when the merger of banks, investment firms and insurance companies became authorized. GLBA also required states to undertake certain actions in terms of privacy of PI; if they did not, the information practices of insurers (and others) would be subject to federal regulation. States could provide greater protections than the federal law but not diminish them. See also: First of Many Painful Privacy Laws   So, the NAIC and the California Department of Insurance sprang into action. California adopted portions of NAIC model regulations governing privacy of financial and health information, and additional regulations governing the safeguarding of that information. While the Department of Insurance was adopting portions of these models, it also provided additional privacy protections and conformed the new privacy regulations to already existing statutory protections in the Insurance Information and Privacy Protection Act (IIPPA). In addition, the legislature adopted the California Financial Information Privacy Act (CFIPA) as part of providing greater privacy protections for California residents and customers of financial institutions (including insurers) than required under GLBA. As part of the expansion of privacy protections beyond those contained in the federal law was the characterization of a workers’ compensation claimant as a “consumer” under certain circumstances. While this activity was going on, the Federal Trade Commission (FTC) adopted the Privacy Rule – relating to information practices and providing the ability for consumers to “opt out” of having their information shared. It also adopted the Safeguards Rule, requiring a financial institution to develop, implement and maintain a comprehensive information security program. After this great rush of legislative and regulatory activity in Sacramento and Washington, D.C., during 2000-2002, the pace of new regulation of privacy practices of insurers slowed. Newer iterations of the NAIC model regulations were not adopted in California, and neither was the later iteration of the IIPPA. The legislature continued to push out privacy-related bills at a dizzying pace, including the California Online Privacy Protection Act (COPPA), 2003 legislation requiring operators of websites and online services that collect PI about the users of their site to conspicuously post their privacy policies on the website and comply with them. The COPPA has been amended several times to keep up with technology. It is not in conflict with the existing requirements of entities that fall under GLBA. Indeed, analyses of Assembly Bill 68 (Simitian), 2003 legislation creating the COPPA, suggest that part of the intent of this legislation was to have other businesses operating on the internet adopt the same policies and practices as financial institutions under GLBA. The CCPA does not amend the COPPA, or even refer to it. Instead, the CCPA adds even more content on business’ websites so the new rights allowed under it can be exerted by consumers. Both the CCPA and COPPA want their notices to be “conspicuous” and on the business’ home page. It’s going to get crowded on home pages. In March of this year, the Federal Trade Commission (FTC) announced it was proposing to revisit both the Privacy Rule and the Safeguards Rule under GLBA. The changes as they relates to the Safeguards Rule will closely track the NAIC Insurance Data Security Model Law and the New York Cybersecurity Regulation. Once adopted, the changes may result in more action from the NAIC. None of this will occur in 2019, and maybe not even in 2020, but the landscape for privacy protection and data security for insurers and insurance organizations will be in a state of flux at least through 2021. The authors of the CCPA acknowledged that, within the patchwork of state and federal laws governing PI, some safeguards are adequate. The initiative measure upon which the CCPA is based provided data exceptions for PI covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These data exceptions were expanded to include other laws, including GLBA and the CFIPA, during the legislative negotiations in 2018 that resulted in the initiative being withdrawn. In the rush to forestall an initiative and pass something to send to then-Gov.r Jerry Brown before the end of June last year, the California legislature did what it all too often does: add new laws without regard to existing ones addressing the same issues but in a different way. Because only certain PI is exempted from the requirements of the CCPA, businesses that collect and disclose exempt data must nevertheless maintain the architecture of the CCPA for non-exempt data. Consumers who seek to exercise their rights – assuming they will read properly crafted notices on business websites – will access a series of links only to be told that the PI they are seeking to control or delete really isn’t PI, even though it includes the consumer’s name, address, Social Security number, etc. It’s just not CCPA PI. Well, that’s certainly enlightened public policy, isn’t it? See also: In Race to AI, Who Guards Our Privacy?   It is difficult to claim the current and evolving laws and regulations governing consumer control over and data security of PI collected by insurers is inadequate. Yes, there have been security breaches among financial institutions covered by GLBA. That, however, is not the exclusive measure of effective security. The CCPA acknowledges that “reasonable” security efforts will protect a business from liability if unencrypted or unredacted PI is improperly accessed. Clearly, that also sends a message as to what the legislature thinks is a minimum standard for what is “reasonable.” Not good enough. The IIPPA, GLBA, the Privacy and Safeguards Rules of the FTC, the Department of Insurance Privacy Regulation and continuing initiatives by the FTC and the NAIC demonstrate a decades-long history of developing strong laws to protect the privacy of insurance consumers. Advocates for the CCPA would do well to remember that not every business is unregulated when it comes to information practices and give the IIPPA and subsequent laws a level of earned deference in today’s digital debate. Or, to quote Jacob McCandles (John Wayne) in the movie "Big Jake," “If you can’t respect your elders, I’ll just have to teach you to respect your betters.” The CCPA gathers headlines because it is intended to empower individuals and their efforts to control their own PI. When PI is shared, policymakers want to make certain it is shared transparently and securely regardless of where the PI goes. This is a response to the use of PI by very large international companies that occupy an outsized space in what is purported to be a competitive digital marketplace. They are also the companies most able to afford the increasingly complex data security environment throughout the world and who can pay very large penalties for non-compliance. Good for them. This new and complex environment is where policymakers in Sacramento should focus for the remainder of 2019 and next year, when CCPA 3.0 will roll out. Unfortunately, they won’t.

The joke about cyber insurance is that if you’ve read one policy, you’ve read… one policy. As an emerging, yet vital, form of insurance, cyber has not yet become standardized in terms of the coverage offered. This puts a heavy burden on businesses to rigorously analyze cyber policy options to pick the one that best fits their needs. Vetting countless different policies can be daunting, especially for small and midsize businesses (SMBs) that lack the resources of major corporations. And with the cost of cyber breaches expected to hit $6 trillion in the next few years, this task could not be more important. Insurance companies with stand-alone cyber offerings are working to make policies more accessible for SMBs, which are traditionally underinsured or uninsured for cyber, so that these businesses have a plan in place to survive a breach. While insurance agents play a critical role in the insurance market — businesses need an agent to talk them through how this form of insurance operates and answer any questions that they may have about coverage — we need additional methods to bring cyber coverage to more businesses. There is a fundamental distribution issue that needs to be solved, so that all SMBs have easy access to policies that apply to them. See also: Tips for SMBs Buying Cyber Insurance   Affinity partnerships, where a customer provides insurance products to its clients or membership, offer a clear and effective solution to this problem. By partnering with business services, professional organizations and brokers, insurance companies can begin to close the cyber insurance gap for SMBs. Insurance companies need to work with the groups that businesses trust most so that procuring a vetted cyber insurance policy is as easy as clicking “yes” on a form. Additionally, these organizations help businesses cut through the mass of policies to find the one that best fit their needs. Other classes of insurance excel with this model. As an example, shared work spaces that cater to young professionals entering the workforce have solved a common insurance conundrum by seamlessly integrating general liability and renters insurance into the lease. Cyber insurers can do the same with common business services, like cloud-based accounting or invoicing services. Insurers can partner with these larger organizations to embed their cyber policy right into the business contract. Lawyer or medical associations are another good example. They often review policies and services so that they can provide sound recommendations to their members. By working with an association to provide it with the policy that best fits its members or customers, insurers can help small and midsize businesses forgo the burden of reviewing many different policies. These organizations, as experts in the field, will help businesses opt into the cyber policy that fits their needs to ensure they have coverage. Affinity cyber programs can also offer businesses the comfort of a community. Organizations make things easier for member businesses by educating them on cyber risks and insurance terms that are specific to the coverage that “people like me” generally need. Working with brokers is an important aspect of an affinity strategy. There are around 29 million small businesses in the U.S., and most are drastically uninsured and underprotected. Brokers serve a wide number of clients, and, by partnering with brokers to design the coverage that best meets the needs of an affinity sponsor, insurers can reach many businesses through one partnership. A key challenge that insurance companies will face as they develop affinity strategies is education. With the average cyber attack of an SMB estimated to cost $160,000, many businesses that are the victim of an attack do not survive. But, just 33% of SMBs have cyber liability insurance. What few SMBs realize is that larger corporations often require cyber insurance to do business with smaller organizations, and it can be a surprisingly affordable and accessible line of insurance for SMBs. Insurance companies need to first work to educate professional services, professional organizations and brokers on the importance of cyber insurance to develop affinity partnerships. See also: The New Cyber Insurance Paradigm   Affinity organizations and SMBs will be looking for insurance partners that most effectively solve cyber risk. These groups will look at cyber insurers to see if they can provide broad coverage, quickly and accurately assess risk and offer prevention and monitoring tools, all at a competitive price. By working to educate groups on the importance of cyber insurance, and by forming affinity partnerships, insurance companies can help SMBs better manage their cyber exposure. Cyber attacks are not a matter of “if,” but of “when.” As the market for cyber policies increases and develops, insurers need to reach as many businesses as possible, and affinity partnerships can help close this gap and get SMBs covered.

Transforming the customer experience is a powerful way for an organization to shift and bring about quantum change, improving retention without huge IT investments that take years. A better customer experience will optimize operations, as well. In all my years of working in insurance and technology, I have never experienced anything with such power and potential as changing the perspective on customer experience. It all begins with shifting away from the traditional inside-out focus, driven by customer service, and flipping the lens toward an outside-in focus driven by empathy and the customer experience. And it does not matter who you call the customer: the policyholder or agents and other distribution partners, or even other stakeholders, as well. See also: Customer Experience Gets a Major Facelift   The new approach requires understanding the customers’ roles and motivations, goals and pain points to begin to have an empathy that drives a new and different operational response. That response must include a redesign for the ease and quality of customer interactions and deliver value in each and across all interactions. With empathy as an integral part of the lens, the conversation changes. With the common goal being the customer, silos are broken down, and organizations are changed. It’s quite powerful. SMA believes that eight customer-experience areas need attention and investment as your company launches into and matures in CX. Embracing customer experience throughout an organization requires transforming traditional strategies, workflows, processes and technologies in each of the areas so that they become an organic part of who you are, what you do and how you do it. The eight areas are: Advanced UX Designs, Customer Analytics, the Voice of the Customer Empowerment, Customer-Experience-Driven Metrics, Customer Journey Mapping, the Service Blueprint, the Customer Experience Playbook and the Culture Shift from Service to Experience.

SMA has recently released a report that assesses each area in terms of insurers’ investment levels, maturity levels, the business areas that will be most affected and current or emerging trends in each area for commercial lines insurers: 8 Critical Investments for Customer Experience Excellence: State of Commercial Lines Investments, Adoption and Maturity.

How to start? Education is the first step toward advancing and embracing customer experience across the enterprise. Understanding the customer is the only sure way to be able to provide customers with the experiences that they want – and the experiences that will cement the relationship of trust and loyalty between the insurer and the customer. See also: 3 Ways to Optimize Customer Experience   The importance of empathy cannot be understated. Every effort made by insurers to put themselves in the shoes of the customer will result in better customer experiences. And the goal to give customers excellence in service goes beyond supplying mere satisfaction. The key is to infuse empathy into the insurer-customer relationship. And that involves caring, understanding, personalization and commitment. The technologies, resources and initiatives deployed to this end will benefit the customers – as well as insurers as they position for success in the digital, connected world.

Life insurance might be the slowest vertical to adopt new technology, but it is not immune to changes that are affecting the industry. The market is changing, demanding insurance that’s easier to purchase, more personalized and tailored in a way it never has been before. A 2018 study by MarketWatch showed over 40% of Americans own no form of life insurance, making competition for this uninsured population fierce. The life insurers that find a way to evolve in meaningful ways will have an edge over the competition when it comes to customer acquisition and retention. Life insurers might consider adjusting how they engage the customer, such as through digital servicing and customer engagement that goes beyond a simple yearly bill. What’s clear to forward-thinking insurers is how pricing transformation presents a massive opportunity to stimulate growth in this regard. How the pricing process affects the sales process and customer experience Typically, pricing is only considered when a life insurer’s actuarial team is due to run a pricing exercise. The exercise generates a price that suits the insurer’s goals, it goes out to market and pricing is forgotten until the next exercise. However, the consequences to this approach can lead to carriers going to market with sub-optimal rates. See also: How to Resuscitate Life Insurance   Price's significance doesn’t diminish between pricing exercises. The market changes constantly, but the average life insurer’s pricing processes aren’t designed to keep up. How the pricing process exists today, and why it’s not working The problem with the life insurance pricing process boils down to how intensely manual it is. The standard pricing process used by most life insurers consists of an actuarial system and good old Excel. The actuarial system works as a projection system, modeling calculations and assumptions to deliver a price that incorporates strategic objectives. Excel works as a Swiss Army knife, incorporating policyholder and competitive data, as well as analyzing the results of the actuarial system. Life insurers’ actuarial teams run these two systems separately in a manual process, taking one set of goals/constraints set by the insurer and deriving the best price based on that specific setting. This is where the problem occurs. While this current system does work and has done so for a long time, it is sub-optimal, especially in a market as competitive as today’s. Remember that one set of goals/constraints that helps determine the sweet spot, the ideal price, for the market today? A life insurer can see exactly what price it needs at that specific moment, but no further. The system pinpoints one spot on a graph but can’t draw the trajectory it’s on. This trajectory has a name: the efficient frontier. Whenever an insurer creates a price with the traditional process, it's typically landing below the efficient frontier right off the bat, although the insurer might not necessarily realize this. The inability to see beyond the specific price this process creates also means an insurer’s ability to adjust based on strategic objectives may be limited. With the right pricing tool, a life insurer has the opportunity to see its entire range of possible prices based on the company’s financial goals, each slightly different depending on the constraints/goals. It’s the great "what if" scenario, except it’s every "what if" scenario all at once, clearly laid out for an insurer to analyze. The efficient frontier is the optimal pricing range depending on an insurer’s objectives; without it, it’s impossible to see the forest for the trees. How pricing transformation benefits a life insurer There isn’t a real downside. While some transformations or implementations can take years and millions to achieve, investing in the right pricing software, philosophy and process generates a significant ROI for insurers and quickly affects market position. See also: Selling Insurance in a Commoditized World   A flexible system that shows a variety of pricing strategies an insurer can take to maximize sales, margin or competitive position constantly enables experimentation to ensure pricing reflects the market, competitor pricing and consumer attitudes. Such a system even allows for the evaluation of an insurer’s strategic goals, and whether those are optimized for success in the market. All this can be achieved with minimal resources with the right pricing tool. Not only does it automate an intensely manual process, but it delivers more insights and flexibility and frees your actuarial team to focus on adding further value, with complex product pricing or long-term pricing strategy. The efficient frontier is the difference between having the perfect price 70% of the time and 100% of the time. Why not hit the bull's eye every time your product goes to market?

A tiger never changes its stripes. But is this true of life insurance companies? They’re good at selling through distribution, but there is a large pool of younger generations that must not be overlooked. This is where digital distribution comes in -- digitizing the whole process end-to-end, from improving the sales process through to identifying new target audiences. But how can this actually work in practice? And what are the barriers for life insurance firms? Digital distribution is often conceived of too narrowly – something akin to "we’ll market via social media," with little additional thought. In reality, the use of digital has multiple applications right through the whole sales process. First, there is the question of funneling new customers into the sales process - getting people aware, interested and to the door. The insurance industry has a real opportunity here to supplement its traditional reliance on agents and intermediaries with direct-to-customer marketing through all manner of online engagement. But rather a one-off initiative, long-term success depends on creating a virtuous cycle. Any company that moves into digital sales and marketing will find itself with an influx of new data. This needs to be stored, analyzed and used in a sophisticated way to inform future marketing, in terms of whom to target, how and when. It needs to be a continuing process. Second, there’s the sales process itself, which is still fairly archaic and often involves reams of paperwork with incomprehensible or irrelevant detail (from the customer’s point of view). Embracing digital distribution means giving new customers the ability to sign up to a policy in around five minutes maximum, via a simple, slick and intuitive mobile app that doesn’t overload the user with information. Third – and most often overlooked – is the role digital can play in engaging, retaining and upselling to existing customers, those who are already through the door. One example of this is what we call reciprocal intelligence, whereby, instead of the data flow being entirely one way (from customer to company), the insurer gives something back. For instance, if a consumer is using wearable apps to monitor fitness levels for a policy, the insurer should provide information back -- if the average resting heart rate has improved, or about the level of subsequent health risk that comes with certain lifestyles. See also: Digital Innovation in Life Insurance   The main misconception with digital distribution is that it’s all about replacing traditional marketing. In reality, it’s an opportunity to supplement the more traditional approaches and start to tap into an entirely new set of customers. The more traditional, agency-based model does still works well at engaging and selling to the type of customer it has always favored – asset-rich households. However, this pool of revenue is shrinking, and younger, less financially secure generations are far less inclined to purchase insurance through traditional channels. It is in tapping this relatively untapped pool of customers – and thus growing the overall pool of potential revenue – that digital distribution will come into its own. Another misconception is that digital distribution brings channel conflict. A few years ago, this was a dominating fear, and the main reason behind a lot of companies’ reluctance to adopt direct, digital models. But the fear was largely based on the misconception that both strategies would be targeting the same audience. This isn’t the case. On the contrary, embracing the digital side can make the traditional component more efficient and effective. The data and insights generated on the digital side can be used to inform and improve marketing and outreach on the traditional side in a way that was too expensive before. There’s more synergy than conflict. Of course, there are challenges for life insurance carriers looking to digitize. First is the question of technology and infrastructure, of making the investment required to ensure the company has the means to execute these quite unfamiliar, data-heavy digital strategies - whether that be through replacing or upgrading in-house systems, or through partnering with technology firms. There is also the question of talent and company culture. Fully embracing digital means processing large amounts of data, then knowing how to use it to maximum effect. This will require hiring people who are tech-savvy and know how to navigate, for instance, social media or data analytics. The skills and aptitudes involved are quite alien to many insurance firms and will involve hiring new types of employees at all levels. Any insurance firm that wants to do the work entirely in-house will have to, to some extent, become a tech firm – and that’s a big cultural leap. There’s also the inconvenient fact that insurance is not exactly the first sector that younger tech wizards think of when deciding on a career – firms will need to think about how to make themselves appealing to this kind of talent and bridge the gap. There is also the matter of digital distribution affecting the carriers’ risk profile. The main hazard from a risk perspective is the loss of human judgment when bringing customers onboard. The digital approach is about automation and volume – what comes through the door is a set of data points. There isn’t an agent talking to customers, getting to know them in a more rounded way. This is far from an insurmountable problem, but it does introduce the potential for new risks coming on board to not be screened as well as they would be via the traditional approach. It means learning new ways to screen for risks. The main things an insurer needs to understand about new customers are their financial status, their health and whether they truly need the product in question. This evaluation has to be done differently, rather than relying on the expert judgment of agents – any digital onboarding process needs to incorporate a way of both capturing and assessing information in a reliable fashion. This further underlines the point that digital and traditional should be seen as complementary rather than mutually exclusive – ultimately a human element will always be needed to address this type of risk. The key is finding a way to integrate the two, to ensure there’s an aspect of human intelligence built in. Life insurers are starting to embrace the shifting sands and are looking to digitize. Some firms want to build their own digital capabilities but recognize they don’t know where to start, and so they bring in a tech firm to advise. Other firms are partnering with tech firms to outsource the function. In these cases, the insurtech firm gets ‘bolted on’ to the insurance company, bringing its own talent and essentially acting as that company’s digital department. See also: A Game Changer for Digital Innovation The relationship between traditional insurers and smaller insurtech outfits has changed considerably over the last couple of years. Whereas many insurers initially thought they’d be competing directly against a new generation of disruptive fintech startups, a far more collaborative dynamic has now emerged. This makes a lot of sense – the two sectors bring very different yet complementary capabilities to the table, and have advantages with different markets and consumer audiences. Life insurers’ traditional revenue pool does have some life in it yet. But firms that are not just looking to survive but to thrive, at the very least, need to understand their customers better, and be more up to speed with modern consumer behavior. This doesn’t necessarily mean they have to go down the direct-to-customer route, but adaption is needed to unlock the efficiencies that digital can enable and to bring approaches in line with expectations consumers now have. Relying on traditional messages and systems limits the potential market, and will eventually be obsolete. Digital distribution is just one aspect of the modernization of the insurance industry that is, in the long run, inevitable. Those that don’t adapt will be left behind.

Having heard so many complaints over the years about insurance fraud and the need to combat it, I was stunned and horrified to read this piece by ProPublica on a health insurance fraud. The fraud was remarkably easy to set up and—the biggest surprise to me—insurers were in no hurry to stop it even though it involved tens of millions of dollars in fake billings, even though the fraud was simple to spot and even though whistle blowers were practically jumping up and down screaming as they tried to report the fraud.

Are we serious about attacking fraud, or are we just going to treat it as a minor cost of doing business and do nothing?

The short version of the article—which is worth reading for all its sordid detail but which will take you several minutes—is that a two-time felon set up a network of physical trainers and put out word that sessions were free because they were covered by insurance. What he didn't tell those who signed up for his workouts and gave him their insurance information is that he was going to bill the insurers for complex—and expensive—medical treatments. 

The mechanism was remarkably simple. To hang out a shingle as a sports medicine doctor, the fraudster merely applied to Medicare for what's known as a National Provider Identifier, in a process that only takes minutes. Medicare acknowledges that it does nothing to verify the information of applicants, yet having the NPI number let the fraudster bill some of the most sophisticated health insurers—Aetna, Cigna and UnitedHealthCare—for more than $25 million for 1,000 "patients" over four years. The fraudster collected more than $4 million from the insurers and from Southwest Airlines, which is self-insured but which has its benefits administered by United. 

The fraudster's ex-wife and her father had stumbled across evidence of the fraud and raised the alarm as much as they could but got basically no response from the insurers or from the Texas Department of Insurance.

When some of the "patients" saw paperwork indicating they'd received lots of treatment they didn't recognize--often for sessions they didn't even attend—they, too, pushed back against the health insurers. Eventually, the insurers acted—but tepidly.

They complained to the fraudster that they'd been overbilled, but simply said they'd recover the overpayments by deducting from future bills, somehow ignoring their knowledge that those future bills would also be for fraudulent services. Finally, the insurers blocked the use of the NPI number that had been used fraudulently. However, the fraudster had dozens, so he just began billing from a different NPI number. He wasn't sophisticated: He used his actual name and the same physical address, email address and phone number for all of his NPI numbers, so a simple cross-check could have found all of the fraudulent billing numbers. But the insurers never did a simple cross-check. 

It wasn't until four years after the fraud began that it was reported to the FBI. The fraudster was finally arrested in October 2017, quickly convicted and sentenced to nine years in federal prison. 

ProPublica says health insurers don't really care about fraud, even as they brag to clients about their diligence in guarding the clients' money. ProPublica says that prosecuting fraud is messy and that insurers can simply pass along the costs of fraud to clients through higher premiums or, in cases like Southwest, through claims that the self-insured company pays.

I hope ProPublica is wrong. Is it?

Cheers,

Paul Carroll
Editor-in-Chief

Generating a superior return on investment is crucial to any company’s longevity. It is essential for even the smallest company to use assets effectively to achieve profitability. Companies that rely on automated equipment most often have maintenance programs in place to insure functionality and productivity. In many firms, their main assets are their employees. Like those relying on equipment, these businesses need maintenance programs in place for their employees to ensure they operate at peak performance. Optimizing employee productivity is a topic of concern for all business owners. Few would disagree that providing employees the right tools is essential to achieving superior output. Items such as ergonomic workstations; training and guidance; and effective technology are tools that almost every company provides. You could call them mainstream items. Unfortunately, regardless of the tools provided to an employee, if employees' health status is compromised, their output will be reduced. An employee’s health and ability to function in the workplace are often directly related. This correlation is vividly evident in how the government views individuals with disabilities. For employees with qualified disabilities, the federal government requires employers to provide “reasonable accommodations” to aid the employees in successfully performing the duties of their position. Examples of reasonable accommodations include providing interpreters, readers or other personal assistance; modifying job duties; restructuring work sites; providing flexible work schedules or work sites (i.e. telework); and providing accessible technology or other workplace adaptive equipment. What can employers do for employees that do not qualify under the disability guidelines, but still have health-related conditions that compromise their work output? Visionary business owners tend to look outside the box for unique solutions and options. See also: Empathy Transforms Health Insurance   Employees can possess both physical and mental health conditions that directly affect their work production. Some employees are very open about their health status, while others tend to stay very private. The degree of assistance an employee seeks to manage a health condition can also vary greatly. Some choose to engage the support of a physician, while others may look to self-remedy. The spectrum is broad and very subjective. This poses a very challenging environment for an employer. Many individuals look to medications, in one form or another, to treat health conditions. If prescribed accurately and consumed in accordance with proper intake guidelines, medications can help an employee’s work performance. The negative symptoms associated with the underlying health condition become non-existent, thus paving the way for the employee to focus on work-related activities. However, improper medication adherence can exacerbate an employee’s health condition and result in, among other things, reduced productivity and high absenteeism. Medication mismanagement, whether it be taking too much, not taking enough or taking the wrong medication, can lead to an adverse drug event (ADE). Approximately 1.5 million preventable ADEs occur each year due to medication errors, at a cost of more than $3 billion. This direct health care-related cost is completely outside the costs incurred by an employer when an employee has an ADE. An ADE that requires a hospital admission is easily quantifiable from a cost perspective. However, those ADEs that are not as acute and do not require hospitalization, which are the most prevalent, can materially affect employee productivity. This financial impact is what the employer experiences. Accordingly, it is prudent to say any help an employer could provide to their employees to ensure the integrity of the employees’ medication adherence makes good business sense. Historically, small employers have not entered the arena of employee medication administration. Larger, self-insured firms, as a byproduct of their insurance platform, have participated, to some degree, in the employees’ medication administration. However, neither navigates to the granular level of medication adherence. There could be multiple reasons why employers have not chosen to address employees’ medication adherence. One of the biggest obstacles is the Health Insurance Portability and Accountability Act (HIPAAA). The HIPAA Privacy Rule legislation establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, healthcare clearinghouses and those healthcare providers that conduct certain healthcare transactions electronically. The rule requires appropriate safeguards to protect the privacy of personal health information and sets limits and conditions on the uses and disclosures that may be made of such information without authorization. The law is encompassing, and the potential liability to an employer for breaching it is substantial. See also: The Science That Is Reinventing Healthcare   What would be the outcome if new technology made it possible for employers to stay within HIPAAA guidelines while simultaneously providing all of their employees an unparalleled way to achieve medication adherence? The answer is healthier employees who produce more and miss fewer days. That time has come because the technology is available. Those visionary employers referenced earlier, specifically the ones looking outside the box for employee productivity solutions, know what a game changer comprehensive medication administration can be to their profitability. They can validate the value in providing their employees a system that embraces a support team environment, whereby family members and loved ones can help an employee with medication. They know how important it is for employees to take medications on time and in the proper dosage. They realize that timely refills mean continuing compliance and improved adherence. They understand that any positive steps they can take to help their employees with medication administration will be directly reflected on the company’s bottom line. Doctors prescribe medications for their patients. As a general rule, they do not provide them medication management tools. Further, insurance companies pay for medication. They also do not provide medication management tools. Those two scenarios combine to be the root of the medication mismanagement crisis currently being experienced in the U.S. Employers can be the solution. Because employees frequently obtain their health insurance from their employer, it just makes sense for employers to fill the medication administration void perpetuated by the current physician and insurance carrier inaction. It is time for employers to be a resource for their employees and provide them medication adherence solutions. Employee health is enhanced and employer profitability is increased.

In any given year, approximately 5% to 7% of U.S. auto and homeowners will file an insurance claim. For both customers and the insurance company, the claims process becomes a moment of truth. A satisfactory settlement is the ultimate deliverable that may ensure customer loyalty and retention. To work through the claims process efficiently and painlessly, a well-established and trusting relationship with customers is a must, and that begins with ensuring you are reaching policyholders with relevant, accurate and consistent communications. However, considering the many options available for how customers prefer to receive their communications, producing timely, clear and consistent communications can be more complicated than ever before. One area that complicates things is that definition of “the customer” is much broader today; it isn’t limited to the end consumer exclusively. Now, an insurer’s customer can be any individual who interacts with the policyholder, including claims representatives and other employees, the external partner network and the agents and brokers, who often own the relationship with the policyholder. Add to that the fact that we are now communicating with five very different generations of consumers, each with significantly different communications preferences. [See “Communication Preferences Vary by Generation of Insurance Consumer,” below.] The older generation of “maturists” prefers engaging in person, while centennials now entering the workforce grew up with the Internet of Things and prefer connected devices. Also, each generation tends to favor a certain set of channels or devices—and perhaps no one device exclusively. As their needs and lives change, so do their preferences. Many consumers want communications to move fluidly across several devices, and they want every channel to be able to provide the information they’re looking for, along with the ability to resolve any issue in a timely manner. From the perspective of the insurance carrier, the current state of customer communications has been complicated by the proliferation of communication devices and channels over recent years. As technologies have evolved, so have the methods of engagement, from face-to-face communications, to phone and fax, and now SMS text, email, mobile apps, social media and push notifications. While today’s options provide a range of choices, this evolution has hurt many organizations. To accommodate multichannel preferences, many insurers simply added specialized teams, so that they now have a web team, a mobile team, an app team—and all of them operating separately. While adopting a multichannel approach means an organization can deliver communications through multiple channels, it can also mean a lot of redundant work, resulting in inconsistent messaging across all channels and lines of business. For customers, this lack of integration and coordination means they may receive what appears to be conflicting or sometimes redundant information. Insurers may not know exactly what message a customer is receiving at any given time, which also limits the company’s ability to effectively track responses and achieve a true 360-degree view of the customer. This version of multichannel communication is different from omni-channel communications, which is an approach for sending customers consistent, centrally managed messages across all channels. Ideally, implementing an omni-channel approach lets you build a communication template once that you can then use across any channel to reach any destination device. This ensures a level of control over outgoing communications and consistency in messaging, allowing an insurer to present itself as “one company” in the eyes of its customers. Such technology also provides visibility into what is being sent and when to engage with customers according to their preferences. You can then further optimize customer communications by measuring and monitoring customer engagement and behaviors and adjust the touchpoints as needed. See also: Who Is Your Customer; How Is the Experience?   To provide a positive customer experience, insurers need to implement all the available channels to engage with customers and to understand the customer’s journey through the organization. One way to think about such a strategy is: Digital first, but not digital only. Continuing to invest in traditional channels is just as important for elevating the customer experience as it is to develop and use the newer channels. And, in both cases, it is important to gather data and insights along the way to understand each client’s individual needs and goals to continuously improve the customer experience within and outside of the claims process. A better and more satisfactory claims process depends in large part on the strength of customer relationships developed through interactions with your organization. Building long-term, trusting relationships lies in having the ability to communicate clearly and effectively. To achieve this, insurers must look for ways to integrate all communication channels to better understand and improve the customer experience. Organizations that have invested in a solid omni-channel engagement strategy have been shown to enjoy more customer loyalty and retention. And in the insurance industry, in areas where price and product may be largely the same among competitors, customer experience will always be a key differentiator in gaining and retaining business. Communication Preferences Vary by Generation of Insurance Consumer Here are the varied communication preferences of the five generations currently making insurance purchasing decisions. Keep these in mind when creating your customer communications: Maturists (technology non-users), who are now 75-plus years old, have always had a preference for face-to-face communications. For this generation, home ownership is a life goal, and they have often only worked for a single organization, likely focusing on specializing in a single career or job area. As they prefer to engage in conversation in person, their second channel preference is mail. Boomers (technology early adopters) came next and appreciate the value of a face-to-face conversation. However, they are more practical and understand this might be difficult to do consistently. This generation prefers phone calls if they are not able to communicate in person and are very comfortable making or taking calls from home or work. This generation saw economic growth, so it is no surprise they aspired to save, save, save and secure a financial future. They, too, were also quite loyal to their employer, but not to the job or career, often switching to different roles within an organization. Gen X (digital immigrants), born between 1964 and 1980, remembers the world before computers and cell phones and then, as adults, experienced the transition. They have adopted technology well and typically prefer SMS text messages and email over any other communication channel, using their computer or cell phone most frequently. Interestingly, from an employment perspective, this generation begins to move away from company loyalty to a loyalty to self, meaning they follow their career aspirations to whichever organization suits them best, often struggling to find the balance between work and life. Gen Y or millennials (digital natives) were born between 1980 and the mid-1990s. Having grown up with technology and lived through technology’s rapid advancement, they are keen to use social media and mobile apps on their personal devices to get information at a moment’s notice. They also move further away from the being loyal to brands or companies, from a work and consumer perspective, and they seek to feel connected to the organization they work with, not for…as well as with the brands they consume. They tend to make it known that they seek a connection to a brand’s mission, values and purpose. See also: How to Leverage Tech in Customer Communications   The youngest of generations—Gen Z or centennials (digital dependents)—are now entering the workforce. Currently ages nine to 23, this generation only knows the connected world, or the Internet of Things (IoT). Their communication preference isn’t just an app or device, but rather the connectedness of all of their devices—from wearables to smart home devices and smart phones. This generation understands the value of 3D printing, blockchain and more. Only a little is known about this generation as they are still young and studies are still underway, but generally they lean toward starting their own businesses and testing new ideas, while working several other jobs. And because they always have had access to technology and immediate access to information, they unsurprisingly aspire to retain and value privacy. What are the commonalities between the generations upon which insurers can rely? You will find customer-centricity is key to success, across your client base. This is done by adapting to the changing communication preferences and channels of insureds and claimants, enabling two-way communications and delivering a seamless experience. A communication approach that meets these goals can mean the difference between success and failure with today’s wide range of customers.

It’s a well-trodden truth in our industry that not all risks are created equal. And that, for insurers, some risks are riskier than others. But progress marches on, and new technologies mean new avenues of innovation for insurers to explore. And with that, the opportunity to drastically improve risk pricing around more complex perils ought to be a huge priority for many. The early signs are that current attempts to develop more sophisticated approaches to risk pricing are too often focused on a single area of improvement. As the pace of change continues to accelerate, only those insurers that take a more thoughtful, holistic approach to innovation around pricing risks – a three-pronged approach based on quality data, machine-learning and effective deployment– can be confident that they will make the strides required to remain competitive in the long run. Quality Data The first thing an aspiring innovator should consider is data. Of course, the more data an organisation holds, the better its chances of generating new insights, more accurately pricing risks and, ultimately, gaining an edge. It’s this thinking that sees so many insurers investing in new and interesting sources of non-traditional data. However, on average, the biggest gains come in the early stages of scale. When most of the factors influencing a customer’s propensity to claim have already been identified, returns start to diminish and additional data – while freely available – will generally have a lower predictive value. The sudden availability of reams of data has given rise to the misconception that all data is equally valuable and that it’s simply a matter of getting hold of as much as you can. In reality, the ratio of return on investment (in time and attention, if not money) soon hits a brick wall. So, while looking at large volumes of data can be worthwhile depending on the situation, getting more and more data for the sake of it should not be considered a strategy. On the contrary, most of the biggest gains will involve applying newer, sophisticated modeling techniques to existing, well-tested predictors of claim propensity. See also: 3 Steps to Succeed at Open Innovation   But of course, it’s still imperative to make sure this data is of the highest quality. One way to do this is by going direct to the consumer. This enables insurers to take control over the data they receive – asking the precise questions they need the answers to and receiving the data in the format they require, without interference by an intermediary. Best of all, datasets are continuously updated, and risk calculations can change accordingly. Machine Learning Insurers should also consider how they analyze their data. Most risk models are calculated using general linear models (GLMs) – and for those with smaller datasets, perhaps analyzing only the claims on their own book, this makes some sense. But as increased volumes of sophisticated data come into play, GLMs start to show their limitations. There is a visible ceiling to the number of interactions that a GLM can spot, and a human is needed to identify these interactions and rate them correctly. On the other hand, machine learning offers insurers the opportunity to interrogate larger datasets more quickly. And to identify emergent trends or patterns without the need for a hypothesis against which to test or much human supervision. Even better, the benefits brought by machine learning increase dramatically the more data an insurer has. There is little point in applying machine learning to small and simple datasets where a GLM would suffice. Those insurers that apply cutting-edge algorithms to belt-busting datasets unlock a distinct advantage over the competition. Not only do they have more data from which to uncover insights, they derive greater value from each data point, too. Effective Deployment Of course, it is one thing to have the best open-source machine-learning algorithms and apply them to the richest datasets. But it means nothing if insurers can’t quickly deploy their models into a live trading environment, in the highest level of granularity. Ultimately, any innovation around risk pricing requires insurers to get their algorithms out to consumers, on a machine learning platform that can make decisions in real time to quickly price risks and make a call on the level of cover that can be offered. Yet this is easier said than done. Many large insurers are wedded to legacy platforms that are difficult to get away from. And smaller firms can often deploy very effectively in their narrow niche but lack the expertise to do so in more complex product areas. Start small and scale Very few insurers today are making full, joined-up use of these three strategies, nor are many in the position to immediately do so. Agile and innovative insurtechs are making waves with machine learning platforms that enable fantastic analysis that they can take to the consumer at speed. But without the masses of historical claims data that traditional insurers have at their disposal it is very difficult for them to price risks accurately. And it is unlikely that many have the business appetite to incur the level of cost required to learn from their own claims experience over time. On the other end of the spectrum, larger insurers have the data, but moving to a new platform is a huge task, carrying commensurate costs and uncertainties. It cannot be done overnight. Some are starting to take a much more nimble approach through incubator models, with the idea of testing and developing the approaches aside from the core business in preparation for wider integration down the line. But of course, this carries the downside of creating another disconnected silo that will need to be brought back in later – it simply delays part of the problem. Like so many golden opportunities in business, the best approach is probably one of the trickiest to achieve– namely the creation of agile, empowered, cross-departmental working groups, incorporating data scientists, underwriters, compliance and IT security, all working collectively toward shared objectives. See also: How Machine Learning Transforms Insurance   Nonetheless, this is a journey that all insurers will need to go on – particularly those working in more complex markets like home and contents insurance, where the difficulty in pricing some risks presents an opportunity that is simply too big to ignore. Those with the wherewithal to take a smarter, joined-up approach to the transition have a rare chance to gain a substantial competitive advantage.