Leading a large organization of people is not unlike raising teenagers. At its core, the goal is to provide enough independence to allow growth and innovation and to fuel excitement about what people are doing, but at the same time to provide the necessary guard rails to help keep focus on the mission and prevent the stray person from getting too far from the flock and encountering danger. Parents are like the C-suite, and their approach to life, their leadership stamina and their commitment are key drivers in the family’s success. When a teenager makes a huge mistake, or perhaps even worse, does harm to himself or others, people often look to the parents. Are they good parents? Strict enough? Involved enough to know what’s going on? Participating enough to influence behavior? Modeling good values and social norms? The same is true when a business finds itself embroiled in scandal or accusations of wrongdoing. See also: How to Lead Change in an Organization   Incidents of sexual harassment in the workplace have dominated recent headlines. These examples are not in the gray area of whether there’s hidden bias impeding the path to promotion for women, or whether there’s a systemic gender pay gap, for example. These headlines include overt sexual behavior that most people readily agree is totally inappropriate at work, and that many judges and juries will likely find are illegal, as well. The managers at Microsoft’s Xbox division reportedly sponsored a party with scantily clad waitresses and too much alcohol. Uber has been accused of rampant sexism, sexual harassment and an untenable environment for women employees. Members of the U.S. Marine Corps reportedly have a Facebook site with 30,000 followers on which naked photos of female Marines are posted for all to see, comment on and share. Some of the naked photos were apparently taken without the subject female’s knowledge or permission, and some identify the women by name, rank and duty station. Sadly, these are just a few of the highlights. Examples are plentiful and span all industries. The first questions that came to my mind when I read these headlines are directed at the leadership of the organizations. Have those leaders done something to create or facilitate this behavior at work? Are their policies strict enough? Are those policies enforced? Do the leaders even know what’s going on in their organization? Are they modeling good values themselves? Sound familiar? Teenagers, even though the vast majority of them are wonderful, caring people of good character, don’t always exhibit those characteristics in their behavior. They are notorious risk takers and exercise poor judgment. Parenting them is hard. I’ve discovered recently that the biggest parenting challenge, however, originates not with my own teenagers, but with their friends’ parents. Let’s consider underage drinking. Studies show that the vast majority of students drink alcohol while still in high school. Locking up your alcohol, staying up late to chaperone gatherings in your own home or to greet your teenagers when they arrive home, imposing consequences when you discover your teenager has been drinking and even enlisting professional help if it’s a consistent problem requires stamina and commitment. It disrupts your own social life and your own freedom as a parent. Even more difficult, it draws judgment and scorn from other parents and from your teenager’s friends. If you inform other parents that their own kids are participating in drinking, you could end up being an outcast, and there will almost certainly be negative social consequences for your teenager. It’s hard. And if you don’t, the risks are too scary to imagine. Studies show that teenagers who drink are three times more likely to become addicted than people who start drinking later, and alcohol-related deaths among teenagers (already too frequent) are on the rise. Nonetheless, studies also show that most parents will throw in the towel and ignore the drinking, decide not to inform other parents, fail to follow through with consequences and accept that it’s “normal” for teenagers to drink. My teenager, after all, is a “good” kid. Creating a workplace environment that is hostile to sexual harassment is also hard. Even though the vast majority of men are wonderful, caring people of good character, when together in groups there can easily be a high incidence of inappropriate sexual behavior that is deeply disturbing (and illegal) in the workplace. Corporate leaders may either be unaware of it or may condone it. Either is problematic. Reporting incidents of sexual harassment, or punishing employees who engage in it can draw judgment and scorn from fellow leaders and very often results in negative social consequences for both the victim and the leader. When the consequences of speaking out affect career advancement and rewards, the impulse to stay out of it or ignore it altogether can be overwhelming. And yet the consequences of failing to speak out and stand up to sexual harassment in the workplace can kill your business. Sound familiar? There is a simple solution that will at least eliminate the headlines we’ve seen lately, even if it doesn’t address the whole problem: no safe sex in the workplace. Period. Sex is a personal and private activity that has no place at work. We as humans easily understand that there are certain environments where sexual behavior by adults is always inappropriate. For example, you would be hard pressed to find a person who thinks it acceptable to expose preschoolers to strippers, pornography, aggressive propositioning or naked pictures of parents. Consequently, we don’t do that in preschools, and not because adults suddenly don’t enjoy that type of behavior on their own time, and not because the people who do enjoy that behavior are not “good” people. Instead, adults recognize that preschool is a safe zone in which adult sexual behavior is not appropriate or welcome. A similar mindset at work would be extremely effective in eradicating offensive and illegal behavior. No strippers at work gatherings. No passing around naked pictures of colleagues. No standing by quietly and watching your colleague or boss harass a woman in his organization. Work needs to be a safe zone in which sexual behavior is not appropriate or welcome. See also: Is Your Organization Open to New Ideas?   A plethora of books about how to be a good parent and how to succeed as a corporate leader are readily available. You can read thousands of pages about which seven habits are most important and effective. I offer a simple tip that applies equally to parenting and leadership. It is hard. The consequences of getting it wrong are significant. But when it comes to the big stuff, there are no shortcuts. Stand up to the potential negative social impact and stop your teenager from drinking. Stop your colleagues from bringing sex into the workplace. You will be very glad you did.

“Hello, undefined: How are you?” We’ve all seen bad marketing emails where what was supposed to be a personalized greeting or communication goes terribly wrong. These failed attempts at personalizing the customer experience have the exact opposite effect that they are supposed to when the data is bad. It would be better to go back to the rules we use in face-to-face communications: If you can’t remember someone’s name, better not mention it at all. The same high standards apply to marketing principles in the insurance world when you aim to personalize interactions with policyholders. You have to get it right. Today, customer expectations are at an all-time high. Personalized experience is a key differentiator that sets insurers apart, but they really only have one shot to get it right. One slip-up can spell disaster for customer loyalty and brand reputation. See also: How the Customer Experience Is Shifting   Recently, I got my renewal package for my homeowner’s policy from a large insurer. In big bold typeface, I was greeted with, “Thank you for being our customer since 1989.” Okay … but I have had a homeowner’s policy with this insurer since 1980! In 1989, we sold our first home and bought a second home. So, I can understand a different location or possibly a different policy number, but I am still the same customer! I got fixated on how the company could be wrong. It is clear that insurers manage customers by line of business or a policy number in a policy admin system, not by customer data. Then, I started to examine the entire renewal package, and the company was adding new benefits and coverages in simple language – those were positives. But I could not get past the front page. The overall quality of the renewal document was marred by the flawed opening. So, to insurers, regardless of your size, if you want to personalize, you'd better get it right. Never assume personalized, exported data is correct. You must be sure of it. In my case, a simple tweaking would have been all that was necessary to rephrase the statement, “Thank you for being a customer at this address since 1989.” As a customer, I expect more. As insurers, we should demand more, provide more and ensure that personalized data is right. Otherwise, you look sloppy, and the veil into your organization (or lack of organization) is lifted. Don’t be another bad data story, and don’t make your customers feel undefined when they interact with you. See also: 5 Key Customer Experience Trends   After all, first impressions still count, big-time. Customer loyalty can change as quickly as you can say, “Hello, undefined…”

Casualty 2.0 is a claims management blueprint for bringing together technology, data, skill development and process to control loss costs in measurable, strategic ways. It is also a path to building strategies for operating expert casualty organizations. The property and casualty industry pays out more than an estimated $100 billion a year to resolve personal injury claims. Numerous factors affecting the investigation, evaluation and resolution of these claims have been changing, making them more complex and more expensive. These factors include inflation in medical costs driven by higher pricing, more services and complications in evaluating pain and suffering, driven by multiple injury diagnoses. New laws and legal doctrines create nuances for adjusters and managers to consider. Containing the cost of settlements is not getting easier. In the midst of this rapidly evolving environment, leaders operate without effective reporting and measurement, with aging and disjointed technology, in the absence of formal training and proven practices. Casualty organizations are falling behind. Casualty 2.0 combines four disciplines that must work together for effective containment of settlement value. These disciplines are data and reporting, technology, process and adjusting skill. See also: Examining Potential of Peer-to-Peer Insurers   Data and Reporting: Build data for measuring “what” and “why” Most casualty organizations are confined to very limited and not-so-useful data. Measurement, when it is available, is confined to items like average payment, average cycle time and counts of new and closed claims. These measures are starting points but leave so much unanswered that they are poor guides for improving performance. For example, if average payments have gone down….is that an indication that accuracy has improved? Or that easier cases are settling, leaving the more difficult and expensive cases in inventory? Peter Drucker, the famous management expert, put it succinctly when he said, “You can’t manage what you can’t measure.” Without measures, the management process is reduced to focus on one case at a time. Strategic insight cannot be developed from this level of information. In Casualty 2.0, we examine the core data and measures that every company needs to lead. Technology: Use technology to build and resolve a holistic, integrated case Technology is the window into data and the mechanism for aligning process. It is also a means to developing skill. Casualty organizations are significantly challenged in using technology this way as they work in a fractured environment of point solutions. They use a combination of core claim systems, document management systems, Word documents or Excel files and other ancillary applications like ISO’s claims indexing. In some cases, medical bill review systems are also used. This mixture tends to generate activity about the parts of a claim without building a picture of the whole claim. The result is claim information residing in many different applications. The sum of these parts doesn’t add up to the whole. It is not possible to systematically evaluate performance by looking at claims investigation, evaluation and negotiation holistically. For example, what do you pay in settlements for medical bills and why? Pain and suffering? How frequently does liability play a factor? How much variance is there? Which adjusters produce the best results and why? Not only is it difficult to use the data your adjusters have spent so much time compiling, but the current approach also mandates “processing” activity over “adjusting decisions.” The use of “unstructured” data like claim notes not only harms data insight but also is not useful in managing process. Casualty 2.0 moves technology from documentation and data collection exercises to supporting judgments in a single, integrated solution. Creating a holistic and integrated view of liability, pain and suffering, medical, etc. isn’t convenient, but it’s necessary to controlling the overall settlement value AND building adjusting expertise. Process: Work from a core skill set Casualty organizations look for adjusters who are experienced in casualty handling. Training is seen as beneficial, but most organizations lack the budget to build effective programs. The result is skills that are developed “on the job.” The lack of structured training makes tenure attractive. But tenure is not a standard of skill. Tenure, in our experience, is far from a guarantee of a good result. Most claims leaders we speak with agree. With tenure comes a mix of adjusting approaches as well as knowledge of uncertain origin, not a consistently reliable claim outcome. See also: One Foot In Healthcare: Property And Casualty Payer Integration   Some standards for knowledge and skill are needed. For example, in an industry more and more driven by medical inflation, demonstrated knowledge of the process and guidelines for assessing and treating a patient are “must haves.” (Also see our blog on “Injury Evaluation Tips.") We’ll be writing about the core casualty skill set and how to turn this knowledge into real cost containment. Adjusting Skills: Implement practices with proven impact on controlling settlement costs In the thick of multiple applications and demanding productivity expectations, adjusters end up “processing” claims rather than “adjusting” them. Procedures are developed that outline the tasks that should lead to a good solution. Each procedure makes sense in its own right, but they often don’t lead to effective decisions that contain settlement value. Best practices are not just “logical,” they are practical and measurable. For example, checking ISO for prior claims and challenging the legitimacy of an injury in low-impact cases are good practices. The practices that convert this information into measurable cost containment are the best practices. Standards and practices that produce the best results are developed by addressing how judgment should be applied, capturing the use of this judgment and using it to demonstrate, through data, that it produces better results. Standards are not a matter of design, but of demonstration. Casualty 2.0 uses proven practices as best practices.

New-business sales and servicing has received increased attention from insurance carriers in recent years, and with good reason. Insurers that provide tools and resources that make it easier for agents and brokers to quote and retain clients have a better chance of return business. A key way to accomplish this is through agent/broker portals and exchange sites. Typically web-based, these portals support the sales and service function of a carrier and aim to improve efficiency in business processing through functionality that authorizes an agent to easily quote new business as well as service in-force business. With a new wave of millennials entering the workforce, and an entire generation of baby-boomer knowledge holders preparing to leave, distribution management is poised for redefinition along with the rest of the industry. The digitization of core systems is largely underway and is now reaching out toward distribution channels, offering insurance companies a chance to help define what E&Y refers to as the “agent of the future.” See also: How Insurtechs Will Affect Agents in 2017 The extent to which these agents and brokers will be successful will depend on the ability of both agent/brokers and insurers to adapt and collaborate. Distribution channels need to be willing to adopt new practices, tools, and processes to adjust to changing regulation and customer-centricity. Insurers that inquire into the needs of agents and brokers, and implement portal solutions that address them, can improve business processes and possibly establish a competitive edge. Craig Weber, CEO with Celent, an independent technology research firm, agrees: “Insurance carriers are starting to more aggressively seek out solutions to help them improve operational efficiencies and deliver better service to customers. In terms of distribution, independent agents have made it abundantly clear that underwriting speed and process support often drive their decisions to place business with one carrier versus another.” Digital distribution models offer a new array of opportunity for usage, gathering and transfer of data. When insurers provide agents with access to data in the form of quotes, illustrations and marketing material, turn-around times can be significantly enhanced. Simultaneously, data gathered by agents during the sales process (CRM) can populate new business, policy and administration systems, reducing the need to re-key information. Valuable analytics on channel activity and performance can further inform insurers by highlighting top producers and indicate where more support might be needed in the Agent/Broker Portal or exchange site. IT departments have historically had to develop these portals themselves, but insurtech vendors are responding to the increasing demand. Here is a list some of the standard agent portal features and functionality to watch for in your solution. Because core insurance technology platforms are as varied as insurance companies themselves, portal and exchange site requirements and solutions are bound to reflect this complexity. Nevertheless, it is in the carrier’s best interest to make the agent/broker experience as easy, even enjoyable, as possible by including the features and functionality that producers, and insurers, need. See also: Find Your Voice as an Insurance Agent Insurance companies, as well as offering agent/broker portal functionality, are often tying their own sales and underwriting system into both portals and exchange sites. Exchange sites are numerous and are usually insurance-product-specific (P&C, individual health and life, or employee benefits and ancillary benefits). The more an insurance company can streamline with straight-through processing across various digital media the better and more cost-effective the solution. FutureTech and Business Transformation Additional and emerging technologies such as AI, robotics, sensors and predictive data and adoption of digital self-service portals will all play a role in defining the “agent of the future” and the systems that support them. The digitization of distribution is one of many aspects that insurers must consider as business systems transform. If undertaken strategically, with insight from stakeholders, digitization could yield a substantial return for insurers, agents and the customers they serve.

Institutional investors are set to make bigger bets on riskier assets during 2017 in pursuit of higher returns, according to a new report. “Faced with greater volatility and continued rate pressures, [institutional investors] appear to be doubling down on their bets by increasing allocations to equities, private equities and other high-risk assets seeking to generate returns,” says the report from Natixis, the global asset management firm. The report surveyed 500 decision-makers at global tax-exempt institutional funds holding the purse strings for assets earmarked for pension payouts, insurance settlements and funding for endowments, representing $15.5 trillion. Despite a market environment buffeted by political, geopolitical and regulatory uncertainty, 70% of those surveyed believe their return expectations for 2017 are achievable. However, 75% of respondents believe investors “might be taking on too much risk in pursuit of yield,” according to Natixis. See also: 4 Steps to Integrate Risk Management   “Faced with prospects of increased volatility, six in 10 institutional decision makers believe they are prepared to handle the risks in 2017,” the report says, “but given the economic complexities, coupled with ongoing political upheaval, only 2% offer up strong convictions in their ability to succeed in this critical endeavor.” Market volatility poses the biggest risk to portfolio performance, institutional managers said, with 62% saying they were confident in their ability to manage such risk. The top organizational concern, however, is low yield. Given the uncertain investing climate surrounding today’s global markets, “few institutions are relying on traditional portfolio strategies to meet their performance goals,” Natixis said. “Instead they are increasing their exposure to equities and alternatives and turning to illiquid assets and the private markets for risk-managed return generation and yield replacement.” The top challenge for these organizations in 2017 looks to be balancing growth objectives with short-term liquidity needs, according to 60% of respondents. The second-ranked challenge is gaining a consolidated view of portfolio risk (46%), followed by complying with new regulations (39%). “While risk factors change over time, the challenge for institutional investors remains to deliver long-term results while navigating short-term market pressures,” said David Giunta, Natixis’ president and CEO for the U.S. and Canada, in a statement. “Given their mandates, avoiding risk is not an option for institutional investors,” Giunta said. “They have to beat the odds or change the game, and they are doing so by balancing risks and embracing alternatives to traditional 60/40 portfolio construction, but always with an eye on their long-term objectives.” Half of the respondents cited market volatility as the biggest risk to performance in 2017, which was followed by geopolitical risk (43%) and interest rates (38%). Most respondents said they were confident of their ability to meet their long-term liabilities; however, they weren’t all that confident in their peers. Some 62% think most institutional investors will fail to meet those commitments. Sixty-nine percent agree that “traditional diversification and portfolio construction techniques need to be replaced with new approaches,” Natixis said. Managing risk is a pressure that “cannot be underestimated,” the report says. And in doing so, managers are “hedging their bets,” the report says. Nearly 70% of institutional managers surveyed said they “are willing to underperform their peers to ensure downside protection,” the report says, noting that just 54% of respondents believe that portfolio diversification “can provide adequate downside protection.” See also: How to Outfox Our Brains About Risk   Other findings in the survey include:

• Sixty-seven percent of institutional investors think private equity provides higher risk-adjusted returns than traditional asset classes, and more than half (55%) believe private equity provides better diversification than traditional stocks. The three areas they consider most promising are infrastructure, healthcare and the technology, media and telecom sector.
• About one-third (34%) of institutions report that they are planning to increase allocations to real assets, including real estate, infrastructure and aircraft financing, in the next 12 months. As seen with their broader views on private markets, 63% of institutional decision makers’ primary goal for investing in real assets is earning higher returns.
• Half of institutions (50%) report they are increasing exposures to alternative investment strategies this year. The adoption of alternative investments isn’t limited to growth portfolios, as 77% of respondents say alternatives have a role in liability-driven investing, as well.

By seeking to meet risk/return objectives, decision-makers are going outside their own team to tap into specialized capabilities. Four out of ten institutions (42%) are outsourcing CIO or fiduciary manager tasks. “On average, those organizations that outsource have turned over management for 37% of their total portfolio,” Natixis said. This article was first published on BRINK.

This is Part Two of a two-part series focused on helping data insight leaders plan for GDPR. Find the first part here.  With the EU-approved General Data Protection Regulation (GDPR) set to be implemented in the U.K. on May 25, 2018, GDPR must be a consideration for all insight leaders. In the first post, we focused on needing to check your potential exposure with regard to these topics:

• Higher standard of what constitutes consent;
• Challenges if using “legitimate interest” basis;
• Permission needed for profiling and implications; and
• Data impact of people's right to be forgotten.

Is there more to GDPR than that? I mentioned in my first post that I was concerned about an apparent complacency regarding GDPR readiness. After talking further about this with some leaders, I believe that one cause is risk and compliance teams advising that GDPR isn't as bad as feared. This means there's a danger of potential threats “falling between two stools.” Let me explain. From a risk-and-compliance perspective, many of the principles in GDPR aren't hugely different from the existing U.K. Data Protection Act. Many of the changes come through greater evidence requirements and more specific guidance regarding what is expected in specific situations. For that reason, I can understand compliance experts not seeing the need for vastly different paperwork. However, leaving such an assessment to that team risks missing critical implications. One of the reasons that insight leaders and data teams should get involved in discussions about GDPR is to spot technical/data/system implications of change. What may seem to be simply a clarification of language to a compliance expert sometimes has far-reaching implications for company data models and how data will be used or stored — for instance, the rights mentioned in Part One with regard to withdrawing permission for profiling (or the “right to be forgotten”). Most businesses’ existing data models will not currently cater to the new fields, and separation of records is required. So, although wading through EU legal language may not sound like a fun day out, it's worth data insight leaders and their teams talking through practical implications with their risk and compliance advisers. Here are some other considerations for you to discuss. Data model impacts from GDPR The reason for titling this topic “Data model impacts” rather than “Database impacts” is our advice to maintain up-to-date data models for your business that give you independence from specific IT solutions. Whatever this is called, data insight leaders will want to identify any impacts to their data structures and any changes that may be needed to enable compliance ASAP. See also: Missed Opportunity for Customer Insight In our first post, we touched on both the need for consent (to marketing and profiling) as well as the need for evidence of this. There are further considerations. Applying meaningful data-retention policies that can be justified as reasonable requires knowing the recency of such consent. In addition, data-controller responsibilities require the capturing and storage of consent data within any third-party sources of personal data. Even the current Information Commissioners Office (ICO) guidance (before it was updated for GDPR) makes clear:

• “Organizations should therefore make sure they keep clear records of exactly what someone has consented to.”
• “Organizations may be asked to produce their records…”
• “Organizations should decide how long is reasonable to continue to use their own data and more importantly a third party list.”
• “As a general rule… it does not rely on any indirect consent given more than six months ago.”

Do your data models capture that granularity of data permission (what and when) and hold it against both internally captured personal data and any you may have purchased from third parties? Data Protection Impact Assessments (DPIAs) Data and analytics leaders within businesses often complain to me about not being consulted by internal project teams. It seems all too often the data implications of projects (especially on downstream systems like data warehouses) aren't considered or are de-scoped from testing. This can result in considerable rework and in the worst cases to inappropriate marketing or customer contact. Data Protection Impact Assessments (DPIAs) are intended to protect against such unintended data changes. Previously only recommended by the ICO, the GDPR is more explicit in what is expected: “DPIAs to be carried out if the planned processing is likely to result in a high risk to rights and freedoms of individuals — including where processing involves ’new technologies’ or ‘large-scale processing.’” So, what do you need to do for a DPIA? Basically, it’s an investigation to identify how such risks will be mitigated. Could the planned systems changes produce effects on either data stored or on use of data that would breach the GDPR? Is monitoring required to avoid this? Given that the ICO is due to publish a list of the kind of processing operations that require DPIAs, it’s worth planning for them. As a quick checklist, you should seek to answer these questions regarding your DPIA:

• What is the possible risk to individuals from changes (to systems, processes, etc.)?
• What is the risk of non-compliance with GDPR? (Consider all the topics in our two posts.)
• Which principles and regulations might be breached?
• Is there any associated organizational risk? (E.g. reputations at risk if goes wrong?)
• Who should be consulted? (This includes third parties and teams using personal data.)

One final point:  Within the GDPR guidance, there's also an expectation of being “designed for compliance.” There's far less tolerance for new systems not being designed to store and use data in line with GDPR rules. So, it's well worth reviewing any current and planned projects to ensure they are allowing for the data fields and checks that will be required. Don’t try to use the opportunity to blame legacy systems. Record-keeping and contracts (What should these cover?) Financial services firms will be used to the record-keeping requirements from other regulations (including FCA’s Conduct Risk). Another area where GDPR goes further than previous rules is in the expectation of records being kept. If a data controller or data processor has more than 250 employees, “detailed records of the processing” need to be kept. SMEs (fewer than 250 employees) are generally exempt, unless the processing carries a “high privacy risk” or involves “sensitive data.” So what records must you keep? As a rough guide, it’s high-level records on policies and people, including:

• Name and contact details of data controllers and DPOs (more about them soon);
• Purpose of processing;
• Classes of data (e.g. personal, sensitive, product, etc.);
• Details of recipients of data;
• Details of any overseas transfers;
• Data retention periods (replying on date stamps on data items); and
• Security measures in place (data access, authentication, etc)

As an aside for insight leaders, recognizing the need to keep all these records prompts me to speak up about the need for better knowledge management solutions. Previously, I made a plea for more emphasis on metadata. Given that insight leaders also have a challenge to retain analysts and the insights they have gleaned while working there, an easy way to store insights and data as well as data about data is clear. However, despite years of variants of database, intranet, groupware and other potential solutions, most businesses still lack a routinely used knowledge management solution. I hope the success of products such as Evernote will prompt more complete solutions. Data Protection Officers (DPOs) (Do you need one, and what should they do?) Over the course of reading these two posts on GDPR, you may be beginning to wonder who carries the can. In other words, who is liable to go to jail or be prosecuted if this work is not done? The answer, for many firms will be the Data Protection Officer (DPO). Far from being a scapegoat, the DPO is intended to be the internal conscience — akin to an internal audit role in helping prevent breaches. The ICO was previously silent on any formal need for such a position, despite the growing popularity of appointing Chief Data Officers (CDO). At one stage, it was expected that GDPR would require every organization to have a DPO, but the final wording was more tolerant. The following have to have DPOs:

• Organizations where processing is “likely to results in a risk to data subjects”;
• Organizations involving large-scale monitoring or sensitive data (ICO guidance should clarify); and
• Public authorities or bodies.

A DPO is required to have the requisite data skills, and their details should be published to encourage contact with data subjects. But there are also protections to ensure the DPO isn't brought under undue internal pressure. The DPO isn't to be instructed how to carry out the duties. DPOs may not be dismissed or penalized for performing their tasks, and they have to report directly to the highest level of the organization. Given that freedom and responsibility, it isn't surprising that a number of businesses will ask their CDO to take on the DPO role, as well. See also: It’s Time for a New Look at Metadata   What are DPOs expected to do, then, if they can’t be over-guided internally? Well, this:

• Inform and advise data controllers to ensure compliance;
• Monitor compliance with GDPR;
• Provide advice to others where requested (e.g. DPIAs); and
• Cooperate with the ICO, including notifying the ICO about any breaches.

Given all the concerns, it's not surprising to see a growing industry of data breach insurance. However, it’s worth reading about the requirements. Many require very stringent internal controls and may not pay out if any insider collusion is identified. How are you preparing? Do you have any tips? Only time will tell how the ICO operates under these regulations and how firms respond. So, it’s the start of a journey — but I encourage all data insight leaders to start that journey ASAP. Please do also share what has worked for you. What have you found useful in thinking through the implications for your organization? Are there any tools or tips and tricks that you’d recommend? As ever, we’d like to encourage the Customer Insight Leader community to share best practice and help improve our profession. For further information — and perhaps a next step — I’d recommend the training and certification provided by the IDM. I’ve completed both and found them very useful.

“Fake news” is a hot topic in the wake of the 2016 election. We’ve found ourselves questioning articles we read before we share them on our Facebook page or tweet it out to our followers. The internet is littered with stuff like the “Pope Francis shocks world, endorses Donald Trump for president” story, and it can be frustrating and time-consuming trying to determine if the news you’re reading is fake. Similarly, many insurance marketers are challenged each day with the frustrating and time-consuming task of separating “fake leads” from legitimate leads. Agents refer to low-quality leads as aged leads, fraudulent leads, manufactured leads, manipulated leads. Whatever you call them, they are leads sold to you that should not be sold at all. Those who are not following through on promises made or adhering to the directives in the ping post ecosystem are perpetuating this problem. See also: Don’t Believe Your Own Fake News!   Nothing diminishes agent morale more than when customers say they never filled out a form or they filled it out two months ago. Our recent work with insurance providers in examining the origin and history of leads purchased has revealed that as many as one out of every three leads are from consumers having no, or very low, intent. Without clarity into the lead generation process and where consumers are in their purchasing journey, agents and carriers are often subject to fake leads, aged leads, a negative customer experience and ultimately, wasted spend and wasted effort. Additionally, if a consumer never filled out a form (or did so months ago) and receives calls, insurance marketers are ripe targets for TCPA lawsuits. As Jornaya clients have found, including one auto and home insurance company that shared its experiences in a recent case study, two key metrics that are especially effective in gauging consumer intent are lead duration and lead age. Lead duration is the amount of time it takes a consumer to fill out a lead form, from the moment the first form field is filled out to the moment the form is submitted. A lead form that was filled out in less than five seconds is probably not a real person, likely the work of a bot, or automated program. For recent aggregated data from insurance clients, we found that 17% of leads had a duration of under five seconds! Generally, our clients have found that consumers who took two to 60 minutes to fill out the lead form had a much higher likelihood to convert. Lead age is the actual, measurable time from the instant a consumer submits an online lead form -- i.e., when the lead was born -- to when the agent receives it. Many leads that carriers and agents buy are actually much older than advertised. For recently aggregated data from insurance clients, we found that 13% of leads were more than one week old! Typically, leads that were more than an hour old had a much lower propensity to convert. Armed with new consumer journey intelligence, insurance marketers can work more confidently with lead providers to improve these metrics or take action on the data to only buy leads that fall within the ideal duration and age parameters and then reinvest those dollars in better leads. So, what now? We have partnered with lead generators and aggregators to lead the charge in minimizing the bad leads, and we are working to recruit additional partners to the effort. We’re also partnering with a growing number of insurance carriers and agents to initiate actions that will expose and minimize the impact of bad actors in the insurance lead gen space. This will have a positive impact on the ecosystem in a variety of ways:

1. It will help lead buyers spend less time and money on no-intent leads. This will foster higher performance because those brands can spend more on leads feeling confident that they are higher-quality. This also means that they can scale their lead programs confidently without worrying about strong starts that go awry once they start to scale.
2. Lead sellers will be confident that everything will become more efficient and effective for every lead they exchange with the ping post ecosystem. They will have fewer returned leads from buyers, which will allow them to accurately forecast monetization and improve their matching decisions. Not to mention that their lead buyers will be more satisfied with their service and increase demand for more leads. New insurance providers will initiate lead-buying programs, and carriers and agents that stopped buying leads will jump back onboard.
3. There will be less TCPA exposure for all the players in the ecosystem.
4. The fake leads will not survive - they will be flushed out, exposed and eliminated.

We’ve already seen first-hand how knowing where consumers are in their shopping journey can help brands drastically improve their lead programs and results. We look forward to expanding partnerships on both the lead seller and buyer sides and returning to the original promise of a great experience for the consumer and insurance provider. See also: Are You Still Selling Newspapers?   For more information on improving lead quality in your insurance marketing lead generation programs, read our white paper How Insurers Can Hit a Lead Gen Home Run.

A common recommendation to combat the current opioid epidemic is to provide physicians with opioid prescribing guidelines. Opioid guidelines synthesize the available research to inform judicious prescribing behaviors and safe dosages when opioids are needed. Given the seriousness of the opioid epidemic, it is not surprising that multiple organizations currently produce opioid prescribing guidelines. Opioid guidelines are based on evaluations of the research, but the guidelines themselves need to be evaluated critically, as well. Guideline Evaluation Fortunately, there are multiple standards currently available to evaluate guidelines, including AGREE (Appraisal of Guidelines, Research and Evaluation), IOM (Institute of Medicine), GRADE (Grading of Recommendations Assessment, Development and Evaluation) and AMSTAR (A Measurement Tool to Assess Systematic Reviews). For example, the AGREE consortium’s latest standard (AGREE II) provides a 23-point checklist covering six domains: scope and purpose, stakeholder involvement, rigor of development, clarity of presentation, applicability and editorial independence. While some AGREE II domains are obvious criteria including “rigor of development” and “editorial independence,” other domains such as “applicability” are less obvious but important. See also: Who’s Going to Pay for the Opioid Crisis?   For example, one part of “applicability” is about providing advice or tools for translating recommendations into practice. This point is important considering opioid prescribing guidelines will only work if practitioners can integrate use of the guidelines into their workflow and can apply them effectively to the appropriate individuals. Most chronic opioid users’ first exposure to opioids is through a physician’s prescription, and physicians’ opioid-prescribing patterns have been shown to be associated with opioid abuse and deaths. Therefore, preventing unnecessary first exposure to opioids is crucial. Guideline standards have shown that not all opioid treatment guidelines are of equal quality. For example, Nuckols et al. (2014) assessed 13 opioid guidelines using the AGREE II and AMSTAR instruments. The authors found AGREE II scores ranged from 3.00 to 6.20 on a 1 to 7 scale, and AMSTAR ratings ranged from poor to high. Four of the guidelines were “recommended against using … because of limited confidence in development methods, lack of evidence summaries or concerns about readability.” This research proves that the quality of opioid guidelines does vary. The National Guidelines Clearinghouse (www.guideline.gov) is a publicly available resource that provides summaries of guidelines that comply with IOM standards. Although not all guidelines are available free on the National Guidelines Clearinghouse website, it could be a good starting point for finding organizations with guidelines that adhere to a guideline standard. Jim Smith’s Story Jim Smith’s occupational injury provides a useful example of how being prescribed opioids contrary to high-quality treatment recommendations may lead to serious health and economic consequences. Jim is a 38-year-old construction worker who suffered an extremely painful lower back strain while attempting to lift a heavy box. Against most guidelines’ recommendations, he was treated from the start with a long-acting opioid, on which he became first dependent and then addicted, taking increasingly higher doses. Even on doses exceeding most guidelines’ recommendations, Jim still suffered from pain and limited mobility. In addition, he began to require supplemental medication to treat the side effects of his opioid use, such as constipation. He subsequently underwent surgery on his lumbar spine, which did not provide him relief from his pain, and he ended up a chronic user of opioids, permanently disabled and housebound. If Jim had been treated according to any of the current, high-quality opioid treatment guidelines, he would not have received a prescription for an opioid as an initial measure. He would have been counseled to try over-the-counter medications such as ibuprofen or acetaminophen, sent to physical therapy, prescribed exercise and perhaps offered a course in cognitive behavioral therapy (CBT). If opioids had been truly necessary in the acute phase of Jim’s injury, he would have been prescribed a limited course and then been gradually tapered off. See also: 3 Perspectives on Opioid Crisis in WC   Conclusion It is very important to find guidelines that both reduce initial use of opioids and serve to guide the physician in tapering chronic opioid users off these drugs. For someone who has been on opioids for a long time, the tapering process could take many months or years, and there could be both physical and psychological complications during the taper. The process for weaning someone off chronic opioid usage will be discussed in the next article in this series. In conclusion, users of treatment guidelines put a lot of trust into the recommendations provided. Using only opioid treatment guidelines with sound quality and content helps keep that vital trust so clinicians can continue to use guidelines in combating the prescription opioid epidemic.

It all began with reports of eroding books of business, price wars and marketing dollars not accounting for conversions of prospects into customers (or not in any visible manner, anyway). Then the CEO made that big "I’m back from a conference speech" and wanted to share. Suddenly, we’ve established a deadline to implement Net Promoter Score (NPS) at the enterprise level, and a whole playbook is being designed. Sound familiar? NPS can be used to gauge the loyalty of a firm’s customers. It measures who is promoting our brand versus who is likely to detract and therefore take their business elsewhere. We soon realize that the costs of exceeding customer expectations are high, while the payoffs are minimal. We know from experience that customers are much more likely to punish bad service than to reward good service. Having your problems resolved easily is a much better predictor for satisfaction than the exceeding of expectations. Improving the customer experience by making the customer journey easy is of greater significance to any brand. This philosophy requires different measurements, like the Customer Effort Score (CES), which is superior to Customer Satisfaction (CSAT) and Net Promoter Score (NPS) in predicting consumer behavior. See also: What Is the Right Innovation Process?   In the end, consumers to have a job done and will back brands that help them get the job done faster, better and cheaper. Achieving this for your consumers not only requires meeting current needs but anticipating future needs by inventing a future that is interesting and sexy and serves a purpose. This requires moving from data to analytics, customer segmentation to ease of doing business and ideas that sell to ideas that are bought. We have started shifting the paradigm, mental models and mindsets. The future is in its making, and the applications are only limited by our imagination. In the world of innovation, which lies at the fringes of most organizations or fills the gaps in between, we keep asking all the wrong questions. We all want frictionless technology solutions, but the focus can't be on which technologies are enabling us or who we’ve partnered with. The focus needs to be on why we are innovating and at what scale. Let’s consider the value proposition for transporting people from A to B. We must ask ourselves, what are the jobs to be done before that journey, during that journey and after that journey from the consumer’s point of view. I call this exercise wearing the "Uber Hat." The jobs to be done before the journey may include finding a driver nearby, knowing how long it’ll take for the driver to arrive and figuring out if the fare is coming out of personal or business expenses. Once on the journey, the jobs to be done may include picking up a friend or colleague, knowing how long the journey will take in real-time or sharing the ride. After the journey, the jobs are knowing how much it cost, receiving a receipt for payment (especially for expense claims on business trips) and recovery of items left behind in the car. Uber has thought about everything! It's even started services that assist people in emerging markets to hail a ride without the app or the need for credit card payments. Who would want to take a taxi when you’ve experienced Uber’s service and quality of care? See also: Is Insurance Having an Uber Moment?   When we are wearing the Uber Hat, we think and act like Uber. We are able to design solutions that are globally relevant, apply to any business or market and withstand the challenges in our way, no matter how big they may seem to others. Throw creative thinking and industry expertise into the mix, and you’ve got a winning formula for the application of human-centered design that has proven its success across borders. This is the difference between a market leader and a follower. I’m only here to present concepts. The choice is yours. If you don’t make that choice, ultimately the consumer will.