Tag Archives: risk managers

3 Common Errors in Managing Claims


No one wants to deal with a property claim. Unfortunately, claims do happen, and that is why you buy insurance. There are right ways and wrong ways to manage a claim — here are three common mistakes and how to avoid making them:

Too many cooks…

cooks

One of the first things you should do after a loss is assign a point person to handle communication and dissemination of information to the insurance company. Oftentimes, this role defaults to the risk manager, but she is not always the best choice. Obviously, the risk manager needs to be part of the team, but you need someone who can dedicate a substantial amount of time to the claim. This ensures consistent communication and avoids the insurance team’s relying on information that has not been vetted.




Not controlling the schedule…

stickies

As with most projects, planning and execution are necessary for a successful outcome. It is critical in the claims process to assign responsibility to the team members at the policy holder and require that they provide information in a timely manner. This compels the insurance company to provide feedback in a similar fashion. A timeline should be established early on, and the parties should be held to it. For example, claims will be submitted by the fifth day of the month; feedback will be provided by the 15th day of the month; and payment will be received by the end of the month. Scheduling like this can improve cash flow and ensure progress on the claim. Get the parties to commit to this early!

Unreasonable expectations…

pie

It’s true that the insurance company is not likely to accept your entire claim, but building up your claim to unrealistic expectations is not the answer. By claiming a “pie-in-the-sky” number, you can hurt your credibility and dramatically slow down or prevent a reasonable settlement. The better approach is to present a reasonable claim that is fully documented. This prepares you to counter the insurance company’s rebuttal with confidence. It’s reasonable to be aggressive, and, by all means, do not lower you claim in anticipation of pushback from the insurer. Just do not build up the claim to unrealistic totals with the plan to fall back to a lower position — this gives all the credibility to the insurance company.

Predictive Analytics for Self-Insureds

Predictive analytics is widely used in the insurance industry. Is it time for self-insureds to reap the benefits of predictive analytics and realize significant bottom-line improvements as well?

Self-insureds can use predictive analytics for employee cost benchmarking, early identification of late-developing claims, and budget and allocation decision-making tools. Currently, the key area of focus for self-insured risk managers is claim prevention. But even the best claim prevention methods are not enough to avoid all claims. Claims occur despite a company’s and risk manager’s best efforts. If traditional claim prevention is the only defense against losses, these companies will lag behind their contemporaries who, to keep claim costs down, are already using predictive analytics.
Primer on Predictive Analytics
Whether we know it or not, we have all encountered predictive analytics in our personal lives by simply browsing the Internet. Companies like Amazon leverage their immense amount of data to predict customers’ shopping preferences to drive additional sales. Likewise, the insurance industry, with its substantial volume of data, views predictive analytics as an essential capability. Forward-thinking self-insureds see the benefits of these tools and realize that they should be used to better understand their exposure and better control their losses.

Predictive analytics can improve both customer satisfaction and company profits. Last week, I bought a webcam from Amazon. The product page displays the specific details on the webcam and shows an assortment of additional items frequently bought by other customers who purchased this webcam. Amazon uses its customer purchase data to predict that webcam purchasers also routinely buy extension cables, microphones, and speakers along with their webcam. Thus, Amazon has effectively applied predictive analytics to identify cross-sell opportunities that benefit its customers (I was glad to be reminded that I would, in fact, need an extension cable) and increase its revenue (I spent an additional $5.99).

Amazon’s product pages are an easily visible example of predictive analytics. Similar to Amazon, the insurance industry has adapted predictive analytics to not only increase premiums but also to improve risk selection. Risk selection—being able to identify the good/profitable risks and the bad/unprofitable risks—is so important for insurance companies that the popularity of predictive analytics comes as no surprise. The range of ways insurance companies are using these tools includes evaluating the profitability of their accounts, assisting in effective underwriting and proper pricing, marketing to the appropriate client base, retaining their customers, and estimating the lifetime value of each customer.

It is important to note that predictive analytics is not just a data summary. Predictive analytics sorts through vast amounts of data to find relationships among variables to predict future outcomes. This data can often be seemingly disparate, or even appear to be unrelated; it also often combines the use of both internal company and data from outside the organization. For example, a commonly cited and successful example of such a relationship involved insurers finding a direct correlation between two variables: credit scores and auto claims. Also, the more data fed into an analysis, the more robust it will be. Self-insureds have quite a bit of employee data that greatly aids analyses’ predictive abilities. In addition to loss-specific data, payroll, human resources information, and other available third-party data should be utilized to its fullest extent for optimal results.

Applications for Self-Insureds
Self-insureds have numerous opportunities to benefit from predictive analytics. Three large workers’ compensation areas on which predictive analytics sheds light are: 1) identifying which employees cost more than industry and company averages, 2) predicting early on which claims are the most likely to have late-developing costs, and 3) constructing qualitative cost/benefit scenarios to help risk managers allocate their budgets effectively.

Self-insureds applying predictive analytics to their workers’ compensation claims, for example, have a number of employee variables to work with such as: employee age, length of employment, state of residence, employment type (full time/part time), salary type (hourly/salary, low wage/high wage), and claim type (indemnity/medical only). Predictive analytics can find relationships that will affect future claim activity on current and future employees.

The real goal of predictive analytics for self-insureds is to help guide and support risk managers’ decisions. Predictive analytics can be applied to both ‘pre-claim’ and ‘post-claim’ loss prevention methods. To aid in claim prevention, pre-claim-focused analyses are used to highlight high-risk (high-cost) employees. The loss costs of various groups are compared to each other, a company average, and to average industry loss costs provided by the National Council on Compensation Insurance (NCCI). Loss categories higher than company or NCCI averages get closer examinations for loss drivers and mitigation strategies. A higher-than-average cost for newly hired employees may signal a need for more training. A higher-than-industry cost for claims in certain states may be noted. A particular type of injury may emerge as the most costly. The potential savings can be estimated as the difference between the current loss costs and the benchmark loss costs, times the percentage of employees or expected claims involved.

For example, a self-insured entity may know that its newly hired employees experience a larger proportion of losses than employees with longer tenure. If it conducts an analysis and discovers that low-wage employees working in Illinois with less than six months of experience have substantially higher costs than the average employee, claim prevention resources could be specifically aimed at that employee demographic to control costs.

Savings Opportunities
A notable benefit of predictive analytics is that it provides quantitative cost-saving information to risk managers. Continuing with the prior example, assume 2,500 employees are newly hired, low-wage employees in Illinois and their average costs have been shown to be three times higher than the company average of USD $1.50/$100 of payroll. We can estimate that a reduction from $4.50 to $1.50 could create $2.25 million in savings. Asking senior management for $100,000 for more new hire training in Illinois facilities will be much easier with the quantitative support provided by predictive analytics.

(2,500 employees with an average payroll of $30,000 save $3 = 2,500 x 30,000/100 x 3 = $2.25M)

Not only can predictive analytics assist with reducing cost ‘pre-claim’ by focusing on exposure, it can also reduce costs once a claim has occurred. Knowing the easy-to-identify large claims will be second nature to risk managers, however, ‘post-claim’ predictive analytics can look into claim development details to find characteristics that late-developing, problematic claims (and often not the obvious large ones) have in common. After a loss has occurred, one of the most effective ways to manage costs is to involve a very experienced claims handler as soon as possible. The results of effective ‘post-claim’ predictive analyses will assist in implementing cost-saving claims triage. Because the best resource post-claim is good claim management, predictive analytics can get late-developing, problematic claims the timely attention they need to contain the ultimate costs or even settle the claim.

Loss savings based on predictive analyses extend beyond claim cost reduction. Being able to quantitatively show potential savings and concrete mitigation plans will make a positive impression on senior company management and excess insurance carriers. Demonstrating shrewd knowledge of the loss drivers and material plans to reduce the losses can aid in premium negotiations with excess carriers for all future policy years. And if the insurer or state is holding any collateral, the predictive analytics’ results can be used by the self-insured in negotiating.

The key to unlocking further potential cost savings in your self-insured plan is readily available in your own data. Predictive analytics is the tool that will help risk managers make better claim reduction decisions and produce actionable items with real cost savings now and in the future. Risk managers and self-insured companies can look forward to possible benefits such as loss cost reductions along with reductions in excess premium and collateral, and quantitative information to help them with budgeting and allocation. As more self-insureds begin applying predictive analytics to control costs, companies that are not using these tools will be at a competitive disadvantage.

For more information on predictive analytics, watch this video of a Google hangout with Michael Paczolt and Terry Wade of Milliman, Inc.:

Cyber Risk

Understanding your exposure to technology and implementing baseline controls should always come before you consider insuring those risks.

What is a firewall? What would I do with a privacy policy? What is encryption and why would my company need to encrypt any of our data? How would I implement an incident response plan? How many personal health records do we have in our database? Do we do background checks? Who has access to our server room? Why do I need to answer so many questions just to get a proposal for insurance?

These are the types of questions that come up during the cyber insurance application process, and this is often the first time someone outside of the IT department has had to answer them. With the growth of the cyber insurance industry, now estimated to be almost $1,000,000,000 in gross written premium for 20111, risk managers, insurance agents and boards of directors are wondering why they now also have to talk to the IT department when discussing risk management and their insurance renewal.

A vendor mistake, administrator's misconfigured firewall or even an improperly negotiated cloud contract can pose a systemic risk to your corporation.

As regulatory expectations continue to be set higher (due to increased enforcement of the Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act, attention of 46 different state notification laws that are enforced by State Attorney Generals, Fair and Accurate Credit Transactions Act) and consumer opinion is constantly being expressed in the form of class action suits, these situations continue to get more difficult to mine through.

Plaintiff attorneys' allegations addressing monetary damages as a result of privacy or security breaches are consistently being brought. Not having adequate controls is the common focus of such suits that follow a breach. Additionally, the bad actors that are trying to improperly gain access to your information will consistently focus on firms who lack simple/intermediate controls.

According to Verizon, 96% of attacks were not highly difficult and 97% of breaches were avoidable through simple or intermediate controls.2 Your own data (account lists, legal documents, vendor agreements, price lists, R&D information, trade secrets) and client/patient information (personally identifiable information/health records) are what the hackers want.

Implementing baseline controls is the first element of fixing your cyber problems.

Several states have enacted laws that expect these baseline controls to be in place to protect their consumers. In Massachusetts, for example, there is a regulation (WISP3) that expects a legal entity holding personal information about a Massachusetts resident, to develop and implement a written information security program to protect that personal information. If this standard is not met, on top of $5,000 civil penalties of up to $5,000 per violation, the corporation could also encounter negligence based on litigation.

Like every state notification law that exists today, the law is based on the location of the consumer, not the corporation's place of domicile. In Nevada, since 2008, businesses have been required to use encryption when transmitting a customer's personal information externally(aside from fax)4. Additionally, PCI (Payment Card Industry) has required all corporations involved in a credit-card transaction to be compliant with varying degree of requirements based on size. For additional information, refer to https://www.pcisecuritystandards.org/merchants/how_to_be_compliant.php.

This is an important step for those companies dealing with credit cards. The 2012 Verizon Data Breach Investigations Report also found that 96% of victims subject to PCI Data Security Standards had not achieved compliance. This statistic shows the important of security controls being taken seriously.

Once your organization takes cyber security controls seriously and understands even the best controls don't isolate them from the exposures that exist, you should than take the time to discuss the insurance implications. Your insurance agent or broker can provide input on how current insurance coverage(s) could respond but also can get you in touch with over 30 insurance markets' underwriters who have dedicated cyber products and submission processes and are able to design coverage specific to your company. Additionally, most markets can help with loss control and ensure that you stay abreast of the current threat environment.

With adequate controls, a general understanding of the regulatory implications of a privacy breach and knowing the insurance consequences, you will be much better prepared if a problem with your company's technology does happen.

1 Cyber Betterley Report 2012

2 Verizon 2012 Data Breach Investigations Report

3 Massachusetts 201 CMR 17

4 Nev Revised Stat 597.970(1)2005