As it relates to their online activities, insurance companies are jeopardizing their relationships with customers by failing to protect the privacy of their personal information.That's according to the Customer Respect Group, a Bellevue, Wash.-based research firm that studies how corporations treat customers online.

The research firm analyzed more than 1,000 Web sites across a spectrum of industries-including 72 insurer sites-and discovered that more than 50% of the carrier sites share personal data with external parties and affiliates without customer permission.

The group also revealed another oversight by insurers online: Poor responsiveness to customer inquiries.

While responsiveness to customer inquiries is an area that begs for improvement, it's the lack of attention paid to information privacy that possesses far greater ramifications.

Financial services companies are required to provide customers the right to "opt out" of certain information-sharing practices set forth in the 1999 Gramm-Leach-Bliley Act (GLBA). To comply, insurers are required to send policyholders a yearly notice explaining their rights and renewing the opt-out opportunity.

Tacit approval

"Insurers that don't participate in best-practices privacy of customer information are under the impression they have tacit approval of their customers to use personal information as they see fit," according to Roger Fairchild, president of the Customer Respect Group.

"Insurers may have a privacy policy in place, but it may be intimidating to read and it may not be spelled out in layman's terms. There may be language that states, 'we value your privacy,' but when it comes to actual policies in place to protect information, it may be heavy in corporate jargon, and not very protective. In the end, many of these policies make no real commitment to information privacy," he adds.

Insurers did score high marks for the simplicity of their Web sites and even the aesthetic nature of some sites. The report found, however, that a well-designed Web site won't satisfy customers if a strong privacy policy has not been established.

Despite the emergence of GLBA, the liberties that corporations are taking with sharing of information does not seem to be abating, according to Customer Respect Group research: In the Winter 2004 insurance study, 35% of companies said they share data with affiliates, subsidiaries or business partners without permission from users. In the summer 2004 survey, that number grew to 52%.

This trend could become a major problem for insurers because lack of customer respect erodes customer loyalty, and can lead to customer defections. And retaining customers is "a bargain" compared to the cost of acquiring new ones, says Fairchild.

In its report, the group provided third-party research revealing that a 5% increase in customer retention produces at least a 25% increase in profits. "Companies should respect their customers' wishes and give them choices about how their personal data is used," Fairchild says.

The group formulated a Customer Respect Index (CRI)--comprising a series of attributes--to measure whether and to what degree companies create a positive online experience for customers. These attributes include simplicity (ease of navigation); responsiveness (quick and thorough to inquiries); privacy, transparency and principles, which include values and respect for customer data.

The 72 insurance companies involved in the report (life & health and property/casualty) scored an average 6.0 for privacy, considered below average compared with other CRI metrics. Of all insurers, five revealed they do not provide customers with a privacy policy.

By comparison, insurers received the highest marks for simplicity of Web sites and navigational ease, with scores often exceeding 7 and sometimes 8 points.

Among the leading insurers with best-practices privacy policies were Mayfield Village, Ohio-based The Progressive Corp. (8.6 CRI), Lincoln, R.I.-based Amica Mutual Insurance Co. (8.5) and New York-based The MONY Group (8.4).

The insurers ahead of the curve, says Fairchild, have done several things right. For one, they spell out in clear terms on their Web sites how customers can opt in or opt out of making their information accessible to third parties.

Not surprisingly, Progressive, which has won high marks over the years for its online practices, treats customer privacy seriously. When consumers log onto, they're able to review the company's privacy policies by clicking on a link clearly positioned, at the bottom of the home page. Progressive's site states: "We don't sell our customer lists or share your information with other companies to offer their products to you." When Progressive collects personal information, the primary purpose is "to quote and service an insurance policy," the company states.

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access