Compliance

NASHVILLE, Tenn. – The nation may remember 2006 as the year the Democrats won the mid-term elections, Gerald Ford and James Brown died, and data breaches made an indelible mark on American business in general and the insurance industry in particular.

Chicago - Chicago-based insurance broker Aon yesterday became the latest in a series of companies to participate in technology mergers as it announced its intent to acquire Valley Oak Systems (VOS), a San Ramon, Calif., provider of claims management software, services and support for the insurance industry. The acquisition reflects Aon’s desire to supplement its risk management portfolio. Valley Oak, winner of the IASA 2006 Technology Achievement Award, is best known for its iVOS system, which includes medical bill review, policy underwriting, case management, billing and event management capabilities. "Aon's acquisition of Valley Oak Systems continues Celent's predicted roll-up of the insurance software industry,” says Donald Light, senior analyst with Boston-based Celent, LLC. “While most acquisitions of independent insurance software vendors have been by larger software vendors, such as Milwaukee-based Fiserv buying Insureworx, Oakland, Calif., this time it is a major broker doing the deal.” The purchase InsureWorx, a policy and claims administration technology provider, gives Fiserv an end-to-end policy and claims administration offering for workers compensation. Other recent mergers in the insurance technology space include the San Diego-based Websense Inc., acquisition of PortAuthority Technologies, Inc., Palo Alto, Calif., and Ra'anana, Israel, for approximately $90 million in cash. PortAuthority will combine its information leak prevention technology with the "ThreatSeeker" malicious content identification and categorization technology from Websense. The deal will create a single source for companies looking to prevent the unauthorized use or disclosure of confidential data while simultaneously protecting users and data from external malicious threats. The Aon-VOS merger will benefit Aon’s unique position as a large brokerage firm. By integrating and sharing data with RiskConsole, Aon’s RMIX offering, the Aon-VOS deal enables the Chicago broker to create what the companies claim to be the only end-to-end browser-based offering in the marketplace. The acquisition of VOS follows a similar deal cut in 2004 by Aon’s with Risk Laboratories, LLC (RiskLabs), Marietta, Ga. Aon expects to consummate the VOS deal by January 31, 2007. Light believes that, from a marketing and sales perspective, the acquisition makes sense. “Valley Oak's customer base includes a great many risk management units in large employers who self-insure workers' compensation,” he says. “Aon's brokerage business targets that same group of risk managers. Aon's challenge will be to give Valley Oak the resources and freedom to keep its offering fresh and valuable to self-insured employers, as well as other customers such as insurers and third party administrators." Sources: Aon, Celent, INN archives

New York - Eliot Spitzer of New York nominated Eric Dinallo, General Counsel of Willis Group Holdings, to serve as New York State Insurance Superintendent in the new administration.Dinallo, 43, will replace Howard Mills, who was appointed in 2004 by Republican Governor George Pataki. In 2003 Dinallo resigned as chief of Spitzer's Investment Protection Bureau to become head of regulatory matters for Morgan Stanley, and was hired as general counsel for insurance broker Willis Group Holdings Ltd. in March.

Naperville, Ill. - The thieves who made off with computer tapes containing the names and Social Security numbers of 130,000 Aetna Inc. customers appear unlikely to exploit the information, the Hartford, Conn.-based health insurer says. "There is no indication that data theft was targeted," Aetna says. Aetna announced yesterday that a lockbox containing the computer back-up tapes was stolen in late October from the Naperville, Ill., satellite office of a vendor, Addison, Texas-based Concentra Preferred Systems. Concentra audits medical clams and performs other cost containment services for insurers, and the tapes contained information on customers of "several" other undisclosed carriers, according to published reports. Information on an undetermined number of WellPoint Inc. customers may have been stolen in the burglary, reports say. "We believe the total number is an extremely small percentage of our membership," a spokesman for Indianapolis-based WellPoint says. In a report on the incident, Aetna quotes law enforcement officials who say the burglars also stole cash, pharmaceuticals, DVDs and movie passes, and did not appear to be looking for information to use in fraudulent schemes. The law enforcement agency characterized the perpetrators as "common thieves" looking for cash and other property to pawn. The thieves forced their way into the space occupied by Concentra, as well as the offices of five other businesses in the suburban Chicago building, Aetna says. Property was taken from all the tenants. Concentra officials, who notified Aetna of the loss on Nov. 3, say retrieving the data from the tapes would require a complex combination of commercial equipment and specialized software. The data was stored in unlabeled, difficult-to-understand formats, Concentra says. "These tapes cannot be used on a standard PC," Concetra officials say. Concentra reconstructed the data on the tapes and turned it over to Aetna on Nov. 10. Aetna's IT team worked around the clock to determine what information was stolen. They found the data included member names, hospital codes and either Social Security numbers or Aetna ID numbers for about 130,000 people. The names and Social Security numbers of about 750 medical workers were also on the tapes. Aetna is apologizing and notifying members and providers whose personal information was on the tapes. The insurer also is arranging free credit monitoring to help detect any misuse of the information. Concentra is offering a $10,000 reward in connection with the theft, according to published reports. Source: Aetna Inc.

New York - Ameriprise Financial Inc. has promised to hire a consultant to review company laptop policies as part of an agreement with Massachusetts securities regulators. A year ago, the theft of one of Ameriprise’s computers exposed the personal data of more than 150,000 clients.

The National Association of Insurance Commissioners (NAIC) is urging Congress to create a Natural Catastrophe Commission that could establish a disaster fund, strengthen and enforce building codes, and provide community support.

Kansas City, Mo. - The National Association of Insurance Commissioners (NAIC), the trade group for state insurance officials, has established a Web site to provide motorists with tips on purchasing auto insurance.

Chattanooga, Tenn. - An insurance company was among the four winners of the 2006 Process Innovation Awards. UnumProvident Corp., a Chattanooga, Tenn., disability insurer, received the honor for work in Sarbanes-Oxley solution compliance.

Washington – If lawmakers such as Sen. Trent Lott, R-Miss., and Rep. Cliff Stearns, R-Fla., as well as the National Automobile Dealers Association (NADA) get their way, insurance companies will be forced to disclose total-loss vehicle claims information to the general public. Thanks to catastrophic storms such as Katrina and the recent flooding in the Pacific Northwest, the public is more aware of the problem of flooded and totaled vehicles being resold to unsuspecting buyers. Lawmakers believe that a rule mandating disclosure of total-loss vehicles is one way to manage the problem. In the 109th Congress, Lott and a bipartisan list of colleagues sponsored S.3707, the Passenger Vehicle Loss Disclosure Act, to require that insurance companies permanently red-flag totaled, flooded or stolen vehicles. Rep. Stearns introduced a similar bill, H.R. 6093, in the House of Representatives. Seattle-based PEMCO Insurance last month announced that it voluntarily reports cars totaled with flood damage to CARFAX, an auto database available to consumers. Other insurance companies are expected to evaluate their reporting procedures. Sen. Lott also affirmed his plans to reintroduce legislation in the 110th Congress to reduce title fraud and title washing of insurance-totaled vehicles. According to lawmakers, although an insurance company may declare a vehicle a “total loss” due to water damage, severe accident, theft, etc., these vehicles often are sold at salvage auctions. They are then rebuilt and re-enter the market with clean titles, so consumers, wholesale auto auctions and dealers may have no way to learn about the total loss. The bill would require insurance companies to reveal the reason for the total loss (flood, collision, stolen, etc.), the date of total loss, the odometer reading on that date, and whether or not the airbag deployed. The NADA-supported effort by lawmakers would permanently red-flag these vehicles, reducing the likelihood that the “total loss” vehicles will end up back on the street. This federal legislation would not preempt state titling laws or require changes in state laws. “With more than five million vehicles totaled by insurance companies just last year -- more than half a million of them coming from the Gulf Hurricanes of 2005 -- something has to be done to permanently notify consumers about these severely damaged vehicles," said David Regan, Vice President of Legislative Affairs for NADA, McLean, Va., was quoted as saying. Sources: PR Newswire, Yahoo News, The National Automobile Dealers Association

New York - American consumers want electronic copies of their medical records and believe that having greater access to their information will reduce medical mistakes and costly repeat procedures, according to a new survey commissioned by the Markle Foundation, a New York research organization. But eight in 10 Americans are very concerned about identity theft or fraud and the possibility of their data being used by marketers without their permission - with three-quarters of those surveyed saying the government has a role in establishing privacy and confidentiality protections for electronic health information. For one of the custodians of consumer health care, health insurers, a cost/benefit analysis may involve deciding which is worse: the legal and potential business-loss ramifications incurred if a health insurance policyholder's private information is lost, or a potential regulatory chokehold on the management and transmission of a policyholder's data. In either case, as health insurers face increased scrutiny as one of the many "gatekeepers" of private consumer information, they also understand the importance of "big picture" thinking when it comes to doing whatever is possible to promote patient health. Companies such as Harvard Pilgrim Healthcare (HPHC), a 25-year old provider of health insurance products to more than one million members, has taken painstaking efforts to protect its customers information while making certain data is securely available to policyholders' caregivers. The Wellesley, Mass., not-for-profit company's mission statement--to be the most trusted name in healthcare-means the company must provide secure data access to HPHC's internal work force of 2,200 users as well as to a growing number of constituents, including 130 hospitals and 22,000 physicians. "Americans understand that quality of care could improve and costs decrease when their health information is available over the Internet to them and those who care for them," said Zoë Baird, president of the Markle Foundation, which funded the research. "And they are clearly ready to do their part to improve our health care system. But consumers also have significant privacy concerns, which must be addressed if we are to have sufficient consumer confidence to support a national commitment to electronic health records. People expect the federal government to establish rules that protect electronic personal health information from being used inappropriately." The survey, conducted by bipartisan polling firms Lake Research Partners and American Viewpoint, shows that: *97 % think it's important for their doctors to be able to access all of their medical records in order to provide the best care; *96 % think it's important for individuals to be able to access all of their own medical records to manage their own health; *Two in three Americans (65 %) would like to access all of their own medical information across an electronic network. This interest spans demographic groups - with a majority (53 %) of Americans 60 and older and high proportions of minority groups expressing interest; *When given the scenario of changing doctors or moving to a different city, an even greater majority - 84 % - said it would be important for them to have electronic copies of their medical records that they keep and control; and *Three-quarters of Americans are willing to share their personal information to help public officials look for disease outbreaks and research ways to improve the quality of health care if they have safeguards to protect their identity. The survey shows that large majorities of Americans see a number of benefits from accessing their medical information online. Consumers say they want access to their medical information in order to ensure that it's accurate, to improve doctor-patient communications and to help prevent medical errors. *91 % say it's important to review what their doctors write in their chart; *88 % say online records would be important in reducing the number of unnecessary or repeated tests and procedures they undergo; *82 % want to review test results online; and *84 % would like to check for errors in their medical record. Americans also see ways in which they could gain more control over their health care by making use of personal health records: *90 % say it would be important to track their symptoms or changes in their health online; *83 % of parents would be interested in using a network to track their child's health, such as tracking dates for immunizations; and *68 % say having their information available online will give them more control over their own health care. "It is encouraging to see that so many Americans recognize the opportunity to improve their health care - and their own health - by accessing and using their health information," said Carol Diamond, M.D., managing director of the Markle Foundation Health Program. "People not only want to see their medical records, they want to use the information to communicate with their doctors and be more involved in managing their care." While the survey notes high recognition of the benefits made possible by accessing personal heath information electronically, most respondents express concern that their medical information could be misused: *80 % say they are very concerned about identify theft or fraud; *77 % report being very concerned about their medical information being used for marketing purposes; *75 % say the government has a role in establishing rules to protect the privacy and confidentiality of online health information; *66 % say the government has a role in establishing rules by which businesses and other third parties can have access to personal health information; and *69 % say the government has a role in encouraging doctors and hospitals to make their personal health information available over the Internet in a secure way. "Despite the overwhelming interest in being more active participants in their own health care, and having their medical information available online to themselves and their physicians, Americans have very serious concerns about the privacy and security of their medical information," said David Lansky, Ph.D., senior director of the health program at the Markle Foundation. "People want to have control over whether their data are used for non-medical purposes and expect the government to establish rules that will protect them." Connecting for Health, a Markle-operated collaborative group of more than 100 organizations, released a new white paper to stimulate national discussion on the use of information technology to meet the critical needs of consumers, patients, and their families. The report describes a networked health information environment in which consumers could establish secure connections with multiple entities that hold personal health information about them. "It is difficult for a consumer to manage her personal health information since it is scattered among various organizations such as insurance companies, pharmacies, hospitals, etc.," Lansky said. "Several projects are currently underway to deploy personal health records, which are designed to help individuals manage their electronic personal health information. But because our health care system is so fragmented, and your health information is typically held by many unconnected entities, these electronic applications today struggle to provide a convenient way for consumers to access all of their data." The paper begins with a brief discussion of how consumer participation in networked environments has transformed other sectors, such as travel and finance. It contends that the health care sector would benefit greatly from a properly designed secure network that enables consumer participation. For more information, go to www.markle.org. Source: The Markle Foundation, INN archives

London - In order to better manage risk in an insurance business cycle fraught with uncertainty over market conditions and pricing, carriers in the U.S. and abroad should invest in the latest risk management tools, says a new report from Lloyd's, "Managing the Insurance Cycle." Lloyd's, which provides specialist commercial insurance coverage to customers in more than 200 countries and territories, published the report as part of its 360 Risk Project, an initiative to generate discussion on how best to manage risk in today's business environment. The report warns of "considerable uncertainty remains over prices and conditions in the commercial insurance market following last year's record hurricane season." Among other suggestions, it cautions underwriters to beware of the tendency to follow on market trends, and reminds them that "disciplined insurers... are prepared to walk away from markets when prices fall below a prudent risk-based minimum." Investing in state-of-the-art risk management and measurement tools, says Lloyd's, will support insurers' ability to create the best possible pricing models, as well as their ability to update them regularly to reflect the latest scientific evidence. "The models should more easily permit sensitivity analysis to show the impact of the many assumptions that are being made by the modellers on the insurer's behalf," notes the report. Lloyd's report cites "seven key steps for ensuring that the industry becomes less unpredictable and underwrites on a sustainable basis for the benefit of both policyholders and insurers," including: -- Don't follow the herd. -- Invest in the latest risk management tools. -- Don't let surplus capital dictate your underwriting. -- Don't be dazzled by higher investment returns. -- Don't rely on 'the big one' to push prices upwards. -- Redeploy capital from lines where margins are unsustainable. -- Get smarter with underwriter and manager incentives. More information onLloyd's report is available at www.lloyds.com/360. Source: Lloyd's

New York - Driven in part by increased demands from regulatory and rating agencies, enterprise risk management (ERM) has become integral to insurers' business processes around the world. Sixty percent of survey respondents explicitly factor risk management considerations into their decision-making, according to the fourth biennial survey of risk and capital management practices among insurers worldwide by the Tillinghast business of Towers Perrin. Conducted in summer 2006, the study of executives from more than 200 insurance and reinsurance companies around the world focuses on a number of issues, including risk measurement, quantification competencies, how companies calculate and use economic capital (EC), risk reporting and areas where the global insurance community is seeking to improve their risk management capabilities. In addition, a special section has been included that focuses on the impact of Solvency II on the European community. Key findings from the study: * External pressures are raising the bar for risk management globally. While most companies globally (78%) cite "good business practice" as the principal driver for their current risk management efforts, rating agency considerations are a significant factor for North Americans (72%) whereas changes in insurance solvency regulations are a major driver for European Union insurers. * Two-thirds of the insurance industry globally uses EC as a risk quantification tool. This is a significant increase over 2004 where only half of the respondents indicated they were using EC. * A further 19% of the participants indicated they are considering the use of EC. * Insurers are using a diverse set of risk metrics. Insurers assess the impact of risk on their capital, value and earnings in a variety of ways, with 63% using at least three differing measures. The most common are statutory or regulatory capital and surplus (56%), economic value (42%) and GAAP or IAS measures (38%). "Companies are clearly more disciplined in their use of ERM today than ever before, as catastrophic events, capital efficiencies and competitive pressures have driven companies to adopt less of a 'seat-of-the-pants' approach to risk issues," said managing director Tricia Guinn, who oversees both the Tillinghast and Reinsurance businesses of Towers Perrin. Risk Management Raises Its Profile "As risk issues have gained importance, so has the role of the chief risk officer," said Prakash Shimpi, Practice Leader with global responsibility for ERM. "Insurers are not only examining risk more closely, but they are also holding executives more accountable for the results." Almost half of the respondents (43%) report having a chief risk officer (CRO) with primary responsibility for risk management, up from 39% in 2004 and only 19% in 2002. The study also indicates that risk management is gaining importance in board rooms, with nearly all respondents (92%) reporting on risk to their board of directors at least annually, up from 84% in the 2004 survey. 53% of all respondents report at least quarterly to their board. Risk reports to senior management have become a common practice, with 39% reporting monthly and another 35% reporting quarterly. Risk reporting varies regionally: * Bermudian (89%) and Canadian (82%) insurers are more likely than U.S. or Asia/Pacific companies (53% respectively) to report quarterly on risk to their boards. * European life insurers (65%) and p/c insurers (60%) are twice as likely to report to senior management monthly as their North American counterparts (31% respectively). Solvency II Shapes Risk Management European insurers generally agree that the new Solvency II regime will require significant improvements to their risk management capabilities, including enhancements to risk quantification capabilities (63%) and enhancements to actuarial and accounting tools (59%). However, there are markedly different results between continental Europe and the U.K. in their approaches to Solvency II which is not surprising given the U.K.'s ICAS regime: * Enhance risk quantification capabilities (76% continental Europe, 41% U.K.) * Enhance risk governance and organization (61% continental Europe, 19% U.K.) * Improve risk identification capabilities (52% continental Europe, 15% U.K.) "U.K. insurers clearly feel better placed as a result of regulatory changes introduced by the FSA in advance of Solvency II. Their focus is now on developing the right tools to suit the new environment," said Ian Farr, principal. "The increased risk sensitivity and flexibility of Solvency II provides will trigger greater product innovation, more innovative capital management, capital raising and financing structures." Room for Improvement While ERM has made significant progress in recent years, there are still growing pains: * Most respondents (77%) are highly focused on improving risk measurement and quantification processes to enhance their overall ERM efforts, particularly in the U.K. (97%) and Japan (95%). * Respondents are generally not satisfied with their current capabilities in many of the risk management areas they see as important. They are significantly dissatisfied with their ability to quantify operational risks and their ability to reflect risk in performance measures. "Insurers now recognize the potential impact a single event like a security breach or systems failure can have on their operations, as well as on their financials. Operational risks can be complicated and difficult to quantify, so many are turning to scenario analysis to achieve meaningful results," said Shimpi. "We expect operational risk modeling and management practices to steadily improve over the next few years." Economic Capital as a Key ERM Tool The survey also found that many insurers are moving toward the use of economic capital (EC) as a risk management tool. As stated previously, nearly two-thirds (65%) of all respondents calculate EC and an additional 19% said they are considering calculating EC, implying that it may soon be a universal tool. EC use is already at 99% in the U.K., where the FSA requires companies to perform an Individual Capital Assessment. Almost all respondents (89%) are planning to make further improvements to their EC modeling capabilities. More information is available at www.towersperrin.com/tillinghast Source: Towers Perrin

Its negative connotation is deserved. For insurance companies, a data breach spells instant trouble-the least of which is potential loss of reputation, brand and revenue. If a court of law rules the insurance company is negligent, a data breach has the potential of ultimately shutting the carrier's doors.Recent research by the Chief Marketing Officer Council, Palo Alto, Calif., revealed that a company loses, on average, from 0.63% to 2.10% value in stock price when a breach is reported-equivalent to a loss in market capitalization of $860 million to $1.65 billion per incident.

We've been lucky this year - after being told to brace for another catastrophic hurricane season, we felt the ocean breezes grow calm and saw storm-related losses remain at a minimum.The insurance industry dealt with an estimated $61.8 billion in losses from Katrina and other storms in 2004-05. Yet surprisingly, many companies have rallied with record earnings. How? Some carriers asked for record-setting rate increases to offset what they believed would be more dire catastrophe-related losses for 2006. Many insurers reacted by shrugging off new business along the coasts. Some attributed their good fortune to technology that reduces claims leakage, some pointed to "underwriting discipline," some to expert predictive modeling systems that support improved rating. Some said it's simply a matter of expert reserve management.

According to a survey conducted by Fierce-Wireless-Bluefire Wireless Security this year, more than 80% of financial services respondents say their organization's use of handheld devices had increased over the past two years. Meanwhile, 87% say they are concerned about the security of e-mail access to corporate server-based accounts and of remote access to corporate networks, and 85% say that access to Web-based e-mail had become a significant security concern.

TOOL HELPS EMPLOYEES MANAGE THEIR BENEFITSPlanAdvisor, a benefits management tool from Milwaukee-based Zywave Inc., features a Plan Selector module to enable employees to review their own health costs. PlanAdvisor generates management reports without carrier data feeds, analyzes the effects of changes in the plan design and calculates projected plan costs, based on trend and claims information. It also offers benchmarking, modeling, and analysis to allow brokers to deliver information based on industry comparison data and actuarial factors, which can help clients make informed decisions.

CAPITOL SELECTS STG BILLING SYSTEMMiddleton, Wis.-based Capitol Insurance Cos. chose Renaissance Billing Solution from New York-based Systems Task Group International Ltd.'s (STG) to support billing and accounts receivable operations. The system will replace Capitol's existing billing systems and will enable the consolidation, centralization and the streamlining of Capitol's cash management and accounting operations. It will provide Capitol with advanced technology support, flexibility and configurability.

Needham, Mass. - In 2007 and beyond, the global financial services industry will increasingly grapple with three major strategic shifts: reinventing financial services at its core; repurposing financial services relative to the global diversity of a changing customer base; and helping restore confidence in an uncertain world, according to a series of research reports from Needham, Mass.-based TowerGroup.The reports examine the top business drivers, strategic responses and technology priorities that will fuel core sectors of the global financial service industry in 2007.

Sydney, Australia - Insurance Australia Group Ltd. (IAG), announced its intention to make its global operations carbon neutral within five years."As an insurance company we have been very concerned about the risks and impact of climate change on our community for a number of years," says Mike Hawker, IAG's CEO. "We have been working on ways to reduce our own CO2 emission footprint, alerting the community about the risks of climate change, and researching opportunities for our customers to benefit from CO2 reducing activities. We are furthering our efforts, by announcing our intention to be carbon neutral within the next five years."

Blue Bell, Pa. - Almost one in every three of the more than 1,700 senior-level corporate and technology leader respondents in a new international survey do not trust their companies' own abilities to handle private or sensitive information, and that same number are either unsure or don't believe that most of their business partners consider them to be trusted enterprises.These and other findings are part of a broad research project from Blue Bell, Pa.-based Unisys Corp., called the Unisys Trusted Enterprise Index, a survey designed to measure the importance, impact and influence of trust, privacy and security within the corporate world. Conducted in partnership with the Ponemon Institute, an Elk Rapids, Mich.-based privacy research organization, the study also found that despite a growing awareness of risk management and security issues in the corporate world, more than one-third of companies polled do not task senior leaders with protecting the trust that customers, investors and even their own employees have in those companies.