Security risk

When Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996, one of its major objectives was to reduce health care costs by simplifying administrative and financial transactions across the industry. At that time, national health spending was heading toward the $1 trillion mark annually, and studies proclaimed that "administrative simplification" could save anywhere from $40 billion to $70 billion per year.

Virtually no payers in a HIPAA readiness survey conducted in December by Gartner Inc., Stamford, Conn., indicated they had completed their selection of technology tools to comply with the Health Insurance Portability and Accountability Act.But insurance companies are implementing privacy and security tools for their Web-based applications, and these tools will factor into their HIPAA privacy and security assessments.

Security isn't a new topic in business. Many years ago, businesses were concerned primarily with physically securing information within their facilities. We managed our companies' critical information on a "need-to-know" basis-if you needed to know, then the keeper of the information would share the information with you.With the advent of e-commerce and networked computers comes the added need to secure these networks. Businesses, including insurers, want to facilitate the sharing of relevant data while protecting proprietary and confidential data. And, of course, the need-to-know rule still applies.

When Allstate Insurance Co. announced its aggressive new business approach in November 1999, analysts praised the company for its bold leadership in the New Economy.

Biometric technology is in the throes of an identity crisis. Biometrics relies on matching algorithms that analyze the physical or behavioral traits that differentiate one individual from another, such as fingerprints, the retina or iris of the eye, or the patterns of an individual's voice.Through its use, financial institutions could reduce costs related to identity theft, while simultaneously assuring consumers that their financial assets are protected.

As insurance carriers expand into financial services and provide multichannel access for customers, many agents are not going along with the new program.Both State Farm Mutual Automobile Insurance Co. and Allstate Insurance Co. were sued in November by their agent associations. The agent associations are claiming the carriers have breached their contracts with the agents by increasing agents' production quotas, reducing their commissions, coercing agencies to forward their phones to call centers, and selling insurance directly to customers over the Internet.

Electronic bill payment and presentment (EBPP) has experienced a mixed bag of interest among consumers, with payments of insurance premiums ranking low on their online bill-payment priority list.In fact, insurance carriers, along with utilities, telecommunications and mortgage companies, are among the businesses that are lagging behind in the expansion of EBPP, according to a recent report by Stamford, Conn.-based consulting firm Gartner Inc.

Within hours following the terrorist attacks on the World Trade Center, global insurers and reinsurers began the task of assessing the breadth and depth of the losses incurred by their businesses.With losses separated into five categories-property damage, business interruption, casualty, aviation and liability-estimates indicate that insurers worldwide may pay out as much as $70 billion as a result of the September 11 attacks in what will represent the most expensive disaster insurers have ever experienced.

When disaster strikes, insurance companies immediately mobilize their catastrophic ("cat") teams to deal with the accompanying sudden increase in claims.The aim is to provide expedient customer service to policyholders who have been injured or who have lost property or loved ones-and rightfully deserve compensation from their insurance company.

What if you could determine when policyholders were considering switching to another carrier and then identify which of those customers were profitable enough to justify trying to keep them? And what if you could determine the effectiveness of a marketing campaign while it was in progress, changing your strategy before investing a lot of money?

Allstate Insurance Co. has received nothing but kudos from analysts for the boldness and vision of its Good Hands Network-the name the Northbrook, Ill.-based carrier gave its integrated call center, Internet and agent sales strategy.But some agents don't like Allstate's multichannel strategy-especially the part that cost them their jobs. On August 1, 27 current and former agents filed a class-action lawsuit in federal district court in Philadelphia, charging Allstate with nine violations, including breach of contract, breach of fiduciary duty, intentional age discrimination and retaliation in violation of federal laws.

The myriad complexities that comprise reinsurance lines often make it difficult to conduct business via the Web, industry observers say. However, buying and selling reinsurance offline is plagued by its own deficiencies- notably excess paper processing and other accountability issues surrounding the process.Providers of independent Web-based reinsurance exchanges believe they have a more efficient process of exchanging risk globally.

Although asset management is a relatively new focus for carriers, they're on a steady course for targeting affluent customers with a wave of products and services.As the U.S. economy caught wind during the past decade, more consumers joined the ranks of the affluent population. Recognizing this socioeconomic shift, insurance carriers began steering their business strategies toward asset management services.

Following in the footsteps of the American Bankers Asso-ciation Insurance Association (ABAIA), which proposed an optional federal charter for insurers, Washington, D.C.-based American Council of Life Insurers (ACLI) has released its own draft proposal-this one geared to the life insurance industry.The draft-which was assembled by about 30 working groups involving more than 200 ACLI member companies-calls for the creation of the National Insurer Act, the National Insurer Solvency Act and an Office of National Insurers in the Department of the Treasury.

On November 13, 1999-the day after the passage of The Financial Services Modernization Act-insurance companies formed steering committees, project teams and task groups to determine what work needed to be done to comply with Title V of the Gramm-Leach-Bliley (GLB) legislation. Title V requires financial services institutions to establish privacy policies and deliver notices by July 1, 2001 to their customers informing them of how the company uses and shares nonpublic personal information. If a company shares that information with nonaffiliated third parties for marketing purposes, customers must be able to "opt-out" of such sharing. Thereafter, companies must distribute an annual privacy notice to their customers.

As the July 1 deadline nears, insurers have developed and begun to distribute their privacy policies to customers, but most companies in general haven't thought about privacy as a component of customer relationship management (CRM), industry observers say."No one is looking at privacy from the perspective of how can we establish a value proposition in which the customers will say, 'yes, please share my information,'" says Peter Reid, privacy director at Fiderus, a Research Triangle, N.C.-based security and privacy consulting firm. Privacy can be good for business-as opposed to something that is being legislated, he says.

After several years of sitting on the sidelines, insurance carriers are now getting up to speed in selling products over the Internet. However, dealing with the state-based regulatory system, which requires carriers to jump through multiple hoops to engage in e-commerce on a national basis, threatens to slow their efforts to a crawl.

The insurance industry was one of the last to open its private gates to the Internet. Apprehension about exposing confidential customer information and other proprietary data to the outside world prevented insurance companies from jumping too quickly on the e-business bandwagon.

The financial success or failure of a property & casualty carrier largely depends on the company's ability to manage risk. Based on sophisticated actuarial models, carriers can formulate a risk model for virtually every type of physical risk exposure, and through these assumptions decide whether the risk is worth bearing.

Three years ago, when Jim Klotz became senior vice president and CIO of The PMA Insurance Group, the carrier's IT assets were purchased and managed in a decentralized environment. Consequently, some of the company's PCs were nearly 10 years old, seven or eight versions of operating systems were installed across the company, and technology assets were accounted for manually.