Tech, Processes, and a Plan
Bill Tidwell | August 27, 2021
Over the past two decades, technology used to create and distribute insurance documents has continued to expand with new features and capabilities. While security has always been a priority, it typically was implemented with a “fortress mentality,” which meant we hardened the network perimeter and counted on the systems that were being implemented to also provide the protection our business documents required. We believed that our customers’ information was safe inside the firewall.
After reading story after story of large companies having data breaches, it is now apparent that current practices are ineffective in preventing them. Target had as many as 70 million credit card and debit card accounts stolen. Equifax was in the news due to a data breach that impacted the personal information of approximately 147 million users. Then, in one of the biggest data breaches ever, a hacker broke into a Capital One server and gained access to more than 100 million customer accounts and credit card applications. Suddenly, the architecture that we counted on for protecting our data proved to be insufficient and data security—the processes and technologies used to safeguard data—has risen to the top of every company’s concerns.
In every insurance organization, there is plethora of customer data that can fall into the hands of cyber-thieves, making securing data is an ongoing challenge. Because hackers have become more sophisticated, it is even more important to continually ensure security policies are up-to-date and effective. Nothing is more important than protecting the security of your customers’ sensitive data.
With new compliance laws continuing to appear, and the penalties for not following them increasingly more expensive, every organization is looking for ways to decrease the risk associated with the safeguarding of confidential data. However, all the planning in the world won’t prevent a data breach if your information systems are unprotected. As a result, there is a critical need to invest in the right technology and processes to address security concerns and close any security gaps.
What to look for in technology
While many technologies only protect static data, assessing what to look for in a security platform starts with confirming the platform you choose offers the type of protection technology that travels with the file, keeping data encrypted at all times. This can ensure true closed-loop protection from file receipt to output. The protected data should be able to be accessed by your critical business applications in real-time with minimal performance degradation, allowing you to keep sensitive data protected at all times.
The audit and reporting capabilities of the security technology you select are critical and will be reviewed by outside auditors when you go through compliance certification. Often your customers will require you to provide reporting proving you can control and log all access to their data. You will want to be sure your chosen technology provides this information. If the technology allows you to embed policy in the data, this will add even more protection as the data in essence becomes a partner in its protection and can enforce rules like expiration date, location for opening requirements.
With today’s mobile technology, policyholders expect quick access to their documents with one click. On the flip side, insurers must meet stringent security and compliance restrictions that have held them back from being able to send secure customer communications electronically. In many industries like insurance, financial services or healthcare, data-sensitive customer communications are difficult to send electronically via an attachment due to stringent compliance regulations. However, having the ability to seamlessly deliver these types of communications via multiple delivery channels is no longer a “nice to have”; it has become an expectation from your customers.
New on the market are security solutions for insurers who grapple with how to electronically distribute these sensitive documents that have regulatory requirements with the convenience policyholders are demanding. These platforms take traditional security measures a step further by offering not only protection that travels with the data at all times, but also the ability to makes secure email or SMS delivery capabilities possible by adhering to the stringent requirements of specific regulations for document security. Meeting the convenience of opening an actual attachment securely, makes it possible to send documents, such as insurance cancellations or FNOL, without links, then track every access point and attempted access.
Any security-based software you are evaluating should also offer both proof of delivery to the intended recipient and a built-in comprehensive audit trail that includes immediate shredding on unauthorized attempts.
After technology, what’s next?
After evaluating what is the right security software for your needs, another important step is to assess where your gaps are and what you need to do about them. Once you diagnose the potential vulnerabilities in your processes, you can then develop a formal risk mitigation plan to address identified areas for improvement. Here are three to consider:
- Disaster recovery and emergency preparedness
We know that ransomware is here to stay, and it is a growing threat. According to BlackFog, a global cybersecurity company, damages from cybercrime are expected to hit $6 trillion this year (up from $3 trillion in 2015) and the number of ransomware attacks is expected to increase and newer forms to become more sophisticated and disruptive. We only have to think of the most recent attack was on the world’s largest meat processing company forced to shut down production at several global sites to know that every business needs a risk mitigation plan that includes recovery options for when (not if) this happens. An incident response plan should identify the chain of command and contact information for team members, as well as procedures for responding to different levels of data breaches and to whom they should be communicated. Most importantly, it is your online system that will most likely be affected by ransomware; it is critical to have an offline backup of information that is not accessible via a network, thus allowing you to restore normal business operations when a ransomware attack happens.
- The compliance regulations important to customers
Regulations such as HIPAA, PCI, FISMA and SSA16 address an industry’s unique privacy requirements for the type of data they maintain. It is important that your risk mitigation plan includes specifics for handling these regulations. Enterprises and third-party service providers can pursue certifications that ensure a security program functions at an optimal level; most security certifications require that companies implement risk management and other security controls as part of the assessment process. Companies that store credit card information on their processing systems, for example, should maintain PCI certification overseen by the Payment Card Industry Security Standards Council (PCI SSC) as it requires businesses to maintain seven critical security controls. HITRUST certification is another option for businesses that handle protected health information, giving customers the added assurance that your business is able to address rigorous HIPAA standards.
While you can’t monitor every touchpoint, it is important to put safeguards in place that reduce workflow steps in order to limit interaction with the data. The features of the technologywritten about earlier makes it possible for data to be embedded into the file and remain encrypted while being processed throughout the entire workflow. Again, your system should integrate closed-loop protection with multi-factor authentication controls from file receipt to output management that will protect the data at the production level and reduce the opportunity for human error. Proper malware detection and protection software, as well as 24/7 network monitoring, will also help ensure data is protected at all times.
As data needs continue to grow, the demand for high-quality data protection from your software to your processes expands. Meeting today’s critical need for data protection requires having the right solutions, processes and plans in place for safely communicating with policyholders in a business environment where cybersecurity incidents and data breaches are on the rise. Hence, it is important to source and implement the most up-to-date data security solutions to mitigate the risk of these frightening cyber breaches and to continually monitor and improve your systems and security processes, identifying and closing any gaps. Another benefit of having strong these security initiatives in place is that it demonstrates to your customers that protecting their data is a top priority, which can be a deciding factor for them when doing business with your company.
- Electronic Chat with Sanjeev Kumar Chaudhry, Founder and CEO, Gigaforce
- Electronic Chat with Sylvester Mathis, Chief Insurance Officer, Insurity
- Inside the ITA: Meet the Board
- Digital Drip: New Lease on Life
- Transformation Corner: Core System Transformation
- Big Fix: Closing the Data Divide
- Tech, Processes, and a Plan
- Core Systems: Out with the Old?
- 5 Things to Consider When Modernizing a Surety System
- Four Benefits of Integrating Mobile Crash Detection and Accident Management
- Everybody Loves Gelato
- Electronic Chat with Jennifer Smith, VP of L&A Product Strategy, Sapiens North America
- Now Accepting Nominations for "Pick of the Litter" Issue
- “New Normal” Requires an Insurance Analytics Evolution
- Accuracy: Are Data Providers Pulling the Wool Over Your Eyes?
- Agents Send More Business to Insurers with Better Tech, Celent Finds
- Electronic Chat with B2Z Insurance
- Still Standing, Still Learning, and Still at Home
- ITA Pro Magazine, May/June 2021
- Electronic Chat with Chris Ewing, Founder and CEO, One Inc
- Electronic Chat with Sharmila Ray, Head of Carrier Strategy, Solutions and Go-To-Market, Vertafore
- Electronic Chat with Alex Devoto, Founder, LVLFi
- Prince Charles, Lloyd's Launch Sustainability Insurance Task Force
- UFCIC Becomes First U.S. Insurer to Accept Cryptocurrency for Premium Payments
- Electronic Chat with Ty Harris, Co-Founder, Openly Insurance
- The Insurance Industry’s Reliance on Friction: A Good Strategy?
- Loss Control, Premium Audit Systems Critical to Customer Experience, Celent Finds
- What's AI-Right and AI-Wrong?
- The Drive for Digital
- Electronic Chat with Candice Smith, Founder and CEO, Caregiven
- Electronic Chat with Nestor Hugo Solari, Founder/CEO, Sigo
- The Giant Hole in Actuarial Models
- Electronic Chat with Trent Cooksley, COO and Co-Founder, Cowbell Cyber
- The ITA Pro March/April 2021 issue is here!
- Purchasing and Innovation: Friends or Enemies?
- COVID Drives More Reliance on Risk Management Systems, New Study Finds
- Electronic Chat with Robert Clark, CEO, Cloverleaf Analytics
- Solving Customer Communications Challenges with Hybrid Mail
- Six Trends Shaping Digital Insurance Tech Strategies in 2021
- Billing a Key Component of Customer Service, Celent Finds
- Why Data Science Fails
- Electronic Chat with Andrew Jernigan, CEO, and Allen Koski, President and Chief Innovation Officer, Insured Nomads
- Electronic Chat with Allison Martin, CEO and Founder, UDoTest
- Are Carriers Ready for the Coming Crash?
- Electronic Chat with Christopher Moore, Director for North American Sales Engineering and Solutions, Trifacta
- Next Insurance Partners with Amazon Business Prime to Provide Small Businesses with Affordable Digital Insurance Options
- An AI Walks Into an Electronics Store...
- InsurTech NY Announces Global Early-Stage Competition Winners
- World’s Worst County/Western Insurtech Song
- Electronic Chat with Anne-Laure Klein, COO, Akur8
- COVID-19 One Year Later: The Digital Transformation of Insurance
- Electronic Chat with Michael Kassing, CEO/CVO, insured.io
- BrokerTech Ventures Announces 2021 Cohort Class for Accelerator
- An Entirely Preventable Disaster
- Flipping the Fraud Triangle
- The January/February ITA Pro Magazine is here!
- Credit Risk, ESG, Cybersecurity Top Risk Concerns for Financial Institutions, Deloitte Finds
- Electronic Chat with Ellen Moser, Senior Client Executive, Origami Risk LLC
- The Answer to “So What?”
- Leaders Rise from a Year Like No Other!
- Electronic Chat with Jonathan Roomer, Co-Founder, YuLife
- Getting Creative to Hit COVID Curveballs Out of the Park
- Electronic Chat with Eugenio Gonzalez, Plug and Play
- New Report Projects Global Insurtech to Grow by $21 Billion During 2020-2024
- The 2020 Virtual Event Wasteland
- Insurtechs, Investors Optimistic About Post-COVID Future, New DIA/McKinsey Study Finds
- Finding Grandmas
- No Code / Low Code: The New “Shortest Route” In Insurance Delivery
- Are You Addicted to Copy-and-Paste?
- Electronic Chat with Nino Tarantino, CEO- Americas, Insurance and Mobility Solutions (IMS)
- Driving Life Insurance:Tech Alone Won’t Solve Business Problems
- Electronic Chat with Robin Roberson, Managing Director, North America, Claim Central Consolidated
- How Do You Make It Happen?
- Electronic Chat with Jason Liu, CEO, Zywave
- New Partnership Models Take Program Business to the Next Level
- New Study Finds Less than Half of Consumers Trust Insurers to Respond to Their Needs
- Electronic Chat with Andrew Mauritzen, CFO and Head of Insurance Industry, Exactuals
- You Want Us To Do WHAT For Free?
- Electronic Chat with Evgeny Aleksandrov, Co-founder and CEO, Pilotbird
- Electronic Chat with Chris Cheatham, CEO, RiskGenius
- New MIT Sloan Study Finds Few Companies Gain Big Benefits from AI
- The September/October ITA Pro magazine is here!
- “Being Right” is Just the Start of the Battle
- Electronic Chat with Amit Ranjan, Executive VP and CAO, Xceedance
- Planning for Your Business and Tech Future: Strategies, Plans and Budgets for Rapid Transformation
- Electronic Chat with Jimmy Padia, Founder and CEO, Floatbot
- Gelato with Dots and Sprinkles
- COVID-19 and the Insurtech “Junk Drawer”
- Even “Change” is Different Now. Your Strategic Planning Needs to Be Too.
- The Road Ahead for P&C Insurers: How to Understand Customers Better and Navigate the Post-COVID Insurance Market
- Electronic Chat with Jake Tamarkin, Co-founder and CEO, Everyday Life
- Strategic Planning in the “New Normal” Digital Era of Insurance – Your Next Move
- Insurer Tech Investment Priorities See Major Shift in a Post-COVID World
- Plug and Play Selects 25 Insurtech Startups for Winter Batches
- Digital Transformation – A Top Strategic Priority and New Reality
- Four Steps to Successful Migration of Insurance CCM Applications
- COVID-19 Accelerates Insurance Digitalization to Meet Customer Demand: World InsurTech Report 2020
- Electronic Chat with Greg Williams, Co-Founder, President & CEO, Acrisure
- Electronic Chat with Matt Perlman, Partner, IA Capital Group
- Insurer Digitalization: Are you a Competitor or a Laggard?
- Leaders are Leading and Creating the Future of Insurance Distribution
- 3 Things You Need to Know About No-Code
- Electronic Chat with Adam Kiefer, CEO, Talage
- Underwriting in 3D: Using Data to Adapt and Improve Life Insurance Sales
- Getting Past the "Gelato Syndrome"
- Insurers Know CX/UX is Important, but Don't Agree on Execution, Study Finds
- Electronic Chat with Steve Lekas, Branch Insurance
- How AI Can Attract Millennial Talent to the Insurance Industry
- Preventing Data Breaches
- A New Boom for Life Insurance: Shifting Away from the 250-Year-Old Policy Transaction
- Electronic Chat with Ty Harris, Founder and CEO, Openly
- A Digital Wildfire Creates a Burning Platform for Digital Insurance Business Transformation
- Digitalization, COVID-19 Spurring More IT Investment in Cybersecurity
- Electronic Chat with Michael DeGusta, CEO, ClarionDoor
- U.S. Consumers Significantly Underestimate Flood Risk, New Survey Finds
- The Future of Insurance: Opportunities in Ecosystems
- Electronic Chat with Todd Greenbaum, CEO, Input 1
- Majesco to be Acquired by Thoma Bravo
- The Evolving Role of Managing General Agencies
- Electronic Chat with Char Hu
- Electronic Chat with Allan L. Egbert, Jr.
- Electronic Chat with Christopher Tramontano and Zbigniew Gawienczuk
- Data Science is Gelato
- Insurance Innovation: Alive and Kicking
- Independent Agents Divided on Digital Experience, New Survey Finds
- Electronic Chat with Michael Jones
- Electronic Chat with Paul VanderMarck
- As Auto Insurance Premiums Shrink, Insurers Need Mobility Ecosystem, New Study Finds
- Property & Casualty Insurers Raise Digital Games as COVID-19 Elevates Customer Expectations, J.D. Power Finds
- Electronic Chat with Bobbie Shrivastav
- Meet the Board: Marissa Buckley
- Big Data and Insurtech: A Carrier Perspective
- Traditional Insurers Need Open Ecosystems, Partnerships to Remain Competitive, CapGemini Report Finds
- Electronic Chat with John C. Siegman
- 4 Ways AI is Empowering Insurers During COVID-19
- 6 Big Changes to Insurance from the COVID-19 Crisis
- Electronic Chat with Christopher Ewing
- Independent Agency Staff Morale High During COVID-19, New Survey Finds
- Electronic Chat with Brad Epker
- Tapping AI to Improve Policyholder Experience
- Electronic Chat with Manisha Bhargava
- ITA Pro Magazine, March/April 2020
- COVID-19 a Game Changer for Workers’ Comp
- Electronic Chat with Steve Comer
- COVID-19 Pandemic Forces Cancellation of ITA LIVE 2020
- Leveraging Digital Resources in the Time of COVID-19
- Electronic Chat with Robert Hartwig on COVID-19 and Insurance
- Celent Study: Most Small Businesses Still Unclear on Importance of Cyber Insurance
- The January/February 2020 ITA Pro is here!
- Deloitte: New C-Suite Roles Mean More Opportunities for Women
- Electronic Chat with Pankaj Parashar
- Electronic Chat with Tara Kelly
- Electronic Chat with Chuck Wilson
- ITA, InsNerds Collaborate to Enhance ITA LIVE 2020 Content and Coverage
- How SMBs Can Compete in Digital Ecosystems in the 2020s
- 4 Ways Insurance Can Prepare for New Data Privacy Laws
- Brewer Lane Ventures Launches and Hires Insurtech Vet Martha Notaras as Managing Partner
- 2020 GIA Cohort Launches on January 14
- The November/December 2019 ITA Pro is here!
- Electronic Chat with Joshua Snead
- Electronic Chat with Wendy Aarons-Corman
- Simplifying the Move to a Third-party Print Provider
- Take a Business-Driven Approach to Continuous Improvement for Core Systems and Processes
- Electronic Chat with Ron Glozman
- Guidewire’s Data Guru Mike Byam on How Insurers are Using Internal and Third-Party Data
- Electronic Chat with Russ Bostick
- Electronic Chat with Rock Schindler
- Electronic Chat with John Siegman
- Electronic Chat with Martin Burlingame
- Insurtech Landscape 2019: Top 5 Takeaways
- Grinnell Mutual Tackles Massive Transformation -- in Stride
- A Candid Conversation with Paul Mang
- SageSure Insurance Managers Improved Competitiveness by Consolidating Payments to a Single Digital Platform
- Digital Does Matter in Insurance-- And Insurers are Missing the Mark
- The 22nd-Century Insurer: Taking a Cloud-First IT Approach
- The September/October 2019 issue of ITA PRO magazine is now available in digital format here:
- ITA Pro Magazine May/June 2019
- Spotlight on the 2019 IASA Conference
- ValueMomentum Selects Erie as Site of Regional Development Center
- Capgemini and Majesco Become Alliance Partners
- Electronic Chat with Dr. Dan Shoham
- Electronic Chat with Todd Greenbaum
- Martha Notaras: The “Outsider” with an Amazing Inside View
- Electronic Chat with Larissa Tosch
- Martha Notaras Will Join ITA LIVE 2019 as a Keynote Speaker
- Five Things to Consider When Evaluating Your Cyber Risk
- ITA Pro Magazine, January/February 2019
- Synergy Between Insurers' IT and Analytics Teams Key to Operationalizing Insights, Says Novarica
- Major Ransomware Attack Could Hit U.S. with $89B In Economic Damages
- ITA Announces 1st of Three Keynote Speakers at ITA LIVE 2019
- Electronic Chat with Jeroen Morrenhof
- Legacy Systems Are Dead. Really? Don't Count On It.
- Now Accepting Nominations for the 2019 ITA Bridge Awards
- It's time to register for ITA LIVE!
- Registration is Now Open for ITA LIVE 2019!
- What to Expect from a Digital Experience Platform Implementation
- ITA Pro Magazine September Edition is Now Available
- It's National IT Professionals Day
- Save the Date for ITA-LIVE 2019
- OneShield Software and UrbanStat Work Together to Improve Real-Time Analytics and Risk Decision-Making
- ITA LIVE 2019 - SAVE THE DATE!
- Insurance Technology Association Announces New Editor-in-Chief
- August 2018 Edition ITA Pro Magazine is Now Available
- Enterprise Architecture in an Agile World
- Top 10 Tips for Securing Your Mobile Devices and Sensitive Client Data
- Industry Insight: 4 Global Insurance Trends in Digital, Data, Content Services and Security
- Diving Deeper into Prioritizing Your Strategic Digital investments
- Why Content Rules
- How Mass Personalization Will Open the Small Business Benefits Market
- At Year End 2017, Will Your Organization Be Protected from Cyber Risks?
- Do Insurance Bots Dream of Mitigating Risk?
- Conditioned to Respond
- Managing & Mobilizing Insurance Data in a Connected World
- Race to the Finish Line
- New Tools, New Opportunities in Claims
- ITA LIVE: Reaching Insurance Industry Crossroads
- Advice to Insurance IT Leaders: Keep Your Eye on the Ball
- New Date, Venue for ITA LIVE 2017
- Guidewire Makes Major Push to Small and Midtier Market by Acquiring ISCS
- Insurance Disruption is Happening Right Now
- Insurity Adds Strategic Investment Partner, General Atlantic
- Beyond Transformation: The Convergence of Finance, Risk, and Actuarial Functions
- The Rapid Evolution of Consumer Protection Regulation
- Talent Hunt: Finding, Attracting, Retaining Top People
- Insurers Flexing Their Distribution Models
- Technology Driving Disruption in Insurance
- Fear of ‘Next Bubble’ Challenges Life, Annuity Carriers
- Technology Allows Commercial Lines Insurers to Stand Out
- Single Sign-on Viewed as Biggest Tech Challenge for Agencies
- ISCS Observes 20th Anniversary; Scurto Predicts Major Changes Ahead
- Policyholders and Their First Impressions
- Progressive Making Progress on the UBI Front
- High and Dry: Insurers Search for Disaster Recovery Plans
- Insurers Sign The (Un)Dotted Line
- Reflections of a Retired Insurance CIO
- Mobile Device Management Just One Answer to BYOD Issue
- Lessons from GEICO and Progressive on Winning the Critical Buying Stage
- You Are a Target for a Cyber Attack
- Web-based Systems are the Next Evolution in Claims Technology
- Gaining a “Wow” Experience from Web Users
- Time to Shift from Business/IT Alignment to Business/IT Alliance
- Healthcare Insurers Changing to Consumer Model
- Organization is the Key for Selecting Software Vendors
- Analysts Expound on the Needs of the Mid-tier Insurance Market
- Finding the Cure for Obamacare’s Website
- New Software Solutions Benefit Insurers on the Inside and Outside
- Products, Market Impede Investment in Systems for Life Insurers
- Combatting Cyber Threats: Predict, Prevent, Persist
- The Future of Telematics Heads Beyond Insurance
- The Shame in Cyber Security Lapses
- Building Policy Administration Systems for the Future
- Insurers Look Into The Eyes of Their Policyholders
- It’s a New Dawn for the ITA
INSURANCE IT NEWS
- IICF Celebrates Year-round Volunteerism with 2021 Week of Giving
- Vantage Selects Majesco Billing for P&C, Policy for P&C and Digital1st
- insured.io Launches insured.io Insights
- Concierge Cyber Bolsters Expert Cyber Team
- Plug and Play's Winter 2021 Batches Feature 153 Startups To Participate in Innovation Program
- New IICF White Paper Details the Future of Inclusive Work for Insurance
- Foxquilt Announces $8M Series A Round to Provide Customized Insurance for SMBs
- bolttech Extends Series A to $210 million
The Email Chat is a regular feature of the ITA Pro magazine and website. We send a series of questions to an insurance IT leader in search of thought-provoking responses on important issues facing the insurance industry.
ITA LIVE 2020
ITA LIVE 2020 –SAVE THE DATE!
April 5th – 7th, 2020
The Diplomat Resort
Become a member today to receive updates – www.itapro.org/MR
You have surely heard it said that small businesses are the growth engine for America. Today, the phrase has a special ring to it for benefits... READ MORE
With stagnant growth and lingering low interest rates, the life insurance industry faces a challenging future... READ MORE
Finding insurance carriers willing to write commercial lines risks has always been a challenge for producers... READ MORE
As Guidewire Software prepares for the start of Connections, its 11th annual user conference that begins on Nov. 2, Brian Desmond, chief marketing... READ MORE
Successful implementation requires balancing operational and emotional issues... READ MORE
- Vendor Views