This problem created huge discovery sanctions and increased defense costs for the insurer. When a carrier wasn’t able to produce records, the court could sanction them, and by default, might find the carrier in the wrong in any given lawsuit.
But the use of advanced data management tools has allowed insurers access to more efficient ways to electronically file and record their documentation.
In 2007, the federal rules regarding e-discovery required the preservation and producing of e-mails and any other Electronically Stored Information (ESI) to be available through the litigation discovery process.
This started a snowballing challenge for the insurance industry, because stored data
Recent case laws have increased the obligation of a plaintiff or defendant to preserve documentation in pending lawsuits. These can be emails, text messages, word documents, spreadsheet reports and any data fling and maintenance software that the insurer uses.
According to a recent article in Bloomberg BNA, the issues and legal disputes around preservation of ESI have been in the spotlight for several years, and laws around this are still in the development stage.
Here, I want to discuss some best practices for the insurer to help reduce these defense costs, but first a bit of background. Most people in insurance are aware that E-discovery is the updated, automated electronic version of pulling files to support a legal claim.
This innovation has emerged as an area where many insurance organizations are examining their processes and IT systems to reduce costs and make budgeting more predictable. It can also prevent a significant portion of unexpected litigation costs.
Being able to cut costs should be a priority for insurers, but because it requires heavy investment in expensive technology, insurers are slow to take advantage of it. So carriers first need to understand their role in compliance data management.
The most recent and important compliance law enacted in the United States was the Patriot Act of 2001, which came in response to the terrorist acts of September 11, 2001. The Patriot Act allowed the government the right to force companies to provide data as an essential part of their investigations, and the data could be held indefinitely. This caused an uproar from consumers about the abuse of their privacy, and since 2005 many lawsuits have been filed against the Patriot Act, declaring it unconstitutional. To date, Congress is still trying to keep parts of the Act alive.
But since 2001, how successful have congressional reform acts been at reducing security control and corruption in how information is stored and reported? According to Westlaw: There is no single, comprehensive federal law — nor even a general one — regulating the collection and use of personal data.
So the U.S. is at the mercy of a ragtag assemblage of federal and state laws that can overlap, agree, or contradict each other.
That your agent was appointed for the state in question
A declaration page or policy in its entirety
Any emails or correspondence
Anything that was used to make a claim about a product or describe it
Applications for coverage signed by the client
DOL disclosure of commission (for FINRA)
With that roundup, it’s easy to see that once all those files are digitized, the key issue becomes storing it all and being able to access it at will.
Carriers can take steps toward better and easier handling and storage of their data, first by ceasing manual processes of current documentation handling — those grey filing cabinets we discussed at the beginning of this article.
They can do this, first, by making the investment in internal data management tools that have built in security processes. It’s a big decision but, as time has shown, the data only gets more complicated and unwieldy with time, not less, and the insurance industry is heavily reliant on up-to-date data. Most carriers first need to figure out how to store their old records, unless they’ve reached the statute of limitations and the originals can be destroyed. Many companies just store them physically, but a better approach down the line is to have all those folders scanned and thus digitized.
Next, carriers should evaluate their IT Infrastructure and solutions, and begin developing retention policies on how data will be retrieved, preserved, collected and analyzed. With new data management software, you can compartmentalize the data, with multiple ways of tracking it including by the date the contract was signed, or by the date of a claim that falls within that policy period. Carriers can set this up in any way that’s familiar and the easiest for them to track it, using a code, or alphabetical order, or by a contract or client name.
Using these data management systems, companies will need to implement appropriate data preservation and management standards, in anticipation of any possible future litigation. This will smooth and ease the process of e-discovery when it happens. And to do this, one best practice is to designate and identify the role of a staff person to lead an e-discovery team in responding to e-discovery requests. This person would then be responsible for the organization’s e-discovery infrastructure.
Some companies have failed to consider that consumers may prefer to have their data removed as soon as possible. Data retention laws and regulations require companies to retain records far in excess of what is necessary for business operations.
The reason, according to lawmakers, is to improve security. Simply explained, this allows our government to have access to records that may be used to provide law enforcement agencies with the information they need to find and convict criminals. The compliance data management industry needs to carve out a better role in finding ways to store and protect data. In a society that has grown to rely on software, this technology has provided us with a false sense of security.
So in a way, technology itself has contributed to the need for better compliance data management approaches.
Technology companies still have a long way to go in figuring out how to keep our data safe. And insurance carriers and tech companies alike need to take the necessary steps to manage data more efficiently, instead of waiting for Congress to provide the answers. Most importantly, we need the capability to balance the types of data we’re required to retain for sake of defense and cost in lawsuits, while ensuring that consumers feel some sense of security. It’s a tall order.
Gloria Camacho is Licensing and Compliance Manager at VUE Software, where she reviews regulatory mandates and advises on compliance strategies. She can be reached at firstname.lastname@example.org.