The role of automation in data security

Feb 21, 2018 | Written by Gloria Camacho

Here’s how automating can help carriers safeguard their compliance data

How can large carriers better track their compliance?

Most well-known large insurance companies have been using some form or mix of homegrown systems to track onboarding of their agents, which would require a lot of manual tracking by using Excel, Access, other apps, or different types of internal record keeping. And as the requirements multiply and become more fragmented, it’s increasingly difficult to maintain uniformity in all 51 states.

In the last five years, it’s become so cumbersome to keep using these old tracking methods that many carriers are now beginning to seek a more standardized, automated and secure way to stay on top of their compliance records.

Here, we’ll look at why automating may carry unexpected benefits.

Fragmented requirements

First, a word on the regulatory landscape. Across insurance types, there has been an increase in the complexity of the licensing and appointment processes, from the types of licenses — which are divided into different insurance lines — to the several additional approved lines of insurance a given agent might be able to sell. Each type and sub-type has its own compliance process, and must be tracked separately for each line.

Before now, if you, as an agent applied for a license, you only had to worry about the one class line you were going to sell; now that class line is split up into different classes, and within those classes, there are additional lines of authority. Each one has a separate requirement, so it’s becoming harder to track — even individual agents are finding it hard to track their own credentials and compliance needs.

On the carrier side, each of these items has its own time frame for renewals, expirations, and also possible terminations. Prior to getting a new agent appointed, a carrier has to first do their due diligence by getting fingerprints, running background checks, and checking credentials on the agent. Another aspect that needs tracking is agent identification. Some regulatory bodies no longer want to use agents’ social security numbers, opting instead for a unique identifier such as the National Producer’s Number (NPN) as required by NIPR.

You’d think that all of this data would be moving toward more uniformity, that streamlining would be taking place, but in fact the opposite is happening. Now there is a vast scope of tasks, and not enough agents who understand the workings of the system to make sense of it all. This is compounded by states thinking that if they don’t split the requirements more and more finely, they will have more improperly licensed agents and fraud.

The threat to data security

Looking at security concerns in today’s insurance industry, many people think that fraud is something that’s going to threaten your computer. In fact, it’s increasingly common for carriers to have an internal employee pull a folder or go into software that doesn’t need a password, and steal people’s vital statistics. With a black market paying anywhere from $50 to $1,000 for every name connected with social security number and date of birth, this becomes a tempting way for an employee to augment their salary. And while no software company is 100 percent immune from hacking or leaking that information, automated systems generally have many more layers of security built in, more anonymity, and ultimately fewer instances of data theft by employees.

Insurance companies have long been highly security conscious; it’s in their DNA. But in other sectors, there’s increased scrutiny around employee access to data, as well.

Until recently, hospitals wouldn’t let any of their employees take their laptops home. Insurance companies such as Progressive prohibited employees from taking a laptop from their desk to work at home, because they would have access to sensitive material at home. They didn’t want you copying or gathering information at home. I understand that there’s even been a movement to ban USB thumb drives in the workplace — laptops are being developed that don’t contain USB drives.

It’s clear that data security is only becoming more important over time, as the data itself accrues.

How can automation help?

Modern automated systems are designed to handle not only the complexities of keeping up with regulations, but provide extra layers of security that makes these “inside jobs” a much less common occurrence. Many carriers are looking for new software systems to ensure that if somebody inside wants to retrieve data there’s a way to block their access. More immediately, automated systems should be using a hierarchy of passwords and other forms of access control, keep agents from being able to see — or tamper with — their own records or those of other competing producers.

With the ever-expanding matrix of compliance requirements, it’s become an imperative for carriers to automate and safeguard their onboarding, appointment, and compliance data. How long will it take them to say ‘au revoir’ to their homegrown systems and embrace automation?

## End of Article ##

Original Link: