Insurance & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Data & Analytics

09:49 AM
Connect Directly


Insurance policyholders and consumers of financial services in general have certain expectations with regard to the management of their personal data.

By Deborah Smallwood, TowerGroup

Even before the tragic events of September 11, 2001, various organizations and governments around the globe were working to provide consumers with increased levels of protection and privacy for their personal records. These efforts were necessitated by the changing times -- globalization, advances in information technology, and the ongoing convergence of the financial services industry all seemed to encroach upon the sanctity of personal information.

In response, governments worked with industry associations to develop and enact legislation, rules and regulation in support of the rights and expectations of consumers. The terrorist attacks on the US opened another chapter in the regulation of financial information that will further influence consumers and their perception of the custodians of their personal data. Revelations of dubious accounting and outright wrongdoing at the height of the "technology bubble" by some of the largest corporations in this country affected thousands of Americans and caused additional regulatory responses.

Geopolitical events, consumer sentiment, and the modernization of existing rules are the primary drivers of regulatory change. Even as they struggle to comply with the onslaught of new regulations, providers of financial services need to acknowledge and carefully manage the effect of compliance on consumers. Insurance policyholders and consumers of financial services in general have certain expectations with regard to the management of their personal data. They expect protection of such data from theft and misuse, the maintenance of its privacy during transmission between business partners, and that the financial institutions themselves can be trusted to work within ethical and legal frameworks.

Several new laws are now in place in response to pressure from the financial services industry and consumer watchdogs. A significant portion of these laws and the regulations they engender focus on providing consumers with increased privacy, protection, and trusted information. Below is a basic categorization of some of the new laws:

* Privacy -- Financial Modernization Act of 1999 (Gramm-Leach-Bliley) and Health Insurance Portability and Accountability Act of 1996 (HIPAA).

* Protection -- USA PATRIOT Act of 2001 and Terrorism Risk Insurance Act of 2002.

* Trust -- Sarbanes-Oxley Act of 2002.

These laws directly impact the financial services industry and have implications for publicly traded companies (Sarbanes-Oxley Act), as well. The effect of these pieces of legislation on the insurance industry varies. It is imperative, however, that carriers embrace the modern touchstones of privacy, protection, and trust as they prepare for competition in today's financial services marketplace.

For example, HIPAA currently affects only "covered entities" such as health plans, healthcare providers, and healthcare information clearing houses. The medical aspects of property and casualty and life and annuity company activity are currently excepted from HIPAA compliance. It is likely only a matter of time before there are new laws providing additional privacy rights to policyholders. Today, insurance policies and claims capture, process, and store health-related data that may eventually be included in HIPAA regulations.

The insurance industry is mature and well-positioned with established processes, years of sound business practices, and a great track record on compliance. Compliance cannot be viewed simply as part of doing business, but as a way to differentiate insurers against their competition. Carriers should embrace the new regulatory trends, and integrate privacy, protection, and trust concepts at the enterprise and operational levels. Reacting to these new laws before implementation is just one way a carrier can position for the future. Providing a strong and consistent message to the customer about embracing these changes can provide carriers with a competitive advantage.

At this year's Customer Service Leadership Forum (Weds., April 2, The Roosevelt Hotel, NYC) you can learn more about the changing trends of the regulatory environment and leveraging it for a competitive advantage. During the session "The Legal & Regulatory Side of the Customer Service" we will explore the following topics: customer expectations; the new regulatory drivers; balancing customer service, compliance, and the bottom line; and a game plan to seize the opportunity. To register and receive a special newsletter subscriber rate, go to -- use source code RD22.

Deborah Smallwood is insurance practice leader at TowerGroup (Needham, MA), which provides a comprehensive range of research and advisory services focused on the financial services industry, bringing some of the world's largest financial services, technology, and consulting firms a deeper understanding of the business and technology issues impacting them. Visit TowerGroup online at

Register for Insurance & Technology Newsletters