Today's regulatory compliance environment places special demands on insurance company IT organizations. Insurance & Technology spoke this week with Dennis Callahan, executive vice president and CIO of Guardian Life Insurance Co. of America (New York, $34.1 billion in assets), about how his company is addressing those demands.
I&T: New and expanded regulatory requirements are driving insurance CIOs to take a new look at their approaches to storage and document management. What are some of the measures and applications Guardian has implemented to manage the lifecycle of documents?
Callahan: We are in the process of reviewing our records-retention schedules and updating our management and control plans for identified documents. We are collaborating with our office of corporate security, legal, IT and senior business management to ensure that proper protections and access rights are followed. In addition, we are investigating methods to control content while properly implementing productive re-use.
Guardian has implemented an enterprise content management system (ECMS) as part of our Guardian Enterprise Architecture. The ECMS allows the IT division to deploy applications based on the architecture that have access to a central repository of our documents. Through the ECMS, the business units have direct access to and control of their documents, so that the content expert within the business is maintaining a single source of this content for the entire enterprise. This reduces errors and improves efficiency of the organization, since old, inaccurate versions of content are no longer persisted through application "islands." In this way we allow the business users to leverage customizable workflows to match their business processes and provide versioning, cataloging, indexing and business continuity/disaster recovery services for their critical documents.
I&T: How is Guardian working to maximize availability of content while maintaining appropriate standards of security and privacy?
Callahan: Based on the regulatory requirements, we are reviewing standards and controls to ensure that security and privacy issues are addressed. We are investigating technology tools and implementing security processes in cooperation with the chief security officer and the compliance committee to ensure that we are properly meeting those requirements.
I&T: How is Guardian coping with the explosion of content in new media such as e-mail and online (Internet and intranet) communications internally and with its business partners and end-customers?
Callahan: We are in the process of implementing a solution from [Reston, Va.-based] iLumin called Assentor. We believe this solution will not only address regulatory compliance with SEC/NASD rules, but also automate compliance with our internal record-retention policy, improve our ability to retrieve and search communications, and reduce the storage requirements on our mail servers. We are looking to this solution to improve efficiency and streamline the process of supervising communications to ensure appropriate levels of governance and better serve our customers.
I&T: The kind of content handling demanded by today's regulatory environment can be an economic burden to companies forced to implement solutions. But isn't it also an opportunity for those companies to improve workflow and foster a more rigorous, ongoing culture of compliance, among other benefits?
Callahan: Through our solutions we expect to streamline our compliance workflow and hopefully reduce the burden of manual oversight. We are incorporating the opportunities to address improved workflows that add productivity. We believe that as these improvements are implemented, Guardian will benefit competitively.
Anthony O'Donnell has covered technology in the insurance industry since 2000, when he joined the editorial staff of Insurance & Technology. As an editor and reporter for I&T and the InformationWeek Financial Services of TechWeb he has written on all areas of information ... View Full Bio