Time for insurers to be smarter about privacy
Here are four steps carriers can make to capitalize on a wider variety of data sources for their own benefit as well as the benefit of consumers.
It’s no wonder most insurers default to defensive mode whenever privacy issues are raised.
Carriers are understandably preoccupied with cybersecurity rules to protect customer data, as well as compliance with a growing number of regulations designed to give people more control over the collection and use of their personal information, such as the California law going into effect this January.
But what if insurers went on offense for a change? Might they be able to engage more proactively, constructively, and transparently with customers on this touchy subject? Can they make better use of all the new data at their disposal for the mutual benefit of providers and consumers, without running afoul of regulations or offending the sensibilities of policyholders?
Inevitably, insurers will need to address more complex issues being raised by emerging data tools and techniques. One option is to treat personal information as a tradable asset that consumers can knowingly and willingly exchange for something of value. Such an approach could make privacy management a competitive differentiator — an opportunity rather than just a threat.
To start, insurers should be evaluating a multitude of privacy issues beyond protection of traditional identifiers, such as Social Security number or date of birth. As suggested in a recent Deloitte research report, which I co-authored with my colleagues Val Srinivas and Tiffany Ramsey, there are at least seven additional types of privacy concerns for insurers and other financial services companies to account for, from behavior and actions to thoughts and feelings. (See figure 1 above.)
As insurers determine how to optimize new data sources and tools — from virtual assistants to wearables along with monitoring of social media, and using drones — they should also consider the potential of each to encroach upon an individual’s privacy. Deloitte’s recent report, “Reimagining customer privacy for the digital age: Going beyond compliance in financial services,” provides a snapshot of the level of customer concern eight such tools might raise for each of the privacy types we cite above.
For example, an insurer monitoring a wearable sensor in a watch to check a customer’s fitness with their knowledge and permission is less likely to meet resistance than surreptitiously monitoring their hangouts and behavior via social media posts.
Privacy concerns often involve context and the “creepiness factor” of data collection. A customer’s comfort level will likely depend on specific scenarios. A drone monitoring a contractor’s jobsite to check for unsafe conditions or activities on behalf of a construction company’s workers’ compensation carrier may be acceptable to employees, but the same technology checking up on injured claimants at home in their backyard is likely to provoke a very different reaction.
Awareness and knowledgeable consent are two prime factors in privacy adaptation, along with value added incentives. With usage-based auto insurance, for example, policyholders allow their vehicles to be monitored because premium discounts are offered for signing up and demonstrating good driving habits.
The same goes for those opting for accelerated life insurance underwriting. Carriers offer to access data from medical information bureaus, prescription databases, and other alternative sources to underwrite an applicant, instead of having buyers go through invasive body fluid tests and physical examinations to get a policy.
What should insurers be doing to avoid privacy conflicts?
Carriers should consider the following steps to make use of a wider variety of data sources and tools with the knowledge and cooperation of consumers, to their mutual benefit.
- Go beyond standard disclosure statements. Greater transparency and clearer explanations about how data will be used shows good faith and can avoid misunderstandings or hard feelings.
- Offer added value in return for more data. What’s in it for the consumer? Make the value proposition crystal clear.
- Improve data quality control. Make sure the alternative data being used is up to date, accurate, and relevant, especially information purchased from third party providers, so consumers can be confident they are being judged fairly and have a chance to set the record straight in case of disputes.
- Empower chief privacy officers to get involved beyond compliance issues. Such expertise could prove invaluable when considering the privacy implications of alternative data-driven marketing, underwriting, and claims initiatives.
Insurers also shouldn’t assume most consumers will automatically resist attempts to access their data for commercial purposes, or that the less they know about what insurers are collecting about them or doing with such information, the better. Insurers may in fact be able to influence consumers about data sharing by being totally up front with them about what they want to collect and why, explaining how the data will be used, and offering clear value in return.
All the new ways to collect information and analyze the alternative data being produced has created various challenges for insurers, but regulation is only half the story. The bigger goal is how to go beyond a “check the box” compliance mentality and seize the opportunity to utilize new data streams for the common good while achieving a competitive advantage.
For more information, see our full report in Deloitte Insights. You may also listen to our archived webcast, “Getting smarter about data privacy.”
Former National Underwriter Editor in Chief Sam J. Friedman (samfriedman@deloitte.com) is now the insurance research leader with Deloitte’s Center for Financial Services in New York. These opinions are his own.
This piece is published here with permission from Deloitte. Follow Sam on Twitter at @SamOnInsurance, as well as on LinkedIn. See www.deloitte.com/about to learn more about our global network of member firms.
See also: