Closing the deal: Insurance contracts and eSignatures
Here's what insurance brokers need to know about data privacy, cyberthreats and electronic signatures.
The insurance industry saw an unprecedented rise in the adoption of digitized contracts and eSignatures due to COVID-19 and its aftereffects.
A survey of insurance CEOs by KPMG revealed that 85% of executives said COVID-19 accelerated the digitization of their operations, and 78% said it significantly sped up the creation of a seamless digital customer experience.
The digital transformation taking place within the insurance industry is a symptom of a larger societal shift surrounding consumer behavior. Best-in-class virtual services are now something customers have come to expect, and companies across the board are automating business practices out of necessity.
According to an analysis done by Salesforce of more than 15,000 global consumers, nearly 9 in 10 consumers say they expect companies to accelerate their digital initiatives moving forward.
As our world becomes ever more connected, it is great to see insurance brokers and providers improve their digital capabilities. However, as the insurance industry leans into digitizing contracts and automating administrative tasks, they must ensure they are keeping their sensitive client data secure against cyberthreats.
With October being Cybersecurity Awareness Month, now is the perfect time for brokers and providers to brush up on data privacy best practices. This article will cover data privacy standards such as SOC 2 compliance in regards to digital contracts and how to choose the right eSignature partner that will protect them against cyber breaches.
What is SOC 2 compliance?
While signing, scanning and emailing a contract may seem like the fastest way to finalize an agreement, this method can leave insurance companies incredibly vulnerable to cyberattacks, including data theft, extortion and malware installation. Email is not usually encrypted, and if even one agent’s computer is hacked, hundreds of contracts with sensitive client information can be left exposed.
That is where being aware of SOC 2 compliance can help insurance executives make informed decisions about their vendors handling contracts online.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is specifically designed for service providers storing customer data in the cloud. Achieving SOC 2 compliance involves an extensive, third-party audit of an organization’s security, confidentiality, availability, processing integrity and/or privacy controls, based on their assurance of compliance with AICPA’s Trust Services Criteria. Essentially, for insurance companies, it ensures client data will not be put in a compromising position when using eSignatures to complete contracts.
Only certain eSignature providers like SignEasy have achieved this critical compliance standard, and these providers are now urging insurance industry leaders to learn more about SOC 2 compliance to prove their customer data is secure.
Choosing the right eSignature partner
Insurance companies are facing an uphill battle against cyberattacks, but partnering with the right eSignature company is a surefire way to protect customer data. Here are a few tips on how to choose the right eSignature partner that can protect sensitive client information.
Privacy and legal standards
When researching eSignature solutions, make sure the provider has cybersecurity tools built directly into their platform. This includes data encryption features, two-factor authentication options, and compliance with local and federal regulations.
Data protection
One thing to look for in an eSignature partner is 256-bit SSL encryption, one of the highest levels of end-to-end data encryption and the standard security level for banks and financial institutions.
For extra protection, check if the provider has achieved security certifications like the aforementioned SOC 2 compliance, which is proof that their solution meets the highest standard for cloud security and data protection.
Leverage two-factor authentication
Insurance companies should also utilize two-factor authentication for an added layer of security. The authentication procedure ensures that a document is being sent to the correct party for signature and that only the correct party may open, view and sign it using the eSignature platform.
Multifactor authentication works by including the recipient’s mobile phone number in a signature request. When the recipient goes to open and sign the document, a code is sent to that mobile number, which will then be entered to open the document.
Legal compliance
On the legal front, all eSignature solutions in the United States should comply with the Electronic Signatures in Global and National Commerce Act (ESIGN) and Uniform Electronic Transactions Act (UETA) as well as any state-specific rules. Electronic signature providers should offer a holistic audit trail, including signer email address, device IP, document fingerprint and timestamp. These can be presented as legal evidence if necessary.
Increases workflow productivity
In addition to eliminating paper trails, eSignature software has the power to increase productivity and efficiency both for brokers and customers.
As most users will want to view, read and sign agreements on the go, it’s important to choose an eSignature partner that is fast and compatible across devices. Signing a digital document should take no more than 10 seconds, and should be accessible via desktops, smartphones and tablets.
The solution insurance companies choose should also allow users to automate getting documents signed in a specific order, send reminders to signers, and track the progress of agreements.
Compatible with multiple applications
Common agreement formats that need to be recognizable by an eSignature solution are PDF, MS-Office, Open-Office, Text, HTML, RTF, CSV, images and Apple Pages format. They should also contain an option to allow users to import and manage old paper contracts online. Some eSignature solutions will even sync with workflows like Google Workspace (Gmail, Google Docs, Google Calendar, etc.), Outlook and Microsoft Teams to enable digital signatures from a variety of applications.
While eSignatures were certainly prevalent before COVID-19, the pandemic dramatically increased their adoption and usage in the insurance industry. Now that digital signatures are here to stay for the long term, it’s imperative that companies remain vigilant in protecting their clients’ sensitive data by partnering with the right eSignature provider.
Kyle Flowers is SignEasy’s COO in charge of the company’s revenue and customer acquisition areas with some additional administrative and operational purviews. He is a growth-focus SaaS executive with extensive start-up experience having co-founded, grown and completed the successful exit of Invoice2Go, where he also led revenue and customer acquisition teams as its COO.
Opinions expressed here are the author’s own.
Related: