6
|
Disrupt or be disrupted
These findings raise several significant implications. For example, the frequency, extent and
high visibility of data breaches mean customers may come to demand more value for sharing
information — and insurers must consider the value proposition as much as their protocols
for protecting data. Similarly, they may seek to limit their risk exposure to data breaches or
shift that risk to other parties by choosing not to collect or maintain certain types of PII that
is available through third-party channels.
Further, new data provides an opportunity for insurers to retake the information advantage
relative to policyholders and agents, and reduces the insurer’s reliance on customer self-
reported or brokered data. Risk pools can be determined using direct streams of detailed and
granular data, meaning some broker and agent activities will no longer be needed.
Customer data security and privacy
Implications
ff
High-profile data breaches may lead
customers to demand more value for
sharing information
ff
Generic, blanket privacy policy
statements will no longer suffice
Actions
ff
Engage customers to identify what value
they will seek in exchange for their data
ff
Revisit data protection protocols and
new, emerging architectures
ff
Don’t store or maintain customer data
that is readily available
ff
Acquire and internalize data not
replicable externally
ff
Turn to external parties to maintain
certain types of PII
ff
Consider engaging regulators and
industry peers in developing robust or
auditable “generally accepted privacy
principles”