• NEWS
  • Topics
  • May 2008
  • April 2008
  • March 2008
  • More
• EVENTS
  • Upcoming Live Events
  • Upcoming Web Events
  • Recent Events
  • On-Demand Web Events
• TOOLS
  • Buyer's Guides
  • Videos
  • Podcasts
  • Blog
  • Back Issues
• CAREERS
• RESOURCE CENTERS
  • Outsourcing
  • Policy Administration
  • CIO Strategy Center

Insurance & Technology: The Blog

« February 2008 | Main | April 2008 »

March 25, 2008

Cultivating Innovation

As I've worked on an upcoming issue of Insurance & Technology, I've found myself in conversations with several insurance carrier sources based within their respective organizations' innovation areas, such as The Hartford's innovation lab director John Anthony and Humana's director of integrated consumer experience, Greg Matthews.

In the case of The Hartford, I was able to visit the actual lab -- located on the carrier's Hartford, Conn. Campus -- and sit down with, among others, Anthony and P&C division CIO Gary Plotkin, who in his past role as CTO, teamed with Anthony to create the lab three years ago.

Innovation groups, to me, are almost as interesting from a cultural and organizational standpoint as they are from a, you know, innovative standpoint. As Plotkin told me recently, IT employees are traditionally engineers. "We tend to think about delivery dates and scope," he said. "Working in a lab environment requires more of a scientist-type model."

In other words, if IT professionals are working within an innovation group, they'd be well served to change the way they view success and failure.

Plotkin remembers when the lab just got off the ground. "Things would fail and we'd try to introspectively figure out why they failed. Well, the answer is [because] less than 20 percent in a standard lab actually succeeds," Plotkin explains. "We needed to change our paradigm, because it is a bit anomalous to the standard IT individual."

Of course, while the rest of an organization must adapt to the kind of expectations necessary to cultivate innovation, it's still important that such groups produce results. That's something that can be facilitated, Anthony says, by securing business sponsorship early in the idea process and by making sure that, in the end, projects have clearly defined business objectives.

"A technology innovation lab...is probably the closest within our industry that you'll get to research and development," Anthony told me. "So, there's an additional burden to make sure that the things we're working on are recognizable by our key stakeholders -- that there's a clear line of sight between what we're doing and how that aligns to the longer term strategies, typically, of the organization."

Posted by Nathan Conz at 04:37 PM | Comments

Good Enough for Government Work: Another PHI Security Breach

One hopes that no insurers are without the password and encryption safeguards to protect personal health information (PHI). The government's HIPAA security guidance requires that PHI be protected, but the government has failed its own standard once again, this time by the actions or negligence of an employee of the National Institutes of Health.

The breach, involving medical information of 2,500 individuals, was caused when a laptop was lifted from the trunk of an NIH employee named Andrew Arai, who was dropping his daughter off at a swim meet. The trunk was locked, but the sensitive information contained in the laptop was not. As the Washington Post reports, "An initial effort by information technology personnel failed to encrypt the laptop before it was stolen and Arai neglected to follow up, according to NHLBI spokeswoman Susan Dambrauskas."

In this case the sheer number of records lost didn't rival the notorious loss of confidential information associated with the 2006 loss of a Department of Veterans Affairs laptop (or the much more recent security breach associated with Hannaford Bros. supermarket chain) but there is special embarrassment in the breach occurring on the watch of an organization that falls within the Department of Health and Human Services, which promulgated and polices HIPAA rules.

Apart from that dubious distinction, the NIH is much like other government operations, according to a GAO inquiry:

The incident is the latest in a number of failures by government employees to properly secure personal information. This month, the Government Accountability Office found that at least 19 of 24 agencies reviewed had experienced at least one breach that could expose people's personal information to identity theft.

Posted by Anthony O'Donnell at 03:47 PM | Comments

Has the IT Budget Worm Turned?

As recently as I&T's December issue Financial Services Outlook, in which we reported the survey responses of 140-odd financial services CIOs, it appeared that the days of bountiful budgets might go on for some time and we might escape the scrimping and saving that characterized the industry from roughly 2001 to 2003. However, as the rotten financial news persists, we have to wonder whether, once again, the worm has turned.

We already were watching the subprime crisis closely when we published the above-named issue, leading us to remark therein that, "If the confidence of financial services firms was shaken by this year's subprime mortgage lending crisis, it certainly isn't reflected by their IT budgets for 2008." The opinions of our insurance industry respondents didn't differ greatly from those in the other financial service verticals, and in the sometimes unpredictable sector of P&C, for example, more than 70 percent reported budget increases of at least 10 percent, and 15 percent of respondents cited even larger boosts in planned spending. In the absence of any big surprises, it's hard to imagine that these figures will be replicated in the budgets for 2009.

As I've written elsewhere, some industry observers are seeing signs of retrenchment. TowerGroup's David West says he's talked to executives who are preparing to scale back. Deloitte's Rebecca Amoroso sees a slightly milder picture, where she reports "hearing more about how [carriers] are going to spend their limited funds as opposed to their lack of spending."

Whether insurance IT budget makers tend to be more bearish or bullish, it may be that, in light of both proven technological advances and improved IT governance, CEOs and CFOs are more comfortable with technology investment in the face of adversity. My conversations with the above observers and several others indicate that more insurers see the competitive importance, if not necessity, of technology and are accordingly either planning transformation efforts or planning to sustain existing ones. Carriers who have reached a comfortable technological plateau may hold back on major initiatives in the near future, but those who have already embarked on transformational projects will stretch out their deliverables rather than suspend initiatives outright, my correspondents suggest.

Posted by Anthony O'Donnell at 02:35 PM | Comments

March 18, 2008

Security as a Service

Thankfully, the latest IT security breach story to hit the news wire -- that the computer system at Hannaford Bros., a Scarborough, Maine-based supermarket chain, was hacked, resulting in the theft of 4.2 million credit and debit card numbers and about 1,800 fraud cases to date – had nothing to do with the insurance industry.

As I wrote a few months back, I think there's an opportunity for a few insurers to establish themselves as IT security leaders, and maybe leverage such a reputation to built brand awareness and increase customer loyalty. While some insurers agree with this assertion, the experts I spoke to for the story couldn't identify any insurer that had really established itself yet in this area.

However, while no one in the industry has truly set themselves apart via their own internal IT security strength, many insurers are looking at opportunities to offer security-related "value adds" to policyholders.

Case in point: the more than 100 insurers that have contracted with Identity Theft 911 to offer identity theft resolution services to policyholders. Included among those insurance carrier clients are Chubb, Amica and more recently, MetLife Auto & Home.

"It's not a security measure so to speak. It's an after-the-fact service provided to the insured should something happen," explains Ben Kaplan, director of operations, Identity Theft 911.

Essentially, the service allows victims of identity theft access to an Identity Theft 911 advocate who helps get them back on track. "It's a manual process, really, to remove the fraudulent activity off of one's credit file and dealing with the creditors that are affected by the situation," Kaplan says. "We are really a rather low-tech company, very brick and mortar."

So, in one way, perhaps insurers already are viewing security as differentiator -- just from a different point of view, where security piece-of-mind is offered to customers as an added service, rather than as a feature of company's IT operation (not that you couldn't do both).

"It's essentially a value add to their services. It has a nice fit to it," Kaplan says. "The insurance companies are out there to help their customers, that's the nature of the business. This is just an additional way that the insurance industry can assist and help the general public out there."

Posted by Nathan Conz at 04:51 PM | Comments

Commissioner Savors AIG’s Record Fines

The importance of corporate compliance and transparency, in not only the spirit and the letter of the law, but also in terms of technical visibility into company activities, was reinforced by yesterday’s announcement by the Pennsylvania Insurance Commissioner’s office that it was levying record fines against AIG.

Under the terms of a settlement reached between the carrier and the commissioner, AIG will pay $9.1 million to the state in penalties and investigative costs for financial misreporting, according to the Pennsylvania Insurance Commissioner’s office. The settlement also requires AIG to provide detailed annual reports regarding the company’s reinsurance arrangements.

The Commissioner’s office’s press release has the tone of having covered all the bases, but one imagines that there must be an infinity of possible infractions that the state could wish to anticipate and police. The communiqué also indulges in a flourish of righteousness:

In February, a former AIG executive and four former Gen Re executives were found guilty in federal court for their part in a transaction related to the financial misreporting that is the subject of the Insurance Department's actions.

Proportionate fines for misreporting a transaction is well and good; jail time is another thing. As I related last week, former AIG exec Christian Milton and three of the four Gen Re execs face possible sentences of 210 years each. Perhaps, when all is said and done the Gen Re execs and AIG’s Christian Milton will remain at liberty. That’s as it should be if, as a correspondent of mine has said, these individuals could have had no notion that what they were doing was a crime.

Posted by Anthony O'Donnell at 04:27 PM | Comments

March 11, 2008

Can Apple's iPhone Become An Enterprise Device?

The big new last week from Apple was that, suddenly, the iPhone is set to become a much more viable option for business users.

Last Thursday, Apple previewed its iPhone 2.0 software, which features support for Microsoft’s Active Sync protocol, allowing workers to sync their device with a company's Exchange e-mail, contacts and calendar programs. The software update will also feature improved security features, most notably Cisco VPN support and the ability to remotely wipe data on lost or stolen iPhones.

Over at Bank Systems & Technology, my colleague Maria Bruno-Britz wonders how the iPhone might now compete with the Blackberry for business users.

from the BS&T Blog:

The iPhone is certainly pretty, but it's also chock full of handy features in a fun, intuitive interface. I know from personal experience the differences in navigating an iPhone (in my case, an iPod Touch) versus a Blackberry (my husband's). The Blackberry certainly does what it's supposed to do, but there's just something about the iPhone interface that takes the user experience to the next level.

Indeed, few understand the intricacies of user experience better than Apple, and with this latest, business-friendly software update, the iPhone is certain to grow in popularity from an enterprise point-of-view. I am especially impressed with the remote wiping capability -- something I believe to be a key mobile security feature for insurers going forward.

And yet, I wonder -- for all of the iPhone’s wonderful features and functions -- if Apple will have trouble attracting more than just Apple enthusiasts and the most tech-savvy business users. Sometimes, it’s the simplest and most obvious things that are overlooked...

As Yahoo! Tech blogger Ben Patterson pointed out, “Of course, the iPhone still lacks a physical QWERTY keypad, which will give many enterprise users -- especially those who love cranking out messages with their thumbs -- a moment of pause.”

Posted by Nathan Conz at 04:40 PM | Comments

Spitzer Effect Boomerangs

Sophocles himself could not have presented us with a better ending for the career of Eliot Spitzer, an arrogant, vindictive man whose hubris inexorably brought his downfall.

His critics have long thought him worse than many of the victims of his ruthless tactics but few can have imagined he would end as he did, exposed as a participant in a prostitution ring. Yesterday's press conference provided the morbidly fascinating spectacle of a great pretender unmasked, a man held up as a shining exemplar exposed as just another staggeringly un-self-aware careerist having risen to his level of incompetence.

It's not surprising that Spitzer should find himself schooled by seasoned New York politicians such as New York State senate majority leader Joseph Bruno, who turned the tables when Spitzer tried to sully his reputation; or assembly speaker Sheldon Silver, who outfoxed Spitzer on the appointment of comptroller. What is surprising is that Spitzer should fall victim to the kinds of investigative techniques that he has used with such relish against others.

Caught by review of bank transactions and the interception of communications, Spitzer could said to be a victim of "The Spitzer Effect" himself. However, while the guilt of many of his victims was debatable, Spitzer's was not, whatever one thinks of his root offense. Spitzer was never one to let the privacy of his marks get in his way, so there is poetic justice in the way he was nabbed.

His career in tatters, Spitzer's brassy persona remained intact at the March 10 press conference; his "short, arrogant statement," as the New York Times put it, was replete with self-reference: "I have disappointed and failed to live up to the standards I expected of myself," he said. But the mute eloquence of his wife Silda Wall Spitzer's sorrowful expression served as a reminder of the misfortune such narcissists can cause others.

The disappointment of the New York Times' editorial writers and other erstwhile Spitzer supporters was palpable; how much greater must the sense of betrayal felt by the woman who joined her life with this man and bore his three daughters. I feel truly sorry for Mrs. Spitzer, who bore yesterday's shame with such dignity. But I feel sorrier for other victims.

For example, the four Gen Re executives and former AIG VP Chris Milton, whose prosecution was an outgrowth of Spitzer's vendetta against Hank Greenberg. Four out of five of these executives face fines of up to $46 million and prison sentences of up to 210 years at their sentencing on May 15. I don't pretend to understand finite reinsurance transactions well (and doubt the jury did) and I'm willing to be persuaded that these executives transgressed the law. However, I find the severity of the penalties they face shocking.

By all means, let us insist that the powerful actors of the financial world be held to high standards; let investors be protected and people who ruin others financially be severely punished. But let these objectives be pursued by authorities who are scrupulous in their use of power, and who are dedicated to the presumption of innocence and to proportionate justice.

Spitzer failed miserably by that standard; and while he should be treated better than he has treated others because that is what the law demands, he is due very little leniency when it comes to the discretion that the law affords. When it comes to public opinion and the press, which he used so artfully to discredit others, let him have a dose of his own medicine.

Posted by Anthony O'Donnell at 03:44 PM | Comments

March 04, 2008

Public Mistrust A Roadblock to Technology Acceptance

I promised myself that I wouldn't mention any New York Times articles in my next few blog entries -- not after mentioning the newspaper twice in recent posts -- but I couldn't help myself last week, after coming across an article headlined "Insurance Fears Lead Many to Shun DNA Tests."

According to the article, some people are avoiding DNA tests that could indicate genetic predispositions to certain health problems because they fear that it could affect their health insurance coverage – under a form of "genetic discrimination"

from the New York Times:

Such discrimination appears to be rare; even proponents of federal legislation that would outlaw it can cite few examples of it. But thousands of people accustomed to a health insurance system in which known risks carry financial penalties are drawing their own conclusions about how a genetic predisposition to disease is likely to be regarded.

As a result, the ability to more effectively prevent and treat genetic disease is faltering even as the means to identify risks people are born with are improving.

While the implications of this news has obvious implications for health insurers, I wonder if, in a way, this strange phenomenon could foreshadow what lies ahead for other parts of the insurance industry.

In late 2007, I had a conversation with Chad Hersh, a senior analyst in Celent's insurance practice. We discussed what the future of insurance technology could entail, such as increased and continued use of predictive analytics and mobile technologies. When it came time to discuss the slightly more distant future, the conversation shifted to "smart dust," which Hersh described as tiny sensors, built into a home or building, that communicate with one another to monitor things like the structural soundness of a property and communicate that info to a property owner or insurer.

The practical application of such a technology is obvious. Maybe we could anticipate bridge or building collapses. Perhaps we could identify if a given property was more susceptible to wind damage than another. In a similar way, GPS devices could monitor driving habits -- giving the general public (and, of course, underwriters) a better idea of how safe a specific driver is.

The key though, will be how the general public perceives these advances. Some will no doubt embrace these technologies and view them as an opportunity for reduced insurance rates, not to mention safer building and roads. However, I expect -- based on the distrust many in the public have for insurers -- more could view these advancements as invasions of privacy: one more way for those no-good carriers to justify a rate increase.

If this recent DNA-related news has taught us anything, it's that consumers are wary of the new technologies that insurers will use – even those that can make a direct positive impact on their overall well-being.

Posted by Nathan Conz at 05:44 PM | Comments

Social Networking and the SIU

"I don't remember giving permission for a party, Joel." That memorable line, spoken by the father of Tom Cruise's Joel Goodson character in "Risky Business," may be delivered increasingly to insurance investigators if insurers begin to hold homeowners liable for damages related to house parties advertised on social networking sites, such as Bebo.com.

U.K.-based Sterling Insurance Group made a public statement in reaction to the latest notorious example of the growing phenomenon of out-of-control house parties.

"The worrying trend of teenagers vandalising and damaging homes after house parties have been advertised on social networking sites such as Bebo, MySpace and Facebook, has led policyholders to question whether their homes are covered for similar activities," comments Sara Greenland, associate director of personal lines, Sterling Insurance Group.

The party in question was described in a Daily Mail story entitled "The teen party where 50 yobs trashed the house and even drugged the family puppy." Homeowners Robert and Julia Anscomb reported more than £5,000 worth of damage.
Mr. and Mrs. Anscomb also reported feeling "totally violated" by the extensive damage to their home resulting from what was supposed to be "a quiet sleepover with a couple of friends" of 15-year-old Gemma Johnson, Mr. Anscomb's stepdaughter, who is yet to reappear at the family home.

As to whether homeowners such as the Anscombs are covered, Sterling Insurance Group's Sara Greenland only says that most insurance policies require policyholders to demonstrate reasonable care. "Policies may be invalidated if a policyholder or family member had acted recklessly and was aware that their actions could result in theft or damage to property," she explains.

The Anscombs didn't exactly act recklessly, but policyholders in their place might be construed to have been negligent, Greenland implies. "With their being several high-profile examples of significant damage to homes caused by partygoers who had been invited through networking sites, if the policyholder was aware that their children were planning such a party, there may be grounds for the insurer arguing that they had not taken reasonable care, and the damage would not be insured," she says.

Clearly the Anscombs were unaware that young Gemma was planning "such a party," but they were aware that she was planning some kind of party. It's a stretch to hold parents responsible for being aware of their children's online invitations to parties, especially as sites may go in and out of fashion and existence. However, if privacy requirements permit, it seems like a pretty good idea for insurance companies' special investigative units to keep an eye on social networking sites such as Bebo.com via Web crawler technology that can correlate policyholder addresses to party invitations.

Posted by Anthony O'Donnell at 03:11 PM | Comments

Infrastructure Field Sales Systems Competition Document Management More >

	Face-to-Face Events: November 2-5, 2008 Insurance & Technology's 10th Annual Executive Summit Online Events: May 20, 2008 2008 Market Mandates and Rich Internet Application Trending for Online Business Banking Channels 2008 May 29, 2008 Risk Management means End-To-End Visibility and Control of Exceptions June 03, 2008 Market Trends 2008 and Rich Internet Applications: Online Channels Retirement and Benefits Service Portals June 04, 2008 Market Trends 2008 - Rich Internet Applications: Next Generation Online Financial Portals in Financial Services June 12, 2008 Quality Underwriting in a Soft Market				Subscription Cust.Serv. Staff Comments RSS News Feed Privacy Statement Reprints Media Kit 2008 Editorial Calendar