Data—specifically customer information—is the very lifeblood of the insurance enterprise. Not surprisingly, then, ownership and stewardship of that data is a subject on which many in our industry disagree.
Having heard the arguments over the years, I decided to ask two key questions of an agent, a carrier CIO and an industry analyst. First, who actually owns the customer’s data? Second, with whom should that data reside?
“The customer owns the data,” stated Jerry Fox, vice president at James M. King & Associates, Inc., an agency based in Bloomington, Minn. “It’s their information, just as in every other HIPAA system. They allow us access to it, but it is their information. In some cases, the agency and the carrier both store copies of that data, but it is still [the customer’s] and we are responsible to protect it.”
Where, then, should that data reside?
“In my opinion, the fewer places it is stored, the better, because [having it in multiple locations] makes it more difficult to access,” said Mr. Fox, a former president of the AMS Users’ Group. “Being that a majority of agencies are small-to-mid-sized—18 to 20 employees and under—that does not allow them to have significant budgets for data security. Carriers have those resources available to provide proper security for the data and that’s where it should reside.”
According to Mr. Fox, “Future technologies dictate that data shouldn’t be residing in multiple locations, so agents should not be storing the data.” He added that he doesn’t believe that the insurance industry currently has the technology to allow carriers to be the only entities to store customer data, however.
Assuming the technology does develop and is implemented, Mr. Fox said the key is that insurers must give agents unrestricted access to the data. If that doesn’t happen, he noted, “then I will end up with it” by default.
Data security is also an issue in the debate over where data should be stored.
“We need to push the technology to be where we want it to be so [agents] can access the data and not have to store it, because every time there is a copy of the data, there is another place for intruders to get it,” said Mr. Fox. “In addition, every time you move it, something will be missing, because there are database structure inconsistencies. So where is the correct data? Something has changed.”
While he advocates insurers holding customer data, Mr. Fox also sees problems with that situation for agents. Sometimes, agents may not be able to access the data, “especially if you no longer have a contract with that company,” he explained. “This can be resolved, however. We need industry cooperation carrier-to-carrier, consistent solid security, and a means of authentication for all carriers. Right now they are all different.
“Overall,” he added, “there are way too many holes in security for both agents and carriers. A carrier changes passwords every 30-90 days; how do I keep up with that?”
The solution, he noted, is “an electronic certificate that would authenticate me, even though I don’t have a contract with them any more.”
Penn National Insurance CIO and vice president-Information Technology William R. Jenkins takes a somewhat different view.
“Technically, the agent (independent agent, I assume) owns the data of the book it writes,” he stated. “Carriers, however view the agent as an “extension” of them (the carrier) getting to the policyholder. As such, carriers rely on the data collected from the insured in the furtherance of their business.
“In other words, insurers need this data in order to properly identify the most profitable products, most profitable customers, and to identify new products and customers, i.e., perform business intelligence.”
According to Mr. Jenkins, “There has an ongoing debate for years as to who really owns the customer. A number of carriers believe and act as if they own the customer. This thinking seems to have evolved as carriers began to provide more and more services directly to the insured, including direct billing, policy changes, first reporting of loss, loss control services, and claims analysis. In effect, they are managing the customer experience.”
Mr. Jenkins also pointed out direct writers continue to make gains against the independent agency carriers, and this may result in independent agent carriers “seeing the need to become much more protective of their books.”
In terms of where data is kept, Mr. Jenkins asserted that, “The data today, in my opinion, should reside with both the agent and carrier. Both parties need to thoroughly understand their respective books of business so that cross-selling and profitability targets can take place.”
He added, however, that most agents lack the expertise and time needed to do these types of analyses. “They basically rely on their carriers to do these analyses,” he noted.
The critical question is “what can each party (carrier and agent) do with the data?” he said.
According to Matt Josefowicz, director, Insurance Core Team, for Norvarica, based in New York, “Agents and insurers should focus more on creating value and less on trying to hoard information.
“I think it's a mistake to think in terms of "ownership" of data,” he continued. “Neither the agent or the insurer "owns" the data. They are both given stewardship of data by an insured. If they can use that data to provide additional value in a way that the insured has given them permission to do, then that's good for the insured.”
Mr. Josefowicz asserted that both the agent and the insurer should have copies of customers’ data.
“Obviously, some agents are afraid that insurers will dis-intermediate them if they give up control, and some insurers are afraid they are more likely to have their policies churned if they don't have direct relationships with the customers,” he observed. “But exclusive control of information is not a defensible position in a world of Google, Lexis-Nexis, and ChoicePoint.”