Data Is King, But Who Owns It?

May 13, 2008 at 04:00 PM
Share & Print

Data–specifically information about our customers–is the very lifeblood of the insurance enterprise. Not surprisingly, then, the subject of who owns the data and where it should be stored is of critical importance.

Let's deal with the question of ownership first. Customer data is truly a precious commodity, because without it, how would we ever know how to underwrite personal risks? As such, this information must be carefully handled and doggedly protected if insurers and agents hope to keep doing business.

So, what exactly are we talking about when we mention data? According to Webopedia.com, "data can exist in a variety of forms–as numbers or text on pieces of paper, as bits and bytes stored in electronic memory, or as facts stored in a person's mind."

Numbers or text on paper are tangible assets that can be held, used–and misused or stolen, so they certainly can be owned. Bits and bytes, on the other hand, depend on the positioning of electrons on a chip–somewhat harder to get one's arms (or fingertips) around. The best we can do here is to say that someone owns access to the bits and bytes stored on one or more devices in one or more locations.

Facts stored in one's mind, of course, are owned by the thinker–until and unless that cogitator decides to express those facts in some reproducible way that can, at least in theory, be stolen. I will also allow for theft via telepathy, although some readers may doubt my psychic abilities, or my sanity, on that score. Nevertheless, I would hold that this form of data is not of great concern to the insurance enterprise.

Several insurance experts I talked to believe–correctly–that the customer owns his or her own information. As one agent put it, "It's their information, just as in every other HIPAA system. They allow us access to it, but it is their information. In some cases, the agency and the carrier both store copies of that data, but it is still [the customer's] and we are responsible to protect it."

Where, then, should that data reside? This may be the hot potato no one wants to fully grasp, because holding the data means you are responsible for its safety. Some agents tell me they would rather not store customer data on their own systems, presumably because they do not have the IS or financial resources to store the information securely. More likely, however, those particular agents just don't want to assume the risks of keeping such a precious commodity.

There are other agents, however, who insist that the data on their customers belongs on their systems. They want control over the data and–more importantly–its usage. These agents see insurers who want to keep the data as impinging on business the agents have worked hard to develop.

Clearly, however, insurance companies need this data in order to properly identify their most profitable products, most profitable customers as well as to identify new products and customers, as one insurance CIO told me.

It seems just as clear that customer data must be readily available to both parties. Storing it in fewer places makes sense, because that means there are fewer opportunities for the data to be hacked or for mistakes to be made that could potentially alter important information in harmful ways.

In the end, the optimum situation would be for insurers–who do, indeed, tend to have more resources that translate into better data security–to house the data. That said, however, the data must be readily available to agents, and it must never be used in a way that undercuts the agent's business.

Further, agents should have the ability to make changes directly as situations and lives develop and change with their customers. Giving agents that kind of access and ability to manipulate the data allows them to share not only the benefits, but the risks of dealing with sensitive information. That seems only fair.

In short, the storage arrangement should be a win-win for insurers and independent agents, and the risks should not rest with either exclusively.

According to Matt Josefowicz, director, Insurance Core Team, for Norvarica, based in New York, "Agents and insurers should focus more on creating value and less on trying to hoard information. If they can use that data to provide additional value in a way that the insured has given them permission to do, then that's good for the insured."

That probably won't make either side in this debate completely happy, but it does seem like the best way to accomplish what must be the highest objective of both–to serve the customer.

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

Resource Center