Each quarter, Locke Lord LLP and Novarica look at new regulatory developments in analytics, data usage, and data security that have the potential to affect insurer technology strategy. The latest report covers recent changes to the California Consumer Privacy Act (CCPA), the proliferation of biometric and genetic data privacy laws, and potential regulatory implications for chatbots.
Data Security and Privacy
Since the last joint Novarica/Locke Lord report, modifications to the law have provided guidance on CCPA compliance in several important areas that insurers should know about. Adhering to the CCPA means investing in a data thesaurus/dictionary to track rules about data and data lineage. Insurers may also want to extend software development lifecycles to incorporate data and rules about the data. However, tools are not enough: Compliance also requires a formal data governance process to map internal and third-party data usage.
Biometric data privacy laws are also likely to proliferate. Insurers should be aware of the implications. Once people provide biometric data, the data will need protection against theft and unauthorized uses and discharges. Many third-party services are emerging to collect and process biometric data and store it securely.
Regulatory challenges aside, biometric data promise many benefits for insurers, like enhancing underwriting and claims processes or easing customer authentication. Underwriting algorithms that leverage genetic information will need to be transparent enough to show regulators how they make fair decisions around pricing or rejection.
AI Uses and Considerations
Algorithms and fairness are also a concern with AI-enabled chatbots. Insurers have already found various uses for chatbots—from underwriting assistance to agent advisory, claims handling, and new customer on-boarding. Insurers need to document chatbot logic for regulators, who are taking a closer look at how built-in or learned biases in AI systems can lead to discrimination.
Chatbots have obvious utility for the insurance industry, but insurers that are considering chatbot deployment should also consider the extent of their deployments. Many customer interactions, such as claims, happen at high-pressure times when policyholders may prefer direct human interaction.
New technologies have benefits and risks that insurers must consider. The regulatory impact on the use of emerging technologies will drive adoption and how organizations apply them. The CCPA has already made it necessary to classify “personal information” and allow people to see it, correct it, and understand how organizations are using it.
Insurance will remain a regulated industry. The availability of biometric and genetic data for use in critical insurance processes and authentication will create many benefits for policyholders and insurers; insurers will also need to secure this data appropriately. Chatbots will leverage data collected with AI models to create more intuitive, automated interfaces; outcomes will need to ensure there are no discriminatory effects that run afoul of future regulations.
For more on these topics, see: Insurance Technology Strategy and Regulatory Compliance, Vol. 3.
Add new comment