Understandings about data and the risks of ownership are changing, thanks to the growing popularity of technologies like blockchain and the Internet of Things (IoT). While the insurance industry’s interest in data collection and privacy is piquing, with some organizations participating in partnerships focused on exploring blockchain’s use cases, such as the RiskBlock Alliance, there’s still plenty of room to realize the opportunities found in new technology focused on data.
“In the insurance industry, we’re just beginning to understand how a technology like blockchain could offer greater security protection for data,” said Robin Westcott, vice president of government affairs, legal and compliance of the American Association of Insurance Services (AAIS), and a moderator at the upcoming Emerging Risks & Innovation Summit in New York. “We are very siloed organizations inside of insurance – even inside of companies, there are siloes of data – which creates an environment [where] it’s very taxing and tolling on a company to understand and to secure their data, but to also understand who’s using their data.”
Many insurance companies use outsourced third-party vendors who receive and manage their data, and oftentimes, it’s not the insurance organization’s security controls that are the most vulnerable, but those of the third-party vendors.
“Things like blockchain, which would allow us to have more security around our own data and be able to only allow access for certain transactions under smart contracts, could really move us towards being able to break this cycle of really not understanding and being able to control the access and availability of our data,” said Westcott.
The industry won’t just struggle with the emerging risk of how the mass of data coming from an increased use of IoT devices will be secured. Insurance companies operate in a highly regulated environment, which can make it doubly difficult to implement new ways of handling and securing data collected from, for instance, wearable technology devices, into underwriting activities, while making it transparent to regulators whether this new technology didn’t lead to an unfair advantage or discriminatory practice.
“It’s a double-edged sword for insurance companies because not only do they have to worry about the security of this new data, but how are we even going to use this?” said Westcott, explaining that blockchain could give insurance companies a greater ability to control and secure that data. “Under a blockchain environment, it’s not necessarily raw data that you’re sharing or that you are exposing – it is some of the insights into your raw data that you’re exposing, and that’s a big difference.
“It’s different than sending a file that contains all of this data to a third party, to a regulator, to be able to examine. It’s a great deal different to allow through smart contracts some information to be exchanged without necessarily exposing the raw data in the process. We really have to examine – and now is a great time for us, it’s the perfect opportunity – to start looking at how we actually can be collaborative and more transparent to give us greater security.”
During a panel on data, privacy and cyber underwriting at the Emerging Risks & Innovation Summit, experts will in part explore the developing regulatory environment around consumer protection and how companies can be responsive in their technology solutions to address this issue when managing data.
“Instead of looking at this as a problem, look at it as an opportunity,” said Westcott, adding that it’s not just about filling another insurance policy, “but actually looking at data in our industry, the usefulness of it and the way we use it, and the way we are able to connect it. I think that having that dialogue is very important.”