The leading voice on data privacy protection urges those who do business online, and those who insure them, to tackle threats before they happen.
Jeremy Barnett (pictured), Chief Commercial Officer at LOKKER, knows that privacy threats are increasing and that insurers can play a key role in helping their clients comply with new privacy laws.
Five states (California, Utah, Colorado, Virginia, and Connecticut) have enacted consumer data protection laws in their regions. And the House Energy and Commerce Committee held hearings on data privacy with the goal of trying to craft a potential federal data privacy law, which would bring more attention to the issue.
Insurance companies are also paying more attention to the issue, especially as the latest wave of class action and regulatory action hits their eBooks.
Cyber underwriting to consider privacy risks
“Requests for cybersecurity could be updated to include some key questions about applicants’ awareness and willingness to comply with privacy,” Barnett suggested.
This can mean answering important questions in an electronic insurance application, such as:
- Do they have a data privacy officer?
- Do they use a consent manager/cookie consent manager platform on their website?
- Do they have tools to monitor/manage third party applications on their web properties?
“Just as insurers have advanced electronic underwriting with smart tools,” Barnett said, “new insurance technology is available to help teams assess privacy risks, too.”
Privacy risk management
Online insurers are integrating innovative advisory tools and services to help policyholders stay ahead of cyber threats. Whether through partner law firms offering incident response planning or proprietary security monitoring tools, cyber risk management continues to evolve from traditional MGAs and carriers.
“Time and time again,” said Barnett, “the tabletop exercise has proven to be beneficial for organizations of all sizes.
“To address emerging privacy risks, carriers and their policyholders should conduct a privacy table exercise, as well as create a privacy incident response plan to complement the broader electronic incident response plan and table,” Barnett said. “The GC team, the privacy team, and the IT and marketing teams need to understand data privacy risks and how to proceed with those risks.”
Claims
With plaintiff attorneys emboldened by recent class action lawsuits, federal regulatory actions, and aggressive state privacy laws, online insurers are dealing with a series of new data privacy claims. Up-to-date training on privacy regulations and compliance requirements is required to help teams overcome privacy risks. The new privacy lock technology will help underwriters as well as claims teams. “With better intelligence about the policyholder’s website, privacy threats can be identified and mitigated,” Barnett commented. “The Defense Council and litigation leaders need better information to challenge plaintiff attorneys who allege customer data was disclosed or shared.”
The best defense is a good offense – When it comes to managing privacy risks, be proactive.
“One of the main advantages of electronic insurance for the policyholder is access to the latest tools that help avoid an accident,” said Barnett. For privacy risks, carriers should offer insureds tools that can mitigate online privacy threats.
Several new companies, including LOKER, are developing tools to help insurers secure privacy risks with more intelligence and provide claims teams with advanced technology to monitor and mitigate these threats.
For more information about LOKKER, please visit https://lokker.com
