Carriers, Agencies Must Cooperate to Protect Customer Data
In Part 1 and Part 2 of this series, I discussed the problems presented to the independent insurance channel regarding identity, then some of the technical terms related to how identity can be securely established.
Let’s step back and look at the challenge of identity in a different way. Let’s recall the reasons why establishing who we are is important in the first place. We all have data we want to share with some, but not with others. We keep track of who should be allowed access, and we make them prove who they are to get it.
If I fail to protect my own things and they are lost or stolen, that could make me look foolish. But failure to protect what others have entrusted to me would reveal at best irresponsible naiveté or, at worst, callous disregard for the value of what others consider important.
For agencies and carriers that handle customer data, reasonable care includes identification (username), authentication (ensuring they are who they say they are) and finally authorization to access only the data they have a right to access.
The nature of the insurance industry is such that personal and financial information is required over long periods of time. Carriers store the information that agents acquire to serve the public with insurance products. While processing claims, merchants, service providers and health organizations expand the information to an even greater degree.
What all the participants of this process must keep sight of is that at the end of the day, when all the ducks are lined up … they’re not our ducks. That information belongs to the policyholder and claimant. Everything needed to impersonate someone for fraudulent reasons is stored within the insurance business systems and constitutes the identity of the consumer.
Carrier is responsible
All industry participants are held accountable for protecting the policyholder information to some degree, but none more than the carrier who maintains the most extensive repository of that information. Additionally, no one accesses that repository more than the insurance agencies that sell the insurance products.
The agency management system (AMS) constitutes a critical doorway for efficiency in managing the day to day business, but convenience and efficiency come with increased risk and obligation. Reasonable care, as we have described it here, requires that carriers and agents alike manage identity responsibly, effectively and efficiently. Federating identity at the AMS and adding the convenience of SignOn Once not only increases the overall security of the system, but it demonstrates the carrier’s commitment to protecting policyholders by restricting access responsibly. The agency gains the efficiency of having a simplified login but also benefits from association with carriers who demonstrate responsible management of consumer data.
The common-sense approach
However simple the management of passwords sounds when you are talking about one account, one login or one transaction, the exponential increase of labor and expense required to run the insurance industry makes SignOn Once by ID Federation a common-sense answer to our mutual complex problem.
I’ve had enough of the complexity and non-revenue-generating labor involved. I haven’t had enough of the common sense.
Westfield is committed to offering its agencies SignOn Once by ID Federation. Are your carriers?
Here’s an easy, automated email you can use to tell your carriers that your agency needs SignOn Once.
Image by Alexas_Fotos from Pixabay
