Printer Friendly

Companies and agents may face increase of security breaches.

Insurance companies and agents may be facing an increased occurrence of security breaches, according to Steve Christenson, president of Identity Theft 911, a company that provides identity-fraud resolution and works with 70 major insurers.

Christenson said about 40% of his Arizona-based firm's business is handling security breaches for companies--a problem that is increasingly common.

"One of the things we're seeing is a spate of breaches in agent offices," Christenson said.

During these breaches, policyholder files are all that's being stolen, he said. This points to one thing--identity theft. "There's no reason to take policyholder files unless you're stealing identities," Christenson said. "We're seeing a lot of that. Agents need to be careful and need to learn to protect their files."

If policyholder files are taken from an agent, the insurance company the agent works for is likely to be held responsible for the lost data, Christenson said. "It is starting to cost a lot," he said. "Companies could be impacted by lawsuits in case of a breach."

One thing companies can do to protect themselves from this exposure is to ensure they are compliant with the most stringent state statutes that govern security breaches and file theft, Christenson said. "That's really what has become the national guideline," he said, even though breach notification laws differ from state to state.

There are 31 state security breach notification laws, with California's being mimicked most often around the country. The California law says the data owner or licensor is responsible for notifying individuals when there has been a compromise. Another provision says any person or business that maintains computerized data that has been subject to unauthorized acquisition needs to notify the data owner or licensor.

Earlier this year, a file server containing the personal information of 930,000 people was stolen from American International Group Inc., raising questions about data-breach liability. Experts said liability issues depend on a number of factors, including who held the data and for how long; what type of information was contained in the application; the terms of agreement between the prospective customer and intermediary; the source of the application; and the technology contract, if any, between the carrier and the intermediary.

Certain federal laws designed to safeguard customers' nonpublic, personal information already apply to insurance. Confidential medical information, for example, is governed by the Health Insurance Portability and Accountability Act, while the Gramm-Leach-Bliley Act and the Fair Credit Reporting Act protect the use and dissemination of other nonpublic, personal information.

Technology Notes is compiled by Senior Associate Editor Lori Chordas.
COPYRIGHT 2006 A.M. Best Company, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2006, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Technology
Author:Chordas, Lori
Publication:Best's Review
Date:Dec 1, 2006
Previous Article:Selective Insurance receives Productivity Management Award.
Next Article:BlueCross BlueShield of Tennessee and Caremark Rx Inc. recently announced enhancements to the Caremark iScribe electronic prescribing program in an...

Related Articles
How to protect your privileged information.
The real case for the home-based-agent model.
Protect yourself against claims of errors and ommissions.
Taking steps to ensure CRM data security.
Data breach a growing concern for insurance application process.
Security breaches pose a growing problem.
You can't manage what you can't see!

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters |