I was very interested to read this morning that Governor Cuomo of New York will investigate insurance companies’ cyber security. According to the article the focus of the investigation will be what safeguards insurers have in place to protect customers' sensitive personal and financial information. Hopefully this inquiry will take into account commercial-lines policyholders' data as well. Recent experience has made me skeptical about how well insurers do just about anything related to information management. I recently had an insurer claim that it would have to review reams of paper files to find information on a group of claims that are currently being adjusted. Investigation revealed that in fact the carrier has multiple electronic data repositories, but many them do not talk to each other, and that much coordination relies on information kept in the heads of certain supervisors!
Insurers demand a great deal of sensitive information about commercial policyholders in the underwriting process, from social security numbers and driving records of employees, to information on security systems. I will be very interested to see what New York turns up about the cyber security measures, or lack thereof, at the nation's larger insurers.
'via Blog this'