AIA: Recent Security Breaches Increase Spotlight on Protection of Consumer Information for Insurers

March 11, 2005

Recent security breaches at companies that collect, store and sell personal data – such as ChoicePoint, LexisNexis and Bank of America – individually and collectively cast a spotlight on privacy and security issues with implications for the insurance industry at both the state and federal levels, according to the American Insurance Association (AIA).

“The specific security breach at ChoicePoint raises concerns for insurers about the validity of information that it receives from the company collecting and maintaining the data,” said Eric Goldberg, AIA assistant general counsel. “It is critical that any information supplied by ChoicePoint to insurers, or any other business interest for that matter, be secure and accurate. Having access to the objective data supplied by ChoicePoint helps insurers make more accurate underwriting and rating decisions, which in turn helps consumers receive the most fair and accurate pricing for their insurance products.”

Several states have introduced either regulatory bulletins and/or legislation regarding disclosure of private information that would require a business to notify a consumer of the unauthorized use of that consumer’s personal identifying information.

California passed a similar bill in 2002, but is considering amending the statute to include an additional requirement of free access to credit reports for one year following a security breach. Congress will examine this issue in the coming months with several bills having already been introduced and several committees having scheduled or begun hearings on the subject.

The real crux of this issue is reportedly that no one law or government authority oversees the commercial collection and distribution of such diverse personal information that is used by so many different industries. There is also reportedly an inconsistent degree of privacy protection among the state laws. Regardless, the ultimate solution to these problems is to improve security measures that protect consumer data, according to the AIA.

“Insurance companies take the privacy of consumers very seriously and have procedures in place to ensure that insurance companies report information to consumer reporting agencies, such as ChoicePoint, in strict compliance with the Fair Credit Reporting Act,” said Goldberg. “Any other government regulation under consideration needs to be balanced to address legitimate privacy concerns while not creating unintended consequences for business.”

Was this article valuable?

Here are more articles you may enjoy.