7. System Security and Privacy
Are today's claims systems able to effectively protect personal and sensitive information?
It is true that system security has improved by leaps and bounds. But hackers are becoming
increasingly sophisticated in their attacks. For example, CNA, one of the largest commercial
property and casualty insurers in the U.S., was the victim of a cyberattack back in March 2021,
an attack that exposed the personal information of 75,000 people -- employees, contractors,
and policyholders. That data included names, Social Security numbers, and other personal
identification information. The attack disrupted several systems and effectively shut down
CNA's website.
The company eventually paid the hackers $40 million to regain control of its systems.
There are a host of Federal and State
regulations, as well as guidelines from
the National Association of Insurance
Commissioners (NAIC), that systems
should adhere to. These rules are
becoming more stringent and can
expose the company to regulatory
fines and penalties. And while no
system is entirely secure, it is important
to understand the claims system
protocols that are in place and how the
information contained in those systems
is protected.
Are adequate security measures taken to ensure the protection of system data and its
transmission within your company?
What level of security does the vendor provide?
Are security protocols consistently monitored and updated?
What steps does the vendor undertake if there is a data breach?
CLAIMS BUYERS GUIDE | 10
Questions to Ask
