Connecticut Insurance Department Issues Guidance on Big Data Use by Insurers

Hinshaw Privacy & Cyber Bytes - Insights on Compliance, Best Practices, and Trends

The State of Connecticut’s Insurance Department (Department) has issued a Notice reminding all entities and persons licensed by the Department to use technology and Big Data responsibly and transparently and in full compliance with Federal and State anti-discrimination laws.

In light of the potentially transformative nature of Big Data, the Department reiterated regulatory concerns with regards to the following three general topics:

  1. Internal Data Deployment: How Big Data is utilized by insurers as a precursor to or as a part of algorithms, predictive models, analytic processes, data gathering, product design, marketing, distribution, management, rating, underwriting an claims activities regardless of whether parties are using their own algorithms, and/or processes or have purchased or contracted for joint development of algorithms, models, or processes from third-party developers or vendors.


    The Department defined the Big Data ecosystem as wide, varied, and rapidly evolving from a diversity of sources, including consumer intelligence, social media, credit and alternative credit information, retail history, geographic location tracking and telematics, mobile, satellite, behavioral monitoring, psychographic, biographic, demographic, and firmographic data, sensors, wearable devices, and RFID.

  2. Internal Data Governance: Governance of Big Data throughout the precursor to its usage within the insurance industry, where such data resides and is used within the insurance industry, and how such data subsequently moves into industry archives, bureaus, data monetization mechanisms, or additional processes within or beyond the insurance ecosystem.


    The Department also emphasized the importance of data accuracy, context, completeness, consistency, timeliness, relevancy, and other critical factors of responsible and secure data governance.

  3. Risk Management and Compliance: How Big Data algorithms, predictive models, and various processes are inventoried, risk assessed/ ranked, risk managed, validated for technical quality, and governed throughout their life cycle to achieve the mandatory compliance.

As a result of the transitory nature of Big Data usage, the Department offered guidance providing examples of the types of information that it may request during the course of examinations specific to the usage of data brokers, with an explicit focus on data source, storage, curation, and documentation.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Hinshaw Privacy & Cyber Bytes - Insights on Compliance, Best Practices, and Trends | Attorney Advertising

Written by:

more
less

Hinshaw Privacy & Cyber Bytes - Insights on Compliance, Best Practices, and Trends on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.