Data Privacy at Risk as Insurance Technology Solutions Grow
Press Releases
Nov 02, 2021
LOUISVILLE, Ky., Nov. 2, 2021 /PRNewswire-PRWeb/ — Every day there are cyberattacks, and daily we move more of our lives online where we are vulnerable to attacks. Insurtech is no stranger to these sensitivities, as was the case with insurance technology startup company BackNine, which recently had a major security breach when someone left a server unsecured. Statistics show that human error is responsible for approximately 88 percent of all data breaches.(1) By some counts, there are more than 2,200 cyberattacks per day—that equates to about one cyberattack every 39 seconds.(2) According to a 2021 IBM and Ponemon Institute study, a breach can cost a company $4.24 million, which is 10% more than what it cost in 2019.(3) “There will be more attacks and businesses have to prepare for and anticipate the future,” said Jason Thomas, Chief Technology Officer for insurance platform Traffk. “While a lot of companies think they’re safe because they don’t have web-facing applications, it actually opens them to more attacks.”
BackNine’s unsecured server exposed more than 700,000 insurance applications. That server, which was hosted through Amazon’s cloud service, was misconfigured to allow anyone access to it. Amazon storage servers are private by default, meaning someone had to manually adjust settings so that none of the data was encrypted. Essentially, a seemingly small human error left highly sensitive, personal, medical information of applicants and their families, exposed. That includes social security numbers, medications, and even driver’s license numbers.(4)
Thomas says it’s important to pay attention to data breaches at other companies in order to understand how your business might be vulnerable. Having your own proprietary software so as to not rely on an insurance partnership for security software can give your business more control over security settings. It also means being able to make quick adjustments based on how other insurance technology has been breached.
Digitization can also be used to improve at-risk insurance enrollment, but that relies on trusting that your medical data will be kept safe. The information needed to create these instant life insurance quotes many companies provide now means handing over sensitive identifying information that can put consumers at risk of identity theft. It’s imperative as Insurtech grows that people are confident their private medical information will be treated with the care it requires.
Insurance entails collecting personal medical data and history, and that information is protected by both HIPPA and consumer privacy laws. Data breaches can put insurance partnerships and companies at risk of not complying with those necessary consumer protections.(5) Cloud technology can help protect data privacy with increased safeguards and security at every endpoint.
Artificial intelligence and machine learning are also part of the solution. Humans cannot respond to threats as quickly as AI and ML. However, those technologies cannot stay up to date on how other industries have been breached which is where humans can help. Robotic Process Automation (RPA) is a software technology that makes it easy to build, deploy, and manage software robots that emulate human interactions with digital systems and software.(6) Thomas says RPA is one part of the solution but it’s only as good as the human who programs it. Despite all of these tools, top industry researchers have found that human error is still very much the driving force behind an overwhelming majority of cybersecurity problems.(7)
Thomas has some advice on what to do after a security breach.
- Notify everyone about the breach, including customers and clients.
- Do background checks for up to one year for the people affected.
- Correct the error that caused the breach.
- Protect data on the endpoint. Software should be installed directly onto a computer to ensure security continues no matter where the device is located.
- Protect data on portable devices by using encryption.
- Use compliance profiles(8)
Attacks are going to continue and will likely increase both in number and complexity. Companies are looking into Software as a Service (SaaS) and Platform as a Service (PaaS) as a way to better protect consumer data and information. This technology is easy, cost-effective, and scalable, and allows room to experiment and update it as new types of threats are discovered.(9) There is more data to protect, making insurance technology security all the more essential. Insurance companies have to be diligent, as no system is impenetrable.
However, no matter the amount or quality of security software, human error is always a factor. It is then imperative that businesses continuously educate and train employees in the latest consumer and client data security measures.
“The solution lies in insurance companies taking steps to ensure consumer data is safe. Because the threat of cybersecurity isn’t going anywhere,” Thomas said.
About Traffk
Traffk is an innovative insurance underwriting and distribution platform designed to build and launch modern insurance products and brands that scale. With decades of leadership experience in insurance and AI, Jason Thomas Co-founded Traffk as a solution to the problems of inefficient, assumption-based underwriting and slow processing in the insurance industry. Traffk’s goal from the start has been to comprehend the risks and modernize the insurance underwriting process by leveraging modern-day tools. Traffk enables risk bearers to leverage the underwriting process with its data-enrichment technology and integrates and analyzes data to glean insights pertinent to insurance. Traffk works with agents as partners, providing them with the digital tools to work with an efficient sales process and engage consumers with a fast, accurate process for insurance policies, changing the insurance landscape for the better, forever. Visit https://www.traffk.com/
1. Tessian, “Understand the mistakes that compromise your company’s security” 15 June 2021, tessian.com/research/the-psychology-of-human-error/
2. Stouffer Claire, “115 cybersecurity statistics and trends you need to know in 2021” 9 August 2021, us.norton.com/internetsecurity-emerging-threats-cyberthreat-trends-cybersecurity-threat-review.html
3. Tunggal, Abi Tyas; “What is the Cost of a Data Breach in 2021?”; Updated 21 Sept 2021; UpGuard; upguard.com/blog/cost-of-data-breach
4. Stouffer Claire, “115 cybersecurity statistics and trends you need to know in 2021” 9 August 2021, us.norton.com/internetsecurity-emerging-threats-cyberthreat-trends-cybersecurity-threat-review.html
5. Lani Heather, “FTC warns health apps must notify users about data breaches or face fines” 17 September 2021, fiercehealthcare.com/digital-health/ftc-warns-health-apps-must-notify-users-about-data-breaches-or-face-fines
6. UI Path “Robotic Process Information (RPA) Automation software to end repetitive tasks and make digital transformation a reality” uipath.com/rpa/robotic-process-automation
7. Sjouwerman Stu “New StanThomas Research: 80% Of Data Breaches Are Cause By Human Error” 4 March, blog.knowbe4.com/alert-new-stanThomas-research-88-of-data-breaches-are-caused-by-human-error
8. Coos Andrada, “3 Data Protection Tips for Insurance Companies” 22 January 2020, endpointprotector.com/blog/3-data-protection-tips-for-insurance-companies/
9. IBM Cloud Education, “What is PaaS(Platform-as-a-Service), 14 July 2021, ibm.com/cloud/learn/paas
Media Contact
Karla Jo Helms, JOTO PR Disruptors(TM), 727-777-4621, khelms@jotopr.com
SOURCE Traffk