🔎Regulatory Focus: The Crucial Role of the NAIC’s Innovation, Cybersecurity, and Technology Committee (and Sub-Committees)

Discover why this NAIC committee (and its subcommittees) handles key issues like AI and cybersecurity, and why it matters for consumers.

🔑 KEY CONCEPTS

• Committee Focus―The NAIC's Innovation, Cybersecurity, and Technology Committee addresses critical issues related to emerging technologies, cybersecurity threats, and data privacy within the insurance industry.
  

• Subcommittees―These include the Cybersecurity Task Force, Big Data Working Group, AI Working Group, Innovation and Technology Task Force, and Privacy Protections Working Group, each focusing on specific technological and regulatory challenges.
  

• Emerging Issues―The committee influences evolving state regulations, related to all things technology, where it intersects with the insurance industry.
  

• Public Participation―While NAIC meetings are generally closed to the public, participation is possible through select nonprofit organizations and trade associations that have access to these meetings.
  

What is the NAIC?

The National Association of Insurance Commissioners (NAIC) is a U.S. organization that establishes standards and regulatory support for the insurance industry.

It comprises insurance commissioners from all 50 states, the District of Columbia, and U.S. territories. These commissioners regulate the insurance industry within their jurisdictions, ensuring consumer protection, with market stability.

What Are NAIC Committees?

NAIC committees, such as the Innovation, Cybersecurity, and Technology (H) Committee, are essential for developing the NAIC's suggested state insurance regulatory policies and practices. These committees consist of state insurance regulators and other stakeholders who collaborate to address industry challenges.

Since the NAIC is a private, non-governmental organization, public participation is very limited, even though this organization often sets the standards and model acts for regulatory matters in the insurance industry. I'll cover that later in the article, but let's get back to the unique, and poignant Committee of focus:

The Innovation, Cybersecurity, and Technology Committee focuses on emerging technologies, cybersecurity threats, and data privacy. The committee's work includes developing best practices, model laws, and regulatory guidance to protect consumers and ensure the insurance industry's resilience.

With the seemingly constant issues of data breaches, AI-enabled fraud and criminal acts, and newly emerging lawsuits against insurers using algorithms to make claim decisions, this committee's work is of the utmost importance.

Thankfully, the NAIC's Innovation, Cybersecurity, and Technology Committee has sub-committees with specific focuses on all of these issues.

Subcommittees of the NAIC Innovation, Cybersecurity, and Technology Committee

1. Cybersecurity Task Force―Focuses on developing and updating model laws, regulations, and guidelines related to cybersecurity. They monitor emerging threats and provide best practices for insurers to protect sensitive data.
   

2. Big Data Working Group―Analyzes the implications of big data in the insurance industry, including the use of data analytics, predictive modeling, and AI. They aim to ensure data usage complies with privacy laws and ethical standards.
   

3. Artificial Intelligence (AI) Working Group―Evaluates the use of AI in insurance, addressing issues like algorithmic fairness, transparency, and accountability. This group ensures that AI applications enhance efficiency without compromising consumer protection.
   

4. Innovation and Technology Task Force―Monitors technological advancements such as blockchain, IoT, and mobile technology. They assess how these innovations can be integrated into insurance practices while ensuring regulatory compliance.
   

5. Privacy Protections Working Group―Focuses on drafting and revising privacy laws to protect consumer data. They track legislative developments and ensure that insurers adhere to evolving privacy regulations

Participation and Access to Information

While NAIC meetings are generally closed to the public, participation is possible through a few select nonprofit organizations (like national policyholder advocacy nonprofit, United Policyholders), trade associations (for regulators, insurance industry personnel, or adjusters), or other entities that may have access to these meetings.

Engaging with or supporting these few organizations is crucial, as they represent balance by introducing consumer protection voices and professional perspectives within regulatory discussions.

Accessing information about NAIC committees and their work can be done through the NAIC website, where reports, model laws, and regulatory updates are available. Active involvement ensures that stakeholders stay informed and contribute to shaping the regulatory landscape.

Importance of the Innovation, Cybersecurity, and Technology Committee

The committee addresses critical and emerging issues, ensuring that the insurance industry can adapt to technological advancements while maintaining robust consumer protections. Below, I'll list just a few insurance industry issues that are related to the committee's, and sub-committees' focuses:

1. Mobile Claim Inspections―Mobile technology has revolutionizing property damage claim inspections since the insurance industry's 2020 push, but this brings significant transparency and consumer protection challenges.
   

2. Artificial Intelligence (AI) Liability Risks―The Air Canada chatbot case underscores the risks of AI in customer interactions. Properly managing these risks is essential to avoid liability issues. Many users of AI are not aware that AI can―and often does―hallucinate. Hallucinate means: makes stuff up. Yeah. Most people don't know that all AI models do this, albeit at varying frequency and severity. 😳 Remember the lawyers that were sanctioned, for using ChatGPT to write to write their briefs submitted to the court? Well, they were victims of AI hallucination, as ChatGPT made up case law that didn't exist, and they didn't bother to verify that the cases existed. Be sure to catch up on your Digital Literacy, before using AI tools.
   

3. Algorithmic Decisions in Insurance―Prominent healthcare insurer Cigna received two 2023 class action lawsuits over their algorithmic claim denials, using a program called PXDX, highlights the need for regulatory oversight to ensure fairness and transparency in AI usage.
   

4. State Privacy Legislation―Evolving state privacy laws require constant monitoring and adaptation to ensure compliance and protect consumer data, which of course relates to the insurance industry. Insurance companies are purportedly large buyers of consumer data, including data purchased from their vehicles (car manufacturers are one of the biggest data harvesters and brokers selling this data, when it comes to any smart vehicle, which is most currently manufactured). Each state's existing, evolving, and upcoming privacy laws are all different, so it makes protecting consumers a bit more challenging. Many state privacy laws have such high thresholds, that many businesses may not meet them, and government and nonprofit bodies are often exempt from privacy laws (these are not the same as data protection laws, which all organizations typically must adhere to, in most states). Lack of uniformity of state privacy laws are just one unique issue.
   

5. Data Breach Management―Data breaches are so common now, that states like Florida are introducing Cybersecurity Immunity Laws. How common are data breaches right now? So common, that data breaches affect so many large businesses and government bodies, that it's hard to keep track of. Use of, and accessibility to of AI and other technology by criminals and bad actors, is a large reason.
   

While this may all seem overwhelmingly alarming, there is hope. With the NAIC's Innovation, Cybersecurity, and Technology Committee on the watch, they can help to ensure that the insurance industry can safely navigate technological innovations, while protecting consumer data, consumer rights and protections, and complying with evolving regulatory requirements.

Engaging with this committee, directly or through related organizations that collaborate with the NAIC, is essential for supporting and staying updated on critical regulatory developments.

If you found this article insightful, please share with a colleague who needs to know!

Be sure to subscribe to get education about regulatory and consumer protection insurance matters, and soon insurance history, that you won't find anywhere else.

✌🏽 Be well,