Presentation on theme: "AICP Midwest Chapter E-Insurance: Overcoming Challenges and Avoiding Common Pitfalls Stephanie Duchene Dentons US LLP 213-892-2909."— Presentation transcript:
AICP Midwest Chapter E-Insurance: Overcoming Challenges and Avoiding Common Pitfalls Stephanie Duchene Dentons US LLP Stephanie.Duchene@Dentons.com 213-892-2909 Tuesday, August 26, 2014 The James B. Henry Center for Executive Development at Michigan State University
Locations Month Day YearDentons US LLP Document reference #2
Offices by list Month Day Year3 KeyCanadaUnited StatesEurope Central and Eastern Europe AfricaMiddle EastAsia Pacific Offices Associate offices Facilities Associate firms + Special alliance firms Calgary Edmonton Montréal Ottawa Toronto Vancouver Atlanta Boston Chicago Dallas Kansas City Los Angeles Miami New Orleans New York Phoenix San Francisco Short Hills Silicon Valley St. Louis Washington, DC Barcelona Berlin Brussels Frankfurt Madrid Paris Zurich Bratislava Bucharest Budapest Istanbul Prague Warsaw Accra Algiers Bissau Bujumbura Cairo Cape Town Casablanca Dar Es Salaam Johannesburg Kampala Kigali + Lagos Luanda Lusaka Maputo Nairobi Nouakchott Port Louis Praia São Tomé Tripoli Abu Dhabi Amman Beirut Doha Dubai Kuwait City Manama Muscat Riyadh Beijing Hong Kong Shanghai Singapore United KingdomRussia and CISCentral Asia London Milton Keynes Kyiv Moscow St. Petersburg Almaty Ashgabat Baku Tashkent Dentons US LLP Document reference #
Disclaimer These materials should not be considered as, or as a substitute for, legal advice and they are not intended to nor do they create an attorney-client relationship. Because the materials included here are general, they may not apply to your individual legal or factual circumstances. You should not take (or refrain from taking) any action based on the information you obtain from these materials without first obtaining professional counsel. The views expressed do not necessarily reflect those of the firm, its lawyers, or clients. 4
E-Insurance: Overcoming Challenges and Avoiding Common Pitfalls 5
Trends 7 Between 2001 and today, the number of Americans with Internet access grew from nearly half the U.S. population to roughly 80%. Today, over 347 million Americans are online. Estimated that 73.5% of U.S. consumers now use online bill pay. In addition to banking, consumers are investing, making major purchases (and even dating) online.
Trends 8 According to the comScore 2013 Online Auto Insurance Shopping Report: In 2013 people were increasingly more open to the idea of purchasing auto policies online than they were in 2011 and 2012, up 3 percent and 1 percent, respectively. Obtaining a quote online continues to be the most popular auto insurance shopping method for consumers, with 67 percent of respondents who shopped in the past year saying they obtained a quote online.
Trends 9 According to the 2011 Insurance Barometer study by the Life and Health Insurance Foundation for Education (LIFE) and LIMRA: 64% of adults would prefer to buy their life insurance from an insurance or financial professional, down from 80 percent in 1996. Younger consumers showed the most interest in purchasing life insurance through the Internet. Among people age 25 to 44, 31% said they would prefer to buy directly, with three in four of those individuals citing the Internet as their preferred means of direct buying.
Clearing the e-insurance hurdles 10 Hurdle #1: Electronic Presence (establishing and maintaining a compliant electronic presence) Hurdle #2: Electronic Sales (electronic consent, electronic signatures, electronic collection of premium) Hurdle #3: Electronic Issuance and Maintenance (electronic delivery of insurance related documents)
Electronic Presence Month Day YearDentons US LLP Document reference #13 Exists in many forms: websites, social media, blogs, apps Range of capabilities: appointment request quote request quote price return purchase/bind issue Initial challenges: identifying advertising/complying with advertising rules maintaining an overall compliant presence
Electronic Presence - Advertising 14 Common pitfall: Failing to consider your online activity as advertising Most states define an advertisement as material “designed to create public interest in insurance, an insurer, or a producer” or “induce the public to purchase, increase, modify, reinstate or retain” a policy of insurance.
Electronic Presence - Advertising 15 Which of the below is considered advertising? Website Hyperlinks, banners, pop-ups Email Social media App Challenge: Compliance with advertising laws Same rules apply to online advertising as apply to advertising on any other medium - content, format, approval and retention requirements apply Particularly tricky with social media platforms
Electronic Presence 16 Other common pitfalls: Failing to do business in licensee's full approved name (overuse of logo, use of unapproved dba or marketing name) Failing to adequately disclose identity and relationship in co-branded sites (particularly with producers) Failing to direct online traffic Failing to use inputs to dictate outputs Failing to view your overall website from a regulator's position -- do NOT give Marketing control!
Electronic Sales Challenges: Obtaining consent to an electronic transaction Binding coverage through electronic signatures Collection of premium electronically Retention of records electronically
Electronic Presence - Consent All parties must agree to conduct a transaction electronically. Two types of consent needed: 1.Consent to conduct a transaction electronically - can be determined from context and surrounding circumstances, including parties conduct Avoid pitfalls: obtain affirmative consent to ensure a customer agrees and understands that they are transacting electronically (e.g. require agreement to T&Cs early in experience) 2.Consent to electronic delivery of documents -- more involved (disclosure statement + consent in required format)
Electronic Signatures Signatures are used to: Denote agreement to terms and conditions set forth in a document. Acknowledge receipt of a document. Convey the signer is indeed who he/she purports to be (authentication). Many types of insurance documents may require a signature: Application Release of confidential medical information Beneficiary changes Uninsured motorist coverage Earthquake insurance offer Life illustrations Consumer protection disclosures
Electronic Signatures - risks 23 Authentication risk: "That's not my signature" Avoid pitfall: Use ways to affirm identity - "shared secrets," require completion of log-in/change of password go through email Repudiation risk: "That's not what I signed" Avoid pitfall: Have a secure and searchable audit log ("hash chains"), law requires that the signature be "linked, attached or logically associated with the document" Adoption risk: "I didn't meant to actually sign" Avoid pitfall: Require affirmative action (no already checked boxes), ask multiple times, be clear as to the significance of the action
Electronic Signatures and Contracts 24 General “rule of validity” under the law (ESIGN and UETA): A signature may not be denied legal effect or enforceability solely because it is in electronic form. A contract may not be denied legal effect, validity, or enforceability solely because an electronic signature was used in its formation. A contract or other record may not be denied legal effect, validity or enforceability solely because it is in electronic form. Goal: Promote electronic commerce by ensuring national uniformity and legal certainty for electronic signatures and records.
Electronic Signatures 25 "Electronic signature" = "an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record" Technologically neutral -- there are no technological requirements as to how an electronic signature must be made Intended to provide businesses the flexibility to design computer applications that fit their unique needs. Some states have technologically specific requirements – pre-empted by ESIGN Some state shave issued guidance: An insurer may have to show that security procedures are sufficient to verify that an electronic signature or record is that of a specific person. (Ky. Advisory Opinion 2006-09)
Electronic Signatures 26 If an insurance related document requires a signature, an electronic signature is acceptable provided that: (1) it is attached to or logically associated with the record; and (2) executed or adopted by a person with the intent to sign the record. Avoid pitfall: Obtain clear, affirmative consent that the consumer intends to enter into a binding agreement. Examples: Type name into signature field, check a box, use a vendor Include statement: “I understand that by [entering my name in the signature field, by checking this box, etc.] that I am agreeing to enter into a binding agreement with [Company]…”. Remember authentication, repudiation and authentication risks
Electronic Binding No state prohibits the binding of insurance online, provided carrier complies with ESIGN and UETA. E.g. 2001 bulletin issued by the Ohio Department of Insurance provides that regulated entities may “conduct business with consenting consumer electronically” and that the state’s UETA provides for legal recognition of electronic signatures, and electronic records. The bulletin also provides that “delivery and communication by electronic or other verifiable means shall not be precluded where agreed to by the parties involved.” Oh. Ins. Bulletin 2001-3. E.g. 2003 bulletin from the South Carolina Department of Insurance provides that “insurance transactions may be effectuated electronically over the Internet to the same extent as they may be effectuated by other means…that is, effectuating an insurance transaction over the Internet does not add any additional requirements not otherwise required under the South Carolina insurance laws.” S.C. Ins. Bulletin 03-5.
Collection of premium 30 Many options: Pay online by credit card or debit card Automatic deductions from checking account using EFT Online billing Mail in payment by check or money order Payment by phone (by credit or debit card) When collecting premium online there are various applicable state and federal laws to be mindful of, including privacy and data security laws.
Collection of premium State insurance laws regarding collection of premium via credit card and debit card vary. Most commonly they include: Credit card usage may not result in an increased premium or separate fee. Conversely, insureds paying cash or check may not be offered a discount for doing so. Credit card issuer may not cancel a policy if a cardholder fails to pay balances due that include insurance premiums. Premium refunds must be made directly to the cardholder. May not offer an extension of credit for premium payments made through a particular credit card.
Retaining records electronically If a law requires that a contract or other record be retained (such as insurance record retention requirements), that requirement is met by retaining an electronic record of the information which: Accurately reflects the information set forth in the contract or other record; Remains accessible to all persons who are entitled access by statute, regulation or rule of law for the period required by such statute, regulation or rule of law In a form that is capable of being accurately reproduced for later reference, whether by transmission, printing or otherwise.
E-Insurance Hurdle #3: Electronic Issuance and Maintenance 33
Electronic Delivery Many types of insurance related documents are required by law to be provided in writing (e.g. policies, claims communications, billing notices, cancellation/non-renewal notices, certificates of insurance, proof of coverage, etc.) Regulators have voiced concerns regarding electronic delivery, including whether the insurer can verify that the document was actually delivered, whether the document is maintained in a format that is secure from tampering and facilitates audit/discovery, and whether the document is available to the consumer within a reasonable time upon request. (NAIC White Paper, Electronic Commerce and Regulation Issues Paper (2000))
Electronic Delivery 36 Challenges: Law requires a consumer to consent ("opt-in") to electronic delivery after being provided with specific detailed disclosure. Determining when an electronic document is considered "sent" and "received." Determining what documents may and may not be sent electronically.
Electronic Delivery 37 If the law requires that a document be provided in writing, electronic delivery of the document satisfies this requirement if: 1)the parties consent to electronic delivery (different requirements for consent in consumer and B2B transactions) 2)an exception does not apply which would prohibit the information from being delivered electronically Only applicable where a law requires information to be provided in writing (e.g. policy documents, notices). If there is no legal requirement that the information be provided in writing (e.g. general correspondence), these laws do not apply. Avoid pitfall: Best practice to have affirmative consent to electronic delivery regardless of type of document that is being sent.
Electronic Delivery - Consent Consumer consent to receive documents electronically must: Be affirmative ("opt-in") -- can not be assumed or defaulted Be obtained only after specific information is clearly and conspicuously disclosed (ESIGN Disclosure Statement) Be "in a manner that reasonably demonstrates that the consumer can access information in the electronic form in which it will be sent." Business consent to electronic delivery can be inferred from the context and surrounding circumstances of the transaction Avoid pitfall: Timing of consumer consent must be after disclosure statement provided.
Electronic Delivery - Disclosure 39 Must disclose specified information to the consumer before obtaining his/her consent to conduct a transaction electronically. Must inform the consumer: Of any right or option to have the record provided or made available on paper or in non-electronic form; Of the right to withdraw the consent to have the record provided or made available in an electronic form and of any conditions, consequences (which may include termination of the parties' relationship), or fees in the event of such withdrawal; Of the procedures to withdraw consent and to update information needed to contact the consumer electronically; Whether the consent applies (I) only to the particular transaction which gave rise to the obligation to provide the record, or (II) to identified categories of records that may be provided or made available during the course of the parties' relationship; and How, after the consent, the consumer may, upon request, obtain a paper copy of an electronic record, and whether any fee will be charged for such copy.
Electronic Delivery - sent and received Electronic record is “sent” when addressed or otherwise properly directed to an information processing system that the recipient has designated for the purpose of receiving electronic information and from which the recipient is able to retrieve the electronic record. Electronic record is “received” when it enters an information processing system that the recipient has designated for the purpose of receiving electronic records and is in a form capable of being processed by that system. Electronic record must be capable of retention by the recipient at the time of receipt. Avoid pitfalls: not responding to bounce-backs, not providing an easy mechanism for changing email address on file
Electronic Delivery - sent and received 41 For example, West Virginia makes it clear that where the sender has actual knowledge that a party did not receive the electronic record (e.g. bounce back), it is the sender's obligation to take reasonable steps to attempt redelivery to a new email address or postal address. "In a consumer transaction, an electronic record is not sent to or received by a party if the sender has actual knowledge that such party did not actually receive the electronic record. In that case, the sender's sole obligation shall be to take reasonable steps to attempt redelivery using information in the sender's files. This redelivery requirement is satisfied if the sender sends the electronic record to a different electronic mail address or to a postal address the sender has on file." W. Va. Code § 46A-6I-3.
Electronic Delivery - exemptions 42 Even where you have appropriate consent and appropriate procedures -- electronic delivery has not historically been permissible for all types of insurance related documents, including: Any notice regarding the cancellation or termination of health insurance benefits or life insurance benefits (excluding annuities) Documents that are required by statute/regulation to be sent via "specified method" (e.g. "first class mail," certified mail," "registered mail," "last known address," etc.) Other types of document specifically carved out by state law (e.g. notices of termination or non-renewal of personal auto or property, written offers of earthquake insurance, LTC insurance notices, etc.) Pitfall: Assuming that once you have consent to electronic delivery, everything can be delivered electronically.
Electronic Delivery - exemptions IN and MI 43 Indiana and Michigan exempt from electronic delivery documents that are required to be sent via a specified method: IN: "If a law… requires a record to be sent, communicated or transmitted by a specified method…the record must be sent, communicated or transmitted by the method specified in the other law." Ind. Stat. 26-2-8-107(b). MI: "If a law requires a record to be posted or displayed in a certain manner, to be sent, communicated, or transmitted by a specified method... the record must be posted or displayed in the manner specified by law.” Mich. Comp. Law s 450.838(2). Examples of documents required to be sent via specified method: notice of lapse or termination for LTC policy, replacement notices in direct response sales, annuity annual statements
Electronic Delivery - exemptions Kentucky 44 Kentucky exempts from electronic delivery documents required to be delivered via a specified method, however, it has also issued an advisory opinion that arguably overrides the exemption. "If a law … requires a record … to be sent, communicated, or transmitted by a specified method…the record must be sent, communicated, or transmitted by the method specified in the other law.” Ky. Rev. Stat. 369.108(2). Examples: property insurance notices of cancellation, nonrenewal and premium increases; annuity annual statements But see, Advisory Opinion 2013-01 (February 19, 2013) provides that "after reviewing the various laws requiring notice," as well as Kentucky's UETA, the Department interprets the required delivery of effective notice can be made by electronic mail to policyholders.
Electronic Delivery - exemptions Kentucky 45 KY Advisory Opinion cont.: Because of the "paramount importance for consumer protection," the delivery of cancellation, renewal, nonrenewal, and premium increase notices is permitted electronically only if: Disclosure is made to policyholder of option to elect to receive notices electronically or in hard copy. Disclosure must contain the following or substantially similar language: The policyholder who elects to allow for this policy, notices and communications to be sent to the electronic mail address provided by the policyholder should be aware that the election operates as consent by the policyholder for all notices to be sent electronically, including notice of nonrenewal and cancellation. Therefore, the policyholder should be diligent in updating the electronic mail address provided to the insurer in the event that the address should change.
Electronic Delivery - exemptions KY 46 KY Advisory Opinion cont.: An insurer’s failure to grant a request from a policyholder to receive hard copy mailings or an insurer’s failure to provide the above disclosure could result in administrative action. An insurer making an electronic delivery or providing electronic notice shall maintain proof of electronic mailing.
Electronic Delivery - exemptions Ohio 47 Ohio exempts from electronic delivery documents required to be delivered via a specified method, however, it too has issued a bulletin that arguably overrides the exemption. (And see also new law effective in September.) If a law … requires a record … to be sent, communicated, or transmitted by a specified method…the record shall be sent, communicated or transmitted by the method specified in the other law." Ohio Stat. § 1306.07. But see Ohio Ins. Bulletin 2001-3: “For purposes of delivery and other communication required or permitted by [Ohio] and its attendant regulations, delivery and communication by electronic or other verifiable means shall not be precluded where agreed to by the parties involved. The burden is on the regulated entity to meet all existing requirements for delivery regardless of the method by which the policy or other record(s) are actually delivered to the recipient.”
Electronic Delivery - exemptions West Virginia 48 WV: Expressly excludes termination of health insurance or life insurance (excluding annuities) from electronic delivery. Also contains a "specified method" exemption: If a law requires a record “to be sent, communicated, or transmitted by a specified method,” the record must be sent, communicated, or transmitted by the method specified in the other law. W. Va. Code § 39A-1-8. Examples: policies of life or accident sickness insurance, annuity annual statements, notice of lapse or termination of LTC policy However, Informational Letter 135B indicates that notwithstanding a requirement that certain forms be delivered by a specified method to the insured, UETA allows transmittal in electronic form.
Electronic Delivery 49 Challenges: Establishing a multi-jurisdictional system Unintended consequences of the law Outdated laws that do not accommodate Gen Y preferences Among customers who utilize multiple contact channels to resolve an issue, 40% of Gen Y (born from 1974-1994) customers begin online, further underscoring their preference to seek answers to their questions via this channel. In contrast, the most frequent starting point for Boomers (born from 1946-1964), who have used multiple channels to resolve an issue, is their agent (40%). (2012 J.D. Power and Associates study of the US Auto Insurance industry) States have begun to enact legislation which overrides these exemptions
Month Day YearDentons US LLP Document reference #50
Electronic Delivery - recent changes 51 Recent changes in the law aimed at overturning electronic delivery exemptions Solution -- separate overriding statute(s) which affirmatively permit the electronic delivery of documents that are expressly excluded from electronic delivery under UETA/ESIGN New challenge: an overlay statute overlaying an overlay statute (!!!)
Electronic Delivery - recent changes 52 Model Merged Insurance Transaction Modernization Electronic Delivery or Posting Model law drafted by the insurance industry Adopted to varying degrees in many states (e.g., AK, AZ, DE, FL, ID, IL, IN, KS, MN, MO, NJ, NC, OH, OK, PA, TN, TX, VA, WI) IN: Ind. Stat. 27-1-43-1 et seq. (effective July 1, 2014) OH: Ohio Ins. Code § 3901.41 (effective September 4, 2014) Pending in other states
Electronic Delivery - recent changes 53 Two parts to the model: 1)Part 1: Overrides the "specified method of delivery" exemption in UETA 2)Part 2: Permits electronic posting to constitute electronic delivery under certain circumstances Part 1 began circulating in 2009; Part 2 began circulating in 2011; in late 2012 the two parts were joined to form the current model law Some states have enacted both parts, some have enacted one or the other, some have enacted one and have one part still pending
Electronic Delivery - recent changes 54 Part 1: Electronic delivery of a document "shall be considered equivalent of any delivery method required [under the insurance code], including first class mail, certified mail, certificate of mail or certificate of mailing." Effectively eliminates the "specified method" roadblock Consumer must affirmatively "opt-in" to electronic delivery -- parallels (or simply references ) ESIGN disclosure + consent requirements
Electronic Delivery - recent changes 55 Part 2: Allows for electronic posting of policy documents (sometimes restricted to P&C) that contain no personally identifiable information (i.e., standard policy forms and endorsements), unless policyholder opts-out Must be accessible for as long as the policy is in force Must be archived for five years after expiration Must be posted in a manner that allows the insured to retrieve and print using software widely available on the internet Insurer must provide certain information with declarations page and any renewals, including: exact policy and endorsements purchased, the method by which the insured may obtain a paper copy without charge, the internet address where the policy/endorsements are posted
Electronic Delivery - Indiana 56 Enacted Part 1: Ind. Stat. 27-1-43-1 et seq. effective as of July 1, 2014 Electronic delivery (includes delivery to a designated email address or posting to a web site, mobile app, etc. with separate notice delivered to designed email address) of a notice or document is considered to be equivalent to any legally required delivery method -- eliminates "specified method" exemption Party ("recipient of notice/document required as part of an insurance transaction") must affirmatively consent to electronic delivery after being provided with a clear and conspicuous disclosure statement (restates ESIGN requirements). If insurer already has consent of a party to receive certain notice/document electronically and the insurer intends to deliver additional notices/documents to the party pursuant to the new law - insurer must notify the party that notices/documents that were not previous electronically delivered may now be electronically delivered and the party has right to withdraw consent to electronic delivery Has not enacted Part 2 of model
Electronic Delivery - Ohio 57 Enacted portions of Part 1 and Part 2. See Ohio Ins. Code § 3901.41 (effective September 4, 2014). Part 1: Any information, including notices of cancellation, nonrenewal or termination may be delivered electronically to the last known "contact point" ("any electronic identification to which messages can be sent," including email, instant message, cell phone) supplied by the insured. Insured must consent to electronic transaction and be provided with full disclosure of "details of automated transaction" -- similar to ESIGN Disclosure If the insurer has knowledge that the insured's contact point is no longer valid, the insurer must send the information via regular mail. Does not fully eliminate specified method exemption - unclear interplay
Electronic Delivery - Ohio 58 Any information, other than notices of cancellation, nonrenewal or termination, are permitted to be delivered via secure website if the insurer sends an electronic notice to a contact point and the electronic notice includes a hyperlink to the secure website. If insurer uses a secure we site to deliver changes to an insured's policy, certificate or contract (including endorsements or amendments), the electronic notice to the insured must include: A list/summary of the changes A link to the complete document A statement substantially similar to the following, displayed in a prominent manner: "There are changes in the terms or conditions of your policy, certificate or contract of insurance."
Electronic Delivery - Ohio 59 Part 2: Policy documents that do not contain personally identifiable information may be posted to the insurer's web site in lieu of any other method of delivery, provided that: The policy documents are readily accessible by the insured and, once the policy documents are no longer used by the insurer in this state, it is stored in a readily accessible archive; The policy documents are posted in such a manner that the insured can easily identify what's applicable to them and print or download the documents without charge and without the use of any special program or application that is not readily available to the public without charge; The insurer provides written notice at the time of issuance of a method by which the insured may obtain upon request a paper or electronic copy of their policy documents without charge; The insurer clearly identifies the applicable policy documents purchased by the insured on any declaration page, certificate of insurance, summary of benefits, or other evidence of coverage issued to the insured; The insurer gives notice, in the manner it customarily communicates with an insured, of any changes to the policy documents and of the insured's right to obtain upon request a paper or electronic copy of the policy, endorsements, or amendments without charge.
Electronic delivery - California 60 California started out different -- recent changes in the law are less about moving ahead and more about catching up California Senate Bill 251 (effective January 1, 2014) Allows certain documents, previously excluded, to be delivered electronically, provided that insurer complies with certain conditions: Offer of renewal required by 663 (personal auto) and 678 (commercial insurance) and notice of conditional renewal required by 678.1 (commercial) Offer of coverage or renewal or any disclosure required by Section 10086 (earthquake coverage) Offer or renewal for a workers' compensation policy
Electronic delivery - California 61 Conditions -- Insurer must: Obtain insured's consent - "opt-in" (verbal, written or electronic); retain consent while policy in force and five years after Disclose (paper or electronically): that insured may opt-out any time and how to do so, a description of what the insured is opting in to receive electronically, the process or system to report a change or correction in the insured's email address, the insurer's contact info Include insured's email address on the policy declaration page Annually provide one free printed copy, upon request
Electronic delivery - California 62 Conditions cont. Maintain a process or system that demonstrates that the document was both sent and received (consistent with UETA); retain information about process/system while in force and for 5 years Upon receiving information indicating document was not received, must within 2 business days either: i.Contact insured to confirm/update email address and resend electronically (if unable to confirm/update must send by regular mail); or ii.Send by regular mail
Electronic delivery - California 63 CDI oversight Report to the Governor regarding impact and implementation by January 1, 2018 May suspend an insurer from being authorized to use electronic delivery if there is a pattern or practice that demonstrates the insurer has failed to comply with the requirements of the law with respect to electronic delivery Sunset provision - January 1, 2019