Insurance industry urged to take more IT risks

IT managers at insurance companies who are fighting to replace a paper-based business model with technology that can improve efficiencies and customer relationship management (CRM) are up against formidable in-house political boundaries and entrenched CEOs.

Meanwhile, companies that install CRM applications often do so without revamping their business organizations to support the very tools on which they’re relying to increase their customer base, according to attendees at the LOMA Emerging Technology Conference in Washington D.C. yesterday.

Paul Cole, a CRM consultant at Cap Gemini Ernst & Young U.S. LLC in Atlanta, told attendees that insurance companies have traditionally “over-invested in the unprofitable customers and underinvested in the profitable ones.”

“You have to ask yourself which customers you’re doing this for and what do we expect to get in return,” he said.

Cole pointed out that CRM is about targeting customers for specific needs and creating efficient systems and procedures to interact with those customers and form a relationship. Often, however, companies leave out the “C” in CRM, he said.

“How does the customer benefit from this technology?” Cole asked. “Or are we automating for the sake of automating?”

More than one business consultant at the conference pointed to political friction between departments as a key roadblock to centralizing IT systems and sharing customer information.

Conference attendee Cecilia Tam, an information systems manager at London Life Insurance Co. in London, Ont., said territorial disputes between departments and affiliated companies not only cause project loggerheads, but also keep various IT departments from agreeing on one XML language.

“How are you going to amalgamate?” she said.

Tom Peters, a consultant and author of several best-selling business management books, agreed.

“Ninety-eight percent of CRM is total B.S. unless you’re willing to do the heavy lifting in the organization,” he said.

While emphasizing the business aspects of CRM over technology, Peters also mocked companies that are squeamish about spending on new technology during the current economic slowdown, saying “This is the moment in time to be aggressive in technology spending while your competitors pull in their horns.”

Peters said IT managers who want to advance ideas should bypass senior leadership and look for fellow “geeks” within their organization with whom to work before approaching CEOs with their ideas.

“It’s stupid trying to sell a new, untested technology up the command chain. Find someone who will screw around and co-concoct great visions,” said Peters, author of the best-seller In Search of Excellence: Lessons from America’s Best-Run Companies (Warner Books, 1998).

Delores Bridges, an IT systems analyst manager at insurance firm The MONY Group Inc. in New York said most companies simply don’t grant free rein to IT managers on unproven technology.

“It’s okay to take the risk, but you can’t do that with big numbers,” she said about her own experiences.

Many off-the-shelf applications tend to be too robust and need culling to fit a firm’s custom needs, added Bridges.

Security, or lack thereof, of customer data was another a main topic at the conference.

Steve Clauson, director of IS security at Mutual of Omaha Insurance Co., is nine months into a 2-year project to completely revamp security at his firm, spurred by regulations such as the Gramm-Leach-Bliley Act and Health Insurance Portability and Accountability Act and government contracts that require more stringent security.

Clauson recommended that companies begin by classifying data as high-, mid- or low-priority in order to focus expensive security technology only where needed. “If you treat everything the same, you’re spending a lot more than you need to,” he said.

Centralizing security administration, including support and control and installation of intrusion-detection systems, was also high on Clauson’s list of priorities.

By installing intrusion-detection technology at Mutual of Omaha, Clauson said he was able to track attempted virus infections this year, including 560 attempts on the firm’s servers last month alone – 190 of them attempted Code Red worm infections.

“If you’re not seeing the same numbers, you’re probably not monitoring it,” he said.