With input from IIABNY and other groups, the New York State Department of Motor Vehicles this week proposed regulations that would for the first time permit insurers to issue electronic insurance I.D. cards. The proposal appeared in the Feb. 25 issue of New York State Register.
The DMV said that it consulted with several interested groups while drafting the proposed regulations, including the state police; the New York State Association of Chiefs of Police; seven individual insurers; and the Property Casualty Insurers (PCI). PCI asked IIABNY for an assessment of potential negative impacts on insurance producers. IIABNY said that any effects on producers would be minimal, since producers do not issue permanent I.D. cards. The DMV also surveyed its peers in the 30 states that currently permit electronic I.D. cards to address concerns raised by the police chiefs.
Highlights of the proposed rules:
- Insurance companies that choose to will be permitted to issue electronic I.D. cards. However, they will be able to do so only with the consent of the person or entity named on the card.
- Electronic ID cards will be acceptable as proof of insurance in the same manner as paper ones
- The cards must be capable of being displayed on a device that would earn the driver a ticket if used while in motion, such as cell phones, PDA’s, tablets, laptops, game systems, and similar devices.
- They must meet the standards that apply to paper cards
- Insurers will be prohibited from issuing them for:
- Temporary I.D. cards – agents and brokers will probably not be able to issue them
- Self-insured entities
- Fleet transactions, where the vehicle description on the card is “ALL OWNED VEHICLES”
- Retail auto dealers, where the vehicle description on the card is either “DEALER GARAGE AUTO LIABILITY POLICY" or “ALL OWNED AND NON-OWNED VEHICLES-COMPHREHENSIVE AUTO LIABILITY POLICY"
- Wholesale auto dealers and transporters, where the vehicle description on the card is "AUTO LIABILITY POLICY"
The DMV is accepting comments from the public on the proposed regulations until April 11.
I read the insurance trade press every day, and if there's one story I read over and over again, it's that the U.S. insurance industry is on the verge of a cataclysmic brain drain. The workforce is getting older (I'm 53 years old, which makes me one of the younger members,) and a lot of people in the industry are seeing visions of retirement. A sizeable number of our colleagues will write their last accounts or adjust their last claims over the next several years. By most accounts, we are nowhere near ready for this.
That's why the work described in this three-minute report from a TV news show in upstate New York is so important. Many of you are probably familiar with the name "InVest," but you may not know how it works or how well it works. This is a good example of outstanding work done by one CEO of a small mutual insurer and some high school teachers.
Watch, and think about what you can do to make sure knowledgeable insurance professionals will be there to handle your claims ten years from now.
Text of an email recently sent to an IIABNY member:
I was asked to respond to your inquiry. As I understand it, you want to know whether your agency is required by law or regulation to encrypt certain customer information, such as when you prepare and email auto insurance I.D. cards. I apologize for the length of this response, but my conclusion is that the law and regulations do require an agency to encrypt such communications.
Certain sections of the federal Gramm-Leach-Bliley Act imposed requirements for the protection of customer information on insurance licensees. This law directed state insurance departments to implement and enforce the requirements. In New York, the Department of Financial Services enforces them by way of Insurance Regulations 169 and 173 (both are available for download from the Privacy page in the Member Answer Center of our Web site.) Regulation 169 pertains to privacy of consumer financial and health information; Regulation 173 pertains to standards for safeguarding that information. It is Regulation 173 that directly addresses your question.
The core requirement of Regulation 173 states simply:
“Each licensee shall implement a comprehensive written information security program that includes administrative, technical and physical safeguards for the protection of customer information. The administrative, technical, and physical safeguards included in the information security program shall be appropriate to the size and complexity of the licensee and the nature and scope of its activities.”
I think this paragraph can be found in the dictionary as an example of the word “vague”. It does include some defined terms, however. A customer is someone who is seeking, or obtains, or has obtained in the past personal lines insurance from a carrier or agency that has “nonpublic personal information” about him, if he has a continuing relationship with that carrier or agency. If I bought insurance from you last year and still have that insurance through you, and you have information on me that people cannot find in a public database, then I am your customer within the regulation’s meaning.
The term “nonpublic personal information” includes “nonpublic personal financial information” and “nonpublic personal health information.” I’ll focus on the financial side here. The term “nonpublic personal financial information” includes:
- Any information: 1) a consumer provides to the carrier or agency to obtain an insurance product or service from it; 2) about a consumer resulting from the insurance transaction; or 3) that the carrier/agent otherwise obtains about him in connection with providing an insurance product or service to him.
- Any list, description or other grouping of consumers (and publicly available information pertaining to them) that is derived using any personally identifiable financial information other than publicly available information.
It does not include health information; publicly available information (other than that included in the list described above); or any list, description or other grouping of consumers (and publicly available information pertaining to them) that is created using only publicly available information.
For example, a list of cars that a consumer owns is “nonpublic personal information” because that falls under the first bullet point. A list of consumers who have registered cars with model years 2013 and later is also “nonpublic personal information” because it is compiled using information not publicly available. A list of all households on a particular street is not nonpublic personal information because street addresses are easily available from public sources.
In my opinion, an auto insurance I.D. card is a document that contains nonpublic personal financial information because it contains the name of my insurance company; my policy number; and the year, make, model and VIN of my car. None of these pieces of information are available from public sources. By law, the DMV would provide this information only to a person who has a use for it permitted by that law.
So, if I am your customer and you have nonpublic personal information about me, then Regulation 173 requires you to safeguard it. The regulation requires you to implement an information security program designed to accomplish three things:
- Ensure the security and confidentiality of customer information
- Protect against any anticipated threats or hazards to the security or integrity of such information; and
- Protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer.
Encrypting an email that contains my auto insurance I.D. card would appear to fall within all three of these requirements. It is designed to keep my information confidential, to protect against the omnipresent threat from hackers, and to keep it from being stolen. Theft of the information about my cars could cause me harm, as someone could conceivably borrow money in my name and list my cars on the loan application as assets. Conversely, failure to protect emailed communications could be construed as failure to implement the information security program because the three objectives are not met.
The Agents Council for Technology Web site has a wealth of information about ways to accomplish the regulation’s objectives, including information about TLS encryption technology. You may find some of that information helpful.
To summarize, I believe the Gramm-Leach-Bliley Act and the regulations that implement it require insurance agents and brokers to encrypt email messages that contain customers’ nonpublic personal financial information. This would include auto insurance I.D. cards and other documents that contain information not readily available to the public.
When Congress and the president extended the Terrorism Risk Insurance Act last month, they also enacted the National Association of Registered Agents and Brokers Reform Act. This law will make multistate licensing far easier for insurance producers all over the country. The slideshow shown below is a quick overview of what NARAB is and what it means. The slideshow will be permanently available on the Licensing page of the IIABNY Member Answer Center and the CE & Licensing Help page in the Education section of the IIABNY Web site.
It's online today at WorkersCompensation.com, it's all in rhyme, and it features my post calling on agents to stop issuing certificates of insurance. 'Tis the season of hope, you know.
The first time Carl Dietrich brought his flying-car concept to the Experimental Aircraft Association’s annual AirVenture gathering in Oshkosh, Wisconsin, he had only a video to show the aviation geeks who wandered by his modest stall. The following year, he brought the mock-up of a wing. Six years later, in July 2013, he was finally ready to fly the prototype.
As the announcer who introduced the Terrafugia Transition put it: “Ladies and gentlemen, this is one of the most incredible things we’ve seen, ever, here at Oshkosh. Twenty-five minutes ago, this was a street-legal automobile. Now, it’s in the air.”
Pilot Phil Mateer buzzed the crowd while the announcer patched into his cockpit microphone to ask him how it felt up there. “I’m in a car looking down on traffic,” Mateer replied. “And it flies real nice.”
More than a hundred people have paid deposits of $10,000 each for the Transition, which will be capable of 70 miles (110 kilometers) per hour on the road and 100 mph in the sky when it finally comes to market sometime within the next three years. Dietrich is refining details on the third-generation prototype of his $279,000 vehicle before attempting certification by both the FAA, which regulates planes, and the National Highway Traffic Safety Administration, which oversees cars.
Critics say flying cars are unlikely to be both great airplanes and great automobiles. But that misses the point, says Dietrich, who explains the Transition is intended to expand the definition of an airplane, solving a number of persistent problems in the process.
First and foremost is that small planes are virtually useless in inclement weather. If a storm rolls in while you’re flying the Transition, on the other hand, you can simply land at many of the 5,000-plus airports in the U.S. alone, push a button to fold up the wings and hit the road until conditions improve. At home, you can park it on the street or in the typical suburban garage. And it runs on regular unleaded gas, which is cheaper and cleaner than aviation fuel and available at your local service station.
“You’re getting comparable gas mileage to your road car, but you’re going 100 miles per hour over all the traffic,” Dietrich says.
That makes the Transition ideal for weekend jaunts or for salespeople and others whose jobs require regular trips of a few hundred miles — although, at the expected price, even he admits it won’t be within reach of your average salesperson anytime soon.
For insurance purposes, is it an automobile or an aircraft? Which insurance policy is appropriate? Will someone have to create a whole new insurance product? And who will offer it? How will carriers underwrite it?
Say what you want about the times we live in, but boring they are not.
What does New York law say about broker of record situations?
Some insurance carriers are no longer sending print copies of policies. What should their agents do about it?
Question from an IIABNY member: Back in the day when I became a licensed broker, the only P&C option available was a full P&C license to become an agent or broker. Now with GEICO coming to western New York, the option of having a personal lines license is available. My question is, if a staff member opts to only obtain a personal lines brokers license, as an agency does that prohibit us from allowing the staff member to do certain things in commercial lines? I understand that they shouldn’t be selling commercial lines but what about serving commercial lines?
Answer: I think the best way to answer this question is to look at the definitions in New York insurance law, specifically Section 2101. Here are the relevant parts:
You need a license to perform any of the activities described in (m), (n) and (o). You do not need a license if you are not receiving commissions and you perform the activities described in (2)(A), (B) and (C). Therefore, the answer to your question really depends on the types of service activities this person might perform. Forwarding endorsement requests to carriers, issuing certificates of insurance, recording claim reports on forms, and issuing auto I.D. cards are clerical tasks that do not require a license. Giving someone coverage advice, advising them to buy cyber insurance from Zurich, or selling them higher umbrella limits are all producer activities which require a license.
(c) In this article, "insurance broker" means any person, firm, association or corporation who or which for any compensation, commission or other thing of value acts or aids in any manner in soliciting, negotiating or selling, any insurance or annuity contract or in placing risks or taking out insurance, on behalf of an insured other than himself, herself or itself or on behalf of any licensed insurance broker, except that such term shall not include: …
(2) an officer, director or employee of a licensed insurance producer, provided that the officer, director or employee does not receive any commission on policies written or sold to insure risks residing, located or to be performed in this state and:
(A) the officer, director or employee's activities are executive, administrative, managerial, clerical or a combination of these, and are only indirectly related to the sale, solicitation or negotiation of insurance; or
(B) the officer, director or employee's function relates to underwriting, loss control, inspection or the processing, adjusting, investigating or settling of a claim on a contract of insurance; or
(C) the officer, director or employee is acting in the capacity of a special agent or agency supervisor assisting licensed insurance producers where the person's activities are limited to providing technical advice and assistance to licensed insurance producers and do not include the sale, solicitation or negotiation of insurance; …
(m) In this article, "negotiate" or "negotiation" means the act of conferring directly with or offering advice directly to a purchaser or prospective purchaser of a particular contract of insurance concerning any of the substantive benefits, terms or conditions of the contract, provided that the person engaged in that act either sells insurance or obtains insurance from licensed insurers, fraternal benefit societies or health maintenance organizations for purchasers.
(n) In this article, "sell" or "sale" means to exchange a contract of insurance by any means, for money or its equivalent, on behalf of a licensed insurer, fraternal benefit society or health maintenance organization.
(o) In this article, "solicit" or "solicitation" means attempting to sell insurance or asking or urging a person to apply for a particular kind of insurance from a particular licensed insurer, fraternal benefit society or health maintenance organization.
Photo by State Farm. Used under a Creative Commons Attribution 2.0 license.
I got an email last week from an IIABNY member whose client was battling with an insurance company over her teenage son. This client is a single mother whose son resides with his father. The son is of driving age, and his father has him listed on his auto insurance policy as a driver. However, the mother's insurer insisted on listing him (and charging for him) as well. Their reasoning was that the father carried only the state minimum limits for auto liability insurance, while the mother carried much higher limits. The carrier service rep wrote to the mother, "Since (your son) meets our definition of an insured person, if the coverage were to be exhausted on his policy due to a claim, it is possible that your policy would be secondary.” Is that true?
I don't think so.
The mother's policy had language very similar to that found in ISO's Personal Auto Policy, which states:
Therefore, if the policy is in the mother’s name, it will provide Liability Coverage for her while she is maintaining or occupying a car that her son has regular access to, but it will not provide that coverage for him. Thus, if he injures someone with a vehicle scheduled on his father’s policy, and that vehicle is available for his regular use, then only the father's policy will respond. It's important to keep in mind, though, that if the son customarily has access to his mother’s vehicles when he is staying with her, the company is within its rights to price for that exposure.
"We do not provide Liability Coverage for the ownership, maintenance or use of: …
3. Any vehicle, other than 'your covered auto'", which is:
a. Owned by any 'family member'; or
b. Furnished or available for the regular use of any 'family member'.
However, this Exclusion (B.3.) does not apply to you while you are maintaining or 'occupying' any vehicle which is:
a. Owned by a 'family member'; or
b. Furnished or available for the regular use of a 'family member'."