An interesting article was released yesterday in the Insurance Journal, “J.D. Power: Homeowners Want Carriers to Offer Identity Theft.”
It indicates that the 2006 Homeowners Insurance Study, results of feedback from 9,045 homeowners insurance policy holders in the U.S., finds 40% wants their home policy to include identity theft coverage.
“As personal information breaches by large corporations and government agencies frequently develop into high-profile news, privacy issues have become incredibly close to the consumer consciousness,” said Jeremy Bowler, senior director of the insurance practice at J.D. Power and Associates. “Consumers increasingly feel compelled to protect themselves from the damage caused by identity theft, representing a growth opportunity for insurance providers.”
What is interesting is that they want this coverage for not only the losses and thefts from their own homes, but also for the losses and thefts that occur within the organizations that possess their personally identifiable information (PII).
Interesting to consider, but consider the actuarial challenges of providing such coverage. What kind of information would the policy owners need to supply to the insurance company? It would seem likely policyholders would need to provide the names of all the companies with which they do business or have entrusted their PII to…and how many people could really do that? With all the outsourcing being done, and breaches occurring within those outsourced entities, seems very unlikely most businesses could be identified by consumers.
Of course this creates quite a nice potential new line of business for insurance companies. Think of all the claims they could deny by defining the coverage requirements in such a way so as to make it virtually impossible for the policyholders to meet them all. Yes, I’m skeptical, but it seems such coverage, as part of homeowners insurance, would provide a false sense of security for folks until an incident actually happens and then, “oh, so sorry, your policy does not cover clear text data on an outsourced service providers laptop; now if it had been encrypted, well, then you would have been covered…” Well, that is just one possible scenario.
There is at least one insurance company offering “identity theft protection.” Last week Nationwide announced they were adding such “identity theft protection,” which is actually credit monitoring under the product/service name of “ID Theft Assist.” The credit monitoring is an addition to their existing “ID Theft” insurance, which was launched in 2004. It does not appear to be part of homeowner’s insurance, and it DOES have associated costs. There are likely other insurance companies offering similar coverage, but this particular one happened to come up first in my search.
Consumers would likely expect more than just credit monitoring from what is labelled as identity theft insurance; they likely would want any subsequent costs of identity theft/fraud/misuse covered. That is where the challenge for insurance companies would be.
Tags: awareness and training, identity theft, Information Security, insurance, IT compliance, policies and procedures, privacy, privacy incident