Blog

Cloud Computing in Insurance: Where Does the Data Go, Exactly?

Joe McKendrick
Insurance Experts' Forum, November 24, 2009

Cloud computing offers some compelling value propositions, and the economics seem hard to beat. But this nascent industry appears to still be struggling with the issue of data security, and this is a show-stopper for many within the insurance industry.

This was the first and foremost issue raised by an insurance company executive in a keynote panel I observed at last week’s Interop conference in New York. The panel, which focused on enterprise cloud computing, featured representatives of end-user organizations who were given the opportunity to ask pointed questions of leading cloud vendors. John Merchant, assistant VP for The Hartford Financial Services Group, as joined by Louis Gutierrez, former CIO of the Commonwealth of Massachusetts and former CIO of Harvard-Pilgrim Healthcare and Rico Singleton, deputy state CIO for New York on the end-user side of the panel, facing off against representatives of Amazon Web Services, Google, Microsoft and Joyent.

John Merchant said that when it comes to cloud computing, “my main worry is that wee need to know where all the information my company will collect will be maintained,” adding that this applies to both non-regulated data such as customer contact information, and regulated data under the aegis of HIPAA.

Adam Selipsky of Amazon Web Services replied that such workloads need to be kept separated by a hybrid cloud and on-site computing model.

Merchant added that The Hartford has a “staggering amount of regulations”—both state, federal and international mandates. “If my data is lost in any way, if our cloud provider has an issue, I'm on the hook.”

Massachusetts' Gutierrez said that cloud vendors ought to be certified with some kind of “Good Housekeeping” seal of approval to certify that they meet key industry standards. The vendors agreed, but pointed out that such a certification doesn't exist yet.

New York's Singleton said the he felt that many internal enterprise applications just aren't suited for the cloud. He said there are “serious legal concerns and impediments,” along with “boundary issues where public cloud doesn't make sense.” The best functions suitable for public cloud computing are storage, disaster recovery and peak-time extensions, he said.

At least one vendor seemed to agree that peripheral applications are the best candidates for cloud. Don Dodge of Google urged that those companies adopting cloud computing move slowly into the process.

“Do the easy things first,” he said. “Don't make it more complicated than it is. Start with things like email and productivity applications.”

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

To Quantify or Not — That is the Question with Modernization

Making the quantitative case is a long-practiced ritual in many insurance organizations.

3 Reasons DevOps Matters

Every insurer needs to compete on products and information turned around in light-speed fashion.

Coordinate Coverages to Manage Social Media Exposures

The bottom line is that no one policy will cover all the exposures in the social media realm.

The Internet of Things: Helping Insurers Make Better-Informed Decisions about Risk

The IoT is a major game changer for the insurance industry, and will likely affect every part of the insurance value chain. After all, insurance is data-driven, and that’s exactly what the IoT can deliver—relevant, actionable, real-time data that can provide an accurate picture of what is being—or may be—insured.

Software-Defined Everything

What does it take to virtualize all the key components in your data center?

On Thanking the Regulator … Really

The Financial Conduct Authority is demanding higher standards of consumer protection from insurers, which could lead to greater customer engagement and understanding.

Advertisement

Advertisement