Note to reader: This is Chapter 5 of Personal Privacy in an Information Society: The Report of the Privacy Protection Study Commission transmitted to President Jimmy Carter on July 12, 1977. The full Table of Contents is listed below.
The activities of the nation's 4,700 insurance companies touch the lives of all Americans in a variety of ways. Two out of three Americans have life insurance protection;1 90 percent of the civilian population under age 65 is covered by individual or group health insurance policies;2 and 15 million are covered by the pension plans that life insurers offer.3 It is estimated that almost 90 percent of the registered automobiles in the country are insured,4 and few homes are without insurance coverage. In 1975, the premiums Americans paid for life, health, and pension coverage amounted to $58.6 billions 5 and property and liability insurance premiums amounted to another $50 billion.6 The companies, for their part, paid out an estimated $75 billion in claims and policyholder benefits.7
The central function of insurance is to spread the economic burden of unforeseen financial losses by using the premiums paid by many insureds to pay for the losses sustained by a few. Some forms of insurance protection are mandated by law or business practice. For example, a number of States require car owners to carry auto insurance. Mortgage lenders require borrowers to carry fire insurance. Contractors are required to provide surety bonds to protect their clients against failures to perform and some fields of employment require fidelity bonds. Other forms of insurance, such as life, health, malpractice, and product and other liability coverages, are virtually mandatory in the minds of many people. Indeed, the cost and availability of insurance influence the character of society as well as the economy. It affects personal lives, life-styles, and even living standards.
Because the chief functions of an insurer-underwriting and rating risks and paying claims-are decision-making processes that involve evaluations of people and their property, the insurance industry is among society's largest gatherers and users of information about individuals. This chapter reports the results of the Commission's inquiry into the personal-data record-keeping 'practices of insurance companies and the support organizations that provide them with various services, including record keeping.
The chapter begins with a short description of the industry, its sources of information about individuals, and the role that support organizations play in gathering and disseminating such information. This is followed by an examination of the way records about an individual affect his place in the insurance relationship today, and of the problems industry record-keeping practices pose from a privacy protection viewpoint. Finally, after summarizing current legal restraints on the record-keeping practices of insurance institutions and support organizations, the Commission, in the last section, presents and explains its specific recommendations for change. As in other chapters of this report the Commission's recommendations are arranged in terms of its three recommended public-policy objectives: (1) to minimize intrusiveness; (2) to maximize fairness; and (3) to create a legitimate, enforceable expectation of confidentiality.
INSURANCE INSTITUTIONS AND SUPPORT ORGANIZATIONS
There are essentially two types of insurance companies: stock companies owned by shareholders and mutual companies owned by policyholders. (Blue Cross and Blue Shield are nonprofit associations which policyholders join.) Although the largest life insurance companies are of the mutual type, the total amount of life insurance protection in force is about equally divided between stock and mutual companies. In the property and liability insurance business, the largest company is also a mutual company, but stock companies account for over 70 percent of premium volume.
Multiple-line insurance institutions are those with affiliate companies writing both life and health and property and liability coverages. The largest property and liability insurers are affiliates of multiple-line institutions, as are the largest life insurers since the expansion of some mutual companies into property and liability lines.
Companies sell insurance in four ways: by direct mail; through an exclusive agent; through an independent agent; or through a broker. While the exclusive agent represents only one company, the independent agent may have agreements with several companies, and the broker is a legal representative of his clients rather than the companies with which he places business. Agents are paid commissions or fees by companies rather than by clients. For simplicity of discussion, however, all will here be referred to as agents.
From a privacy protection viewpoint, insurers differ more significantly in terms of product line than they do in terms of ownership and company structure. The application form for the simpler types of life and health insurance sold by direct mail typically asks for little information. Name, address, age, sex, occupation, a statement certifying that the applicant has not had certain illnesses within a stated period of time and is currently in good health, and the beneficiary's name usually suffice. This is possible because policies sold by direct mail are relatively small ones, the population buying them is comparatively large, and they tend to be for limited coverages. Thus, the spread of risk of illness and death on which the premium rates are predicated is maintained.
In contrast, insurance sold through agents typically requires more information from and about the applicant and other insureds. Such coverages tend to be broader, more varied, and often need to be tailored to the particular needs of the applicant. Of all insurance sold through agents, the type requiring the least personal information is group insurance, which is underwritten on an aggregate rather than an individual basis, i.e., over time the premium rate is determined by the illness and death experience of the entire group.
Because the experience of large groups is statistically more reliable, the experience of many small groups may often be combined in determining premium rates. Doing so, however, demands more care in offering group insurance to smaller firms than in offering it to larger ones, lest the people in low-risk groups inadvertently subsidize those in high-risk ones. Care is also exercised in soliciting large accounts, but only as to the aggregate mix of occupations or other gross characteristics of the members of the group. Thus, while group insurance by its nature is markedly less dependent on information about the individual than on any other types of insurance, the amount of detail that can be dispensed with will depend on the size of the group involved.
As to individual life, health, and property and liability insurance that is sold through agents, the amount of information collected about individual applicants and insureds can be extensive. Moreover, the way it is collected, used, and disclosed is somewhat different in life and health underwriting than in property and liability underwriting. These differences, and the privacy protection problems they create, are principal themes of this chapter.
LIFE AND HEALTH INSURERS
Life and health insurers and their agents have different reasons for collecting and using information about individuals than property and liability insurers. In the first place, people often have to be persuaded to buy life insurance, whereas there is a ready market for property and liability coverage. Moreover, because life insurance is often sold as part of a package of financial planning services offered by agents, a life insurance prospect may be asked to divulge much information about himself even before the application is completed. For example, when insurance is used in estate building or estate conservation, the agent collects detailed information about the prospect's net worth, income, career prospects, and personal goals. When business life insurance 8 is being considered, extensive information about the financial condition of the firm or its principals is required. As a result, some life insurance agents have more comprehensive knowledge about a client's financial affairs than perhaps anyone else.
Most importantly, life insurance is a contract which binds a company to pay claims or benefits unless the policyholder fails to pay premiums when due, or unless the company can prove fraud or material misrepresentation during a limited "contestable period," generally two years after which a claim must be paid even if the application turns out to have been fraudulent. Thus, before entering into such a contract, the insurer wants an accurate health history, often supplemented by a medical examination to determine current health status, financial status information to protect against overinsurance, and enough information about personal habits to judge whether they might shorten the applicant's life. If the applicant has a significant health impairment, he is subjected to an extensive underwriting investigation to determine whether insurance can be issued to him, and if so, at what rate.
With most individual health insurance, there is less pressure to gather information about the applicant than in life insurance. Unless an individual health policy is the type that is not cancelable, the company can protect itself by increasing the price or declining to renew coverage at expiration. (Some health policies are guaranteed renewable but with the understanding that the company may increase the price at the time of renewal.) Nonetheless, detailed medical-record information is gathered in order to decide whether to accept the risk in the first instance, and how much to charge. Medical-record information is also an obvious consideration in writing disability insurance. Because these coverages are more susceptible than life insurance to abuse by insureds, companies want information concerning an applicant's character and his propensity for a disabling accident or illness. Occupation is also an important consideration-the loss of a finger is more disabling for a surgeon than a businessman-and the amount of disability income protection provided needs to be related to earned income.
The applicant and agent are the primary sources of information in underwriting life and health insurance. Because each has a financial interest in seeing the sale completed, however, investigative-reporting agencies (inspection bureaus) and other outside sources are often used to check the accuracy and completeness of the information applicants and agents provide. The types of inquiries these investigations typically involve and the manner in which inspection bureaus conduct them are described in Chapter 8. Here it is enough to point out that they can involve contacts with neighbors, employers, associates, bankers, and creditors; reviews of medical records obtained from doctors or hospitals; and checks of public records for evidence of financial or legal difficulties.
Life and health insurers and investigative-reporting agencies acting on their behalf often contact third-party sources that have a confidential relationship with the applicant or insured, such as doctors, accountants, or lawyers, and thus an authorization is required before the information can be released. Typically, an applicant is required to sign such an authorization as a condition of having his application considered; is informed, as required by the Fair Credit Reporting Act (FCRA),9 that an investigative report may be obtained; and is notified that information may be reported to the Medical Information Bureau (see below).
Normally, life insurance and medical expense claims are paid when a death certificate or medical bills are submitted. Claims for disability-income benefits are verified with the claimant's physician and employer and may be investigated more thoroughly if the claim appears questionable. The insurer's need for medical-record information in processing claims and the issues it raises for public policy on the confidentiality of the medical-care relationship are discussed in Chapter 7.
The Medical Information Bureau (MIB)
Like credit grantors, life and health insurers have organizations whose record-keeping services allow them to learn something about an applicant's previous contacts with other companies in the industry. The Medical Information Bureau (MIB) is an unincorporated, nonprofit trade association set up to facilitate the exchange of medical-record information among life insurers. Nearly 700 U.S. and Canadian life insurers subscribe to it and use it as an important source of information in underwriting life and health policies and in processing life and health claims.10
Each member company agrees to send the MIB a code anytime it develops information on an individual concerning certain medical and other conditions of some underwriting significance, except that companies are no longer supposed to report information developed in processing a claim. These codes are maintained by the MIB for seven years. Typically, a member company, on receiving an application, asks the MIB to check its files for information on the individual. If a code is found, it is sent to the inquiring company, which may then seek further details from the company that originally reported it, provided, however, that the inquiring company has first conducted its own investigation (e.g., a medical examination) to verify the reported condition. These "requests for details," which must be channeled through the MIB, are limited to 15 percent of the number of reports each company has submitted within the past year.11 In 1975, there were 75,000 of them out of a possible 300,000.12
The MIB does not investigate on its own, nor does it attempt to verify any information reported to it.13 MIB Rule 9 specifies that member companies must report information regardless of the manner or form in which they acquire it. 14 Because many life insurers are also health insurers, information discovered in the course of health as well as life underwriting may thus be reported to the Bureau.
About 95 percent of the coded information contained in the MIB files is considered to be "medical." Only five percent is classified as nonmedical information, such as "reckless driving," "aviation," or "hazardous sport."15 Currently, the MIB maintains information on 11 million individuals. Approximately three percent of all life applicants are uninsurable while six percent are "ratable."16 In 1975, member companies submitted 2.45 million reports to the MIB,17 and 17.5 million requests for information, while the MIB sent out 3.6 million responses.18
The Medical Information Bureau has been a controversial organization ever since its existence came to public attention in the mid-1960's. One of the most controversial aspects has been its use of the so-called nonmedical codes. In testimony before the Commission, the Bureau's Executive Director and General Counsel identified five: (1) reckless driving confirmed by the proposed insured or by official State or provincial (Canadian) motor vehicle bureau reports; (2) aviation with the proposed insured only as the source; (3) hazardous sport with the proposed insured only as the source; (4) nonmedical information where the source is not a consumer report (i.e., an inspection bureau report); and (5) nonmedical information received from a consumer report and not confirmed by the proposed insured.19 He told the Commission that the fifth nonmedical code (nonmedical information received from a consumer report) could only refer to reckless driving, aviation, and hazardous sport and would not give life-style information.20 In a letter sent to the Commission later, however, he states that "further review of MIB>coding instructions shows that these nonspecific codes may also be used to report other types of nonmedical information, such as `age,' `environment,' `foreign residence or travel,' `occupation,' and 'finances.'" 21
Another object of controversy has been a code for reporting information about an individual's health, which, because of source, does not conform to the definition of medical-record information in the Fair Credit Reporting Act, i.e., information obtained from licensed physicians or medical practitioners, hospitals, clinics, or other medical or medically related facilities. [15 U.S.C. 1681a(i)] Such information could be reported in one of two ways. First, it could be reported by noting the specific code for the condition involved together with an additional symbol indicating that the information does not come within the FCRA definition.22 Or second, as indicated in Executive Director Day's letter, it could be reported by using a code for "medical information received from a consumer report, not confirmed by the proposed insured or medical facility. .. ."23
On October 28, 1976, some months after the discussion of these matters in the Commission's hearings, the MIB informed the Commission that it was proposing the following changes to its code list. First, it was deleting three codes: (1) nonmedical information where the source is not a consumer report; (2) nonmedical information received from a. consumer report not confirmed by the proposed insured; and (3) medical information received from a consumer report not confirmed by the proposed insured or a medical facility. The MIB assured the Commission that in the future "medical impairments may be reported only if information or records are received from the applicant or from licensed physicians, hospitals, clinics, or other medical or medically related facilities." It further stated that the three eliminated codes "will no longer be transmitted to member companies and will be purged or subjected to a `no report order."'24
Second, the remaining nonmedical codes (reckless driving, aviation, and hazardous sport confirmed by the proposed insured) may now only be reported to the MIB if such activity has occurred within the three years preceding the application at hand.25 This was in response to the complaint that very old information could get into MIB files; that the practice of purging information reported more than seven years ago does not mean that all events or conditions coded in MIB records occurred within the previous seven years. For example, a reckless driving conviction that occurred 20 years ago could be noted in MIB records if a company reported it within the previous seven years.
Finally, the MIB also proposed to change the code which reports medical information obtained from a Federal agency to read "medical information obtained from a Federal medical source."26
A further source of controversy has been that codes dropped in the past, as far as reporting requirements were concerned, are nonetheless still in the MIB file and thus can still be reported to MIB members. In reaction to this criticism, the MIB informed the Commission that the following discontinued codes will be purged or subjected to a "no report order": "`information obtained through a disability or health claim,' `nonconformity,' `age,' `environment,' `foreign residence or travel,' `occupation,' 'insurance hazard,' and `finances,"' and, of course, the three nonmedical codes mentioned above.27
Finally, the entire MIB system is predicated on the rule that the receiving company may not base an adverse underwriting decision on the information received from the MIB, but must make its own independent investigation.28 Rule 14 reads:
The information received through the Bureau shall not be used in whole or in part for the purpose of serving as a factor in establishing an applicant's eligibility for insurance.The application of this rule means that: (a) an application for insurance shall never be denied nor shall any charge therefore be increased wholly or partly because of information received through the Bureau and (b) all information received through the Bureau shall only be used as an alert signal.29
MIB's Executive Director told the Commission that "... Rule 14 is strictly adhered to by members who are regularly visited under the Company Visit Program."30 When questioned, however, he agreed that the requirement to conduct an independent investigation may mean simply going to an investigative agency and getting old information that was once before the basis for an MIB report.31 (Presumably this problem will be alleviated by the proposed elimination of inspection bureaus as authorized sources of certain types of information.) As to the Company Visit Program, moreover, it became apparent that Rule 14 may not be as strictly observed as the MIB would like to believe.
From time to time MIB staff members visit member companies to make certain that underwriters understand the Bureau's rules and to check on compliance with them.32 A typical visit includes a check and review of the member's security arrangements and an "audit" of 20 randomly selected files.33 Two major kinds of violations are looked for: (1) requests for details on MIB codes that have been submitted without first conducting the required independent investigation; and (2) adverse underwriting decisions that have been made solely on the basis of an MIB code (i.e., violations of Rule 14).34 In a letter following his hearing testimony, the Executive Director told the Commission that in 1975, "161 member companies were visited and 3,200 underwriting files were examined ...," but that "in fact only fifteen violations [of Rule 14]" were discovered.35 Since the MIB sends out 3.5 million positive responses to company queries each year this means, if the sampling procedures permit such extrapolation, that overall there were approximately 15,000 violations of Rule 14 in 1975.
The efficacy of the investigation procedure was also questioned by the Commission. Each year the Company Visit Program looks at about 3,000 files (three companies per week, 150 companies per year, 20 files per company).36 Because companies may have several regional offices, however, and because at the rate of 150 companies per year it would take five years to cover all the members, a considerable amount of slippage could go undetected.
Thus, in response to the Commission's expression of concern, the MIB has proposed the following changes. Each MIB member will now be required to adopt formal procedures to protect the confidentiality of MIB information. In addition, starting in 1977, each member must conduct at least annually "a self-audit program to determine whether it has complied with MIB's constitution and rules and whether its internal procedures have protected the . . . confidentiality of MIB information." In addition, the MIB investigation program, "will be expanded during the course of 1977 to include review of the results of members' self-audits." Such a review will include an on-premise inspection of internal procedures instituted by companies to implement certain aspects of MIB policy.37
Whether this voluntary program will be effective remains to be seen. The Commission, however, took the proposed changes into account in making its recommendations regarding insurance institutions and support organizations and believes that it has also found several ways of reinforcing the MIB initiative.
The Impairment Bureau
The Impairment Bureau, a service of the National Insurance Association, is another support organization that exists solely to facilitate communication among life and health insurers. The Impairment Bureau, however,differs from the Medical Information Bureau in several important respects.
In the first place, the Impairment Bureau's membership is muchsmaller and while all of its member companies may forward information toit, only five do so on a regular basis. Second, information about anindividual is only sent to the Impairment Bureau when his application hasbeen declined. Third, each member regularly receives a report on every declination reported to the Bureau without having to ask for information on any particular individual. The Bureau compiles the information it receives on sheets which contain approximately 60 entries per page. Each entry contains the name of the applicant, his date and place of birth, the date of the rejection, a coded entry representing the cause of the declination, a coded entry representing the name of the reporting company, and the city and State where the applicant resides. This information, on approximately 2,000 declined applicants a year, is sent every other month to all member companies.
Like MIB records, Impairment Bureau records contain some information on conditions other than medical ones. Unlike the MIB, however, the Impairment Bureau does not have any specific rules to govern the use of the information it disseminates to member companies or the functioning of the Impairment Bureau itself. Each company may use the declination information as it sees fit and could, for instance, decline an applicant on the basis of the previous declination alone. On the other hand, the Impairment Bureau does not retain copies of the information submitted to it and has not done so since 1964. It merely compiles and distributes information to its members on the basis of the reports it gets from them. Once it has performed this function, the incoming reports are destroyed.38
PROPERTY AND LIABILITY INSURERS
In>contrast to most life insurers, a property and liability insurance company has a ready market among people concerned about the replacement cost of tangible assets or about protecting themselves against liability claims brought by others. A property and liability company, moreover, can increase the price charged a policyholder or effectively cancel the risk by declining to renew coverage at the expiration of each contract period, Yet, as in the case of life and health insurance, detailed information s needed to decide whether to accept the risk in the first instance and how much to charge.
With property insurance, the items to be insured need to be identified accurately and valued, and the degree of care taken to protect them against fire, theft, or loss established. Since these coverages are also susceptible to abuse and fraud, the company wants to know enough about an applicant to make a reasonably confident estimate of his probable loss characteristics. Because liability insurance protects a policyholder against legal damages he may incur through negligence, underwriters consider it important to know, in the case of homeowners coverage, whether his home is well maintained and reasonably free of hazards, or to know, in the case of automobile insurance, whether he and others regularly using the car are responsible drivers. Although the applicant and agent are again primary sources of such information, a company often checks the information they provide through an inspection bureau report or other sources considered more impartial.
The types of information needed to underwrite automobile insurance include name, address, date of birth, marital status, sex, occupation, driver's license number, use of vehicle, any physical impairments, how long licensed (if less than three years), and information regarding any accident or moving traffic violations in the past three years. State motor vehicle department records are often checked to verify the driving record of the applicant and members of his family. Some companies also require a physician's statement for elderly or physically impaired drivers. Finally, automobile underwriters sometimes order an investigative report on an applicant to find out whether his character, mode of living, and reputation in the community, may, in the judgment of the underwriter, influence the frequency of claims or the applicant's "defendability" in court. In other words, these reports are used by an auto insurer to determine whether the premium at which a policy may be issued is the correct one, but also, if highly derogatory information s uncovered, whether the policy should be issued, or if it has already been issued, whether it should be renewed.
For underwriting other forms of personal property and liability insurance, such as homeowners' policies, personal property floaters, fire policies, and boat policies, information requirements vary widely. To prepare and issue homeowners and fire policies, for example, the information required would include type of construction, age of dwelling, and distance to the nearest fire hydrant and fire department. For certain properties, an appraisal of their value may be required.
Information is, of course, also sought in the settlement of property and liability claims. Usually, this involves no other contact beyond the insured, the police or fire authorities, and the repair concerns involved in placing the property back in its original condition. Where the policy covers bodily injuries, however, contact may be made with the attending physician, the hospital, or other providers of medical services regarding the nature and extent of the injuries and the reasonableness of fees charged for services. In those few situations involving suspected fraud, the investigative activity may involve more extensive interviewing which can include witnesses, discussions with local law enforcement officials, and securing other background information that may be necessary to prepare for an effective defense if the claim is denied.
The investigation of claims or losses to determine the policyholder's liability to others (i.e., "third-party claims") will generally result in greater information gathering. A very detailed and complete investigation will frequently be made to determine the insured's responsibility for injury or damage and the degree or extent of such injury or damage. The role of inspection bureaus and private investigative agencies in the settlement of property and liability claims is briefly described in Chapter 8.
THE LOSS INDEXES
In the processing of claims, the indexes of the American Insurance Association (AIA) may be checked to determine whether the claimant has had a series of prior losses or is submitting claims for the same loss to other companies. These indexes -cover fire, burglary and theft, and fine arts losses, as well as third-party personal or bodily injury claims arising under automobile, homeowners, malpractice, and worker's compensation policies.39 Many property and liability companies in the industry subscribe to the loss indexes. When a claim is filed, the insurer reports basic information on the claim to the proper index and, in return, receives from the index a copy of any previously filed reports on the claimant. In addition, the insurer, on the basis of such a report, can go to the company that filed it for further information.
The Fire Marshal Reporting Service
The Fire Marshal Reporting Service (FMRS) reports to fire marshals in 27 States on fire claims its members have paid. In addition, the FMRS maintains an index on reported fire losses in every State which any member can use to determine the prior loss record of a claimant as a check, for example, on arson. Membership in the Service is available to all interested insurance companies in the United States. At present 189 belong.40
Unlike reports made to the other indexes, reports made to the Fire Marshal Reporting Service are made after the claim has been paid. Reports are mandatory in those 27 States where the Fire Marshal must be notified of all losses above a minimum amount ranging from $10 to $250. Otherwise, the Service accepts reports of losses in amounts of $250 or more. Currently, there are 1,067,000 loss reports on file, all of them generated within the previous six years.41
Like Index System records (see below), Fire Marshal Reporting Service records are obtainable solely for the purpose of processing claims. "For a subscriber's authorized reporting office to initiate a search, the office must be handling and report a claim under the lines of coverage serviced . ... 42 The requirement that records be used only for claims purposes is enforced by requiring an index card from the inquiring subscriber before making any search or giving out any information.
The Burglary and Theft Loss Index
The Burglary and Theft Loss Index is maintained separately from the Fire Marshal Reporting Service, but membership in the FMRS entitles a company to receive reports from both systems. By using the Burglary and Theft Index, a member may detect simultaneous claims on the same item or a claim on a loss for which the claimant has previously been reimbursed. Part of the Burglary and Theft Loss Index is the Fine Arts Loss Index whose function is to expose fraudulent claims involving art objects and to help locate missing ones that have been the subject of prior claims.43
The National Automobile Theft Bureau
The National Automobile Theft Bureau is a service organization sponsored, operated, and supported by approximately 500 insurance companies writing automobile, fire and theft insurance. The primary objectives of the Bureau are to assist in the recovery of stolen automobiles, to investigate automobile fire and theft losses which may be fraudulent, and to promote programs designed to prevent or reduce such losses. The Bureau operates as a national clearinghouse for stolen car information. Member companies report automobile thefts to the Bureau and the Bureau notifies member companies of recoveries, which are made primarily from police tow-away pounds.
According to its operations manual, the Bureau maintains the following record systems:
The Index System
The Index System accumulates and makes available to its subscribers records concerning third-party personal and bodily injury claims. The Index System is maintained solely for use in claims processing. Ten branch offices serve all 50 States, the District of Columbia, the Commonwealth of Puerto Rico, and the Virgin Islands.44 Subscribers report claims to the office servicing the territory where the incident occurred. Receipt of a properly completed index card from a subscriber triggers a search of the Index. If the search turns up prior submissions on the claimant, the subscriber will be sent a photocopy of all of them.
The Index System is decentralized. Searches are normally limited to the records of the receiving branch office. Where the submitted index card shows that the claimant lives or once lived in the geographic area of another office, however, the inquiry is automatically referred to that other office for further checking and disclosure directly to the inquiring company of any record found.45 The Index System "Instructions for Subscribers" says that "each subscriber is expected to cooperate by furnishing information contained in its claims files to other subscribers ...,"46 and also permit the insurer who has been asked for information to ask, in turn, for information from the inquirer. This allows two insurers who are in the act of settling claims by the same individual to communicate with each other.
There are two limits to these exchanges of claims information directly between insurers. First, ."the exchange of information on [auto-related] medical payment, death and disability claims is at the discretion of the subscriber."47 Second, "the Inquiry Form is to be used only in cases where substantial claims are involved to relieve subscribers of unnecessary work in procuring and examining closed files."48 (Italics in the original.)
Reports to the Index System must be limited to claims of the following types: automobile liability (including uninsured motorists); automobile accident reparation (or personal injury protection); liability other than automobile, including liability claims under homeowners, commercial, multiple peril, yacht, pleasure craft, and aircraft policies; claims based on false arrest, assault and battery; malpractice claims; and worker's compensation claims. Worker's compensation claims are supposed to be reported only when they involve: (1) disability due to amputation, back injury, disfigurement, dislocation, eye injury, fracture, head injury, hernia, loss of hearing; (2) injuries with possible lost time payments of $500; (3) occupational diseases with possible medical and lost time payments of $1,000; (4) lost time claims by longshoremen and construction workers; or (5) a suspicion of fraud. A report must be made on any claim falling in these areas, except that reports on auto-related medical, death and disability claims are discretionary.49
Subscription to the Index System is open to "all insurance companies writing bodily injury liability coverages without regard to membership in the American Insurance Association."50 To belong to the System, one must either be a liability insurer where liability claims are made against an insured, or a self-insurer (such as an employer) which may have liability claims made directly against it.51 About 26 percent of the Index System subscribers are selfinsurers, but they represent a very small percentage of those that report.52 In total, the Index System currently has 1,183 subscribing insurers and self-insurers and maintains records on approximately 28 million bodily injury claims reported during the System's six-year report retention period.53
A witness from the Index System offered some anecdotal evidence of its efficacy in uncovering fraud. One story tells of an elderly woman who constantly sustained minor injury to ;per mouth because of glass in a sandwich.
In appearance, she resembled the classical image of . . . [a] grandmother-unassuming, nondemanding, doing a public service by calling attention to a deficiency in an insured's kitchen with no intent of making a fuss. From the viewpoint of the insurance carrier, liability was there; the demand was modest. The settlement was simple and uncomplicated. In fact . . . the insurance company almost had to force payment upon the claimant to accept any compensation for her inconvenience and minor injury.The sad truth was that "grandma" was a professional claimant. In her purse, she carried glass fragments which she would place in her mouth to cause a laceration. She would, then, call the waiter, display the physical evidence of the glass bit and the bloody napkin. Her manner would be mild and full of concern for other diners who might not be so fortunate in sustaining only a minor injury. She was literally in the claim business.
Fortunately, in her travels, she did establish a pattern of reports involving subscribers [to the Index System] which led to an investigation of her activities and ... agreement to divert her activities to more constructive lines.54
INFORMATION FLOWS FROM INSURANCE INSTITUTIONS
Both life and health and property and liability insurers routinely disclose information about an applicant or insured to the agent, to the extent necessary to service the policy; to reinsurers (when a company underwriting a large policy wants to reduce its exposure to loss); to an insured's physician; to inspection bureaus to facilitate the preparation of an investigative report; and to other types of investigators asked to prepare such reports. Because insurance is often required to buy a house, operate a car, pursue a career, or conduct a business, they may also disclose information about an individual to loan institutions and employers.
Further, life and health insurers, as indicated in the preceding sections, also disclose information to the Medical Information Bureau or the Impairment Bureau, and may provide details to another member insurer when requested to do so. Property and liability insurers, for their part, routinely notify the loss indexes of certain claims, and, in some cases, may notify the Insurance Crime Prevention Institute (see below).
Some potential insureds are judged to be so likely to produce adverse claim experience that they cannot obtain insurance in the normal manner. The driver with a poor record poses two problems. The first is meeting his own acute need for financial protection and perhaps his ability to qualify legally as a registered vehicle owner. The second is protecting society from the harm which an unsafe driver is likely to inflict on others. State "assigned-risk" insurance plans were formed to provide coverage to a driver whom companies consider an unacceptable risk and thus can require information about him to be disclosed to the administrators of the plan as well as to the insurance company to which his application is assigned.
Both life and health and property and liability insurers may release information about individuals to State insurance department officials in response to inquiries or complaints, and in the course of periodic examinations of company underwriting practices and procedures by such officials. Independent auditors employed by an insurance company make similar checks for the same purpose. In addition, because insurance companies are repositories of detailed information about individuals, their records are often requested by Federal as well as State government agencies and law enforcement authorities.
Finally, to make it possible for residents and property owners in high risk locations to purchase insurance against losses due to crime, civil disorders, and floods, partnerships have been formed between insurers and government agencies which make it necessary for insurers to disclose information about individuals to the agencies participating in such programs.
INFORMATION FLOWS FROM SUPPORT ORGANIZATIONS
The extensive flow of information about individuals into and out of organizations that conduct underwriting and claims investigations for insurers is described in Chapter 8. Medical Information Bureau rules, however, require a court order before information about an individual may be disclosed to anyone other than a member insurance company and while the property and liability loss indexes will be satisfied with a subpoena, rather than a court order,55 they normally disclose information in their records only to a subscribing insurer submitting a properly prepared index card in connection with a current claim. The exceptions to this policy are the disclosures the Index System makes to the Marine Index Bureau and the disclosures any of the indexes may make to the Insurance Crime Prevention Institute (ICPI).
As indicated earlier, subscribers to the Index System are told to report lost-time claims filed by longshoremen. One reason for this is to make such information available to the Marine Index Bureau, whose subscribers are vessel owners. The owner of a vessel is responsible for its seaworthiness, which includes the quality of the crew.56
In addition, an index may disclose information about an individual to the Insurance Crime Prevention Institute. As one witness from the indexes told the Commission: "We are an indicator. If the reports from the index system discern a pattern that might be of interest to the carrier or the ICPI ... it is referred to them."57 According to the testimony, however, an index would not send unsolicited reports to the ICPI unless it receives "four within a relatively short period of time of the same nature," or unless, in a two-claim situation, "the accident occurred on the same date with different insurers or at a different place with the same injury." Alternatively, the ICPI may come to an index and ask for a search, in which case it is treated in the same manner as any subscriber.58
The Insurance Crime Prevention Institute
The Insurance Crime Prevention Institute is a nonprofit corporation which operates as a trade association to uncover insurance fraud for property and liability insurers. The ICPI has its headquarters in Westport, Connecticut, maintains regional offices in New York City, Chicago, and Los Angeles, and has investigators stationed in major cities throughout the country.59 Membership is open to property and liability insurance companies licensed in any of the 50 States.60 Currently its membership is made up of 312 companies that underwrite 70 percent of the casualty and property insurance business.61
ICPI's purpose is to prevent and detect fraudulent insurance claims. Its focus is solely on criminal fraud, and the Institute's bylaws specifically prohibit it from assisting companies in claims settlement or civil actions incident to settlements .62 Typically, an Institute investigation begins when a member sends information on a claim which the company suspects may involve criminal fraud. Other investigations are initiated by the ICPI based on information it receives from various sources, such as law enforcement agencies, "inside tipsters,"63 or the loss indexes. In either case, however, the ICPI has complete control over its investigative activities, and may decline or initiate investigations as it sees fit.
If an ICPI investigation produces reasonable evidence of fraud, the matter will be "reported to a public law enforcement agency for whatever action it deems to be appropriate."64 The ICPI investigator may go to insurance companies or an index for information. Going to an index will, of course, lead the investigator back to the insurers that have had claims filed by the individual under investigation. The investigation may consist of interviewing the claimant, verifying medical statements, verifying lost-wage statements, or searching police or court records 65
The Director of the ICPI testified that the Institute
exercises extreme care in referring its investigative findings to law enforcement agencies . . .. Each case is checked for completeness of investigation and sufficiency of evidence before the investigator is authorized to present his report to a law enforcement agency. Aside from considerations of fairness to the subject of the investigation, civil tort law provides adequate incentive for caution.66
Where there is evidence of professional misconduct, such as where a physician inflates a bodily injury insurance claim, the ICPI can also make its file available to licensing authorities.67
ICPI characterized its relationship with the law enforcement community in its testimony as that of a "citizen coming forward with evidence of a crime."68 The Institute will sign criminal complaints to initiate prosecution in instances where an insurance company has been the victim of a fraud and, when it does so, will voluntarily give a copy of its file to law enforcement officials. As the ICPI Director testified:
It is a generally recognized exception to the principle of confidentiality that an insurance company, finding itself to be the victim of a fraudulent claim, may voluntarily release the pertinent records of that transaction to the police to obtain criminal justice . . . . The Institute, in effect, does no more than to perform this hay: 'or the insurance company . 69
Occasionally, law enforcement officials will come tie ICPI for information:
If there is a large arson in the Bronx on Sunday night, on Monday morning we are going to get a call to ask if we have a, file on the owner . . . . If it is a legal and valid investigation, we will assist them in getting the information.70
The ICPI employs approximately 70 full-time investigators, most with law enforcement backgrounds, and is licensed as a private detective agency in those jurisdictions which require licensing.71 It investigates about 6,000 cases each year. In 1976, this resulted in the indictment of about 600 people. According to the testimony, it concentrates on two main areas of criminal fraud. The first is the ambulance-chasing attorney or the doctor who exaggerates claims, and the second is organized crime.72
THE INDIVIDUAL IN THE INSURANCE RELATIONSHIP
As is evident from the preceding sections, the insurance industry is highly dependent upon recorded information about individuals. This dependence creates a number of privacy protection problems, some of which are inherent in the insurance system, but can be controlled, and some of which present real or potential abuses that need to be eliminated.
THE INTRUSIVENESS OF CERTAIN COLLECTION PRACTICES
Insurance underwriting involves two separate decisions: (1) whether the insurer wants to insure the applicant at all (selection); and if so, (2) at what price and terms (classification). The need to make these two judgments dictates the kind and quality of information an insurance institution collects and maintains about an individual applicant or policyholder.
In making these two types of decisions insurers look to physical hazards-medical hazards in life and health underwriting and in property and liability underwriting, the condition of the property, its use, and its surroundings. Underwriters also look to what is termed moral hazard. Evaluation of moral hazard is made by examining attributes of the applicant which suggest a greater than average likelihood of a loss occurring or the potential for unusual severity of loss-either an absence of a desire on the part of the individual to safeguard himself or his property from loss or a positive willingness to create a loss or to deliberately inflate a claim.
Thus, it is not surprising that the evaluation of moral hazards, particularly in property and liability underwriting, is the area where the greatest number of objections to insurers' information collection practices have been raised. An inquiry may cover drinking habits, drug use, personal and business associates, reputation in the community, credit worthiness, occupational stability, deportment, housekeeping practices, criminal history, and activities that deviate from conventional standards of morality, such as living arrangements and sexual habits and preferences. Because the relevance of many of these particulars can be hard to demonstrate, and because the judgment as to their relevance is often left to the underwriter handling a particular case, their propriety has become subject to question.
From the standpoint of many applicants and insureds, the dichotomy between the individual's privacy interest and the insurer's interest in evaluating risk is probably not as great as it seems at first glance. The low-risk applicant benefits from an underwriting evaluation that results in unusual risks being eliminated or written at a higher premium because that keeps the cost of his insurance down. The Commission was continually reminded that it is in the interest of the applicant to have complete and accurate information on which this judgment can be based so that he can be insured at the proper rate; that the insurer must be able to evaluate the risk it is being asked to assume if premium charges are to bear a reasonable relationship to expected losses and expenses for all insureds within a similar classification.
Economic forces may, however, work against a given individual. Because insurers compete against each other for the better risks, they do not have much incentive to look behind some of the criteria they use to sort the good risks from the bad. If their experience suggests, for example, that slovenly housekeepers make poor automobile insurance risks, they tend to be wary of all slovenly housekeepers. The problem, in other words, is not that the category of information lacks predictive value in all instances, but rather that it is applied too broadly.
Another source of concern in the area of intrusive collection practices stems from the use of so-called pretext interviews and other false or misleading information-gathering techniques. This concern was brought into sharp focus by recent publicity concerning Factual Service Bureau, Inn. (now Inner-Facts, Inn.), an investigative-support organization whose services were used by insurers in a number of cities throughout the country. Factual Service Bureau employees regularly misrepresented their identity and purpose in order to obtain medical-record information from hospitals and other medical-care providers without authorization. The insurers that used Factual Service Bureau should have known that it employed such intrusive techniques and generally engaged in questionable methods of information collection. Factual Service Bureau openly advertised its ability to procure confidential information about an individual without his authorization.73 Thus, even the insurers who had no actual knowledge of the techniques being used by Factual Service Bureau on their behalf may be said to have condoned its activities by their silence or failure to investigate more fully the practices and techniques used.
The Factual Service Bureau case also illustrates a broader problem which results from the apparent lank of restraint exercised by insurers over the support organizations they use to collect information about individual applicants, insureds, and claimants. In the claims area particularly, where a great deal of money may be at stake or where the suspicion of fraud may be high, many insurance companies have tended to look the other way while hiring support organizations that use questionable information collection practices and techniques.
UNFAIR COLLECTION, USE, AND DISCLOSURE PRACTICES
Because of their acknowledged dependence upon information about individuals, insurance institutions are reluctant to deprive themselves of inexpensive access to it. There are few restrictions within the industry on the sharing of personally identifiable information or on obtaining it from sources outside the industry. This is true of insurance institutions and support organizations alike, and can lead to some highly questionable collection, use, and disclosure practices.
As indicated earlier, the Medical Information Bureau, until recently, retained claims information even though it no longer allowed it to be reported, and inserted a "failure to find impairment previously reported" code rather than deleting the impairment reference. To maximize the utility of information already collected, insurance institutions also piggyback on the information collection and use practices of other insurance institutions and support organizations. This dependence adds . to the widespread exchange of information throughout the industry, not only by organizations like the Medical Information Bureau and the Impairment Bureau but by investigative-reporting agencies (inspection bureaus) and other insurance-support organizations that save and reuse the information they collect. Thus, once a mistake enters the system, its adverse effects are likely to proliferate, resulting in repeated unfairness to the individual.
The competition among insurance institutions has generally militated against adequate sensitivity to the fairness issue in record keeping. To be sure, this situation has been changing as particular companies have promulgated privacy protection principles to be followed in the conduct of their business. Except for the support organizations subject to the Fair Credit Reporting Act, however, record-keeping practices still remain by and large discretionary within the industry.
Insurance institutions and their support organizations have been concerned about certain types of disclosures to third parties and about data security problems. The admitted purpose of these safeguards, however, is to protect the business privilege as a limited defense to common law actions of defamation. Thus, they do little to constrain exchanges of information about individuals within the industry or to control the quality of the information used.
The lack of attention to fairness issues in record keeping about individuals has resulted in the structuring of information flows and uses so that neither the insurance institution nor the individual applicant, insured, or claimant is responsible for the quality of the information used. The individual is at a disadvantage because record-keeping practices within the industry are opaque from his point of view. He currently enters into an insurance transaction without being aware of the relationship's implications for his personal privacy because he does not understand how extensive or intrusive information gathering may be. Nor does he know the consequences of the notices on his application-for example, that the Medical Information Bureau notice means information about him may be reported to the Bureau not only from the application itself, but also as a consequence of the underwriting investigation the insurer may conduct. Because he lacks adequate knowledge of the practices followed, the individual cannot make the forces of the marketplace work for him. He is not given an opportunity to weigh the relative benefits which might be obtained through the insurance transaction against the personal cost of revealing and having others reveal information about him.
Nor does the individual always know why the insurer is collecting information about him, or when it is being collected for purposes unrelated to establishing his eligibility for an insurance benefit or service. Insurers frequently collect marketing and actuarial information through the application. When a claim is filed, they may collect information for the purpose of reviewing the propriety of a treating doctor's fees or procedures as well as the eligibility of the particular claimant or the particulars of the specific claim. They may collect additional information to determine the advisability of continuing to market a particular kind of insurance. Yet, they do not normally advise the individual that this is being done.
The individual is also placed at a disadvantage when he is asked to sign a form authorizing the release of recorded information about himself, because he is not specifically apprised of what he is consenting to. The commonly used blanket authorization form, in essence, authorizes the release of all information about the individual in the hands of anyone. Moreover, the type of authorization form currently used by insurance institutions typically has no stated purpose or expiration date, and may not be limited either as to the scope of the investigation or as to the sources of information. This again reflects the natural reluctance of insurance institutions to deprive themselves of easy access to any potentially useful information, or to decide in advance what information is needed for what purpose.
As far as fair use is concerned, the relationship between the individual and an insurer is often unnecessarily and undesirably attenuated. Information he provides about himself is only partly the basis for the decision made about him, and the decision is made by someone he does not know and with whom he normally has no direct interaction. In addition, records maintained by a variety of institutions within and without the industry may be brought to bear on the decision about him, while he believes he is only dealing with one such institution. That one institution, moreover, assumes no obligation to give him access to the information compiled about him or to afford him the opportunity to correct or amend information he believes to be inaccurate.
Under the existing system, the individual cannot adequately protect himself against the use of poor quality information in making underwriting decisions about him. Frequently, the individual is not told the reason for an adverse insurance decision. The insurance laws and regulations of many States require insurers to disclose to the individual (in some cases, only on request) the general reasons for cancelling or refusing to renew a personal automobile insurance policy. Few States, however, require insurance institutions to give individuals the reasons for a declination or a rating.74 If the reason and supporting information for an adverse underwriting or rating decision do not arise out of a report prepared by a support organization subject to the disclosure provisions of the Fair Credit Reporting Act, the individual may be unable to find out why the decision was made, or whether inaccurate or incomplete information was at fault.
Life and health insurance institutions generally advise an applicant of the information that led to an adverse underwriting or rating decision only if they consider the information harmless (e.g., hazardous occupation, obvious health impairment). Typically, however, the specific items of information and their source are not revealed unless they came from a support organization subject to the Fair Credit Reporting Act, or from the applicant himself. When an individual requests a specific explanation for an adverse decision and the basis was medical-record information, most life insurers will divulge the information, but only to the applicant's personal physician. However, they virtually never tell the individual the specific reasons and supporting information for an adverse decision when the information concerns his character, morals, or life-style.
In property and liability insurance, an adverse decision may or may not lead to the insurer divulging the reasons and supporting information to the applicant. As in the life and health area, whether the insurer considers the information to be harmless will be a factor. With the exception of the State automobile insurance laws and regulations mentioned above, however, the consumer has no legal right to be told the reasons or information supporting an adverse insurance decision.
When an individual contacts the Medical Information Bureau, he or his physician, in the case of medical-record information, only learns the summary data that has been reported about him.75 He does not learn how the reporting insurance company translated the underlying information into a code, and while he is told where the underlying information is, he, unlike another insurer, cannot get it automatically from the reporting company.
If the adverse decision was based on information in a report prepared by an inspection bureau, the Fair Credit Reporting Act only requires the insurer to tell the individual the organization's name and address. [15 U.S.C. 1681m] The individual has the right to learn the "nature and substance" of the information about him in the inspection bureau's files, but this is no assurance that he will be able to identify the reason for the adverse decision or the particular items of information on which it was based. To go to the inspection bureau is time-consuming for the individual and may effectively prevent him from getting on firm enough ground to ask for reconsideration of the decision if it turns out that there was erroneous information in the report. To have a real voice in the quality of information on which decisions are based, the individual needs to know the reasons for the adverse action and the specific items of information that support the reasons.
The Commission is also concerned that the mere fact of a previous adverse underwriting decision may unfairly stigmatize an individual who applies later for comparable insurance. Without knowing the reasons for it, some insurers use the mere fact of a previous declination or other adverse decision by another insurer as the basis for rejecting an applicant.76 Yet a previous declination may have nothing to do with the individual's qualifications where, for instance, the insurer that declined him did so only because it had decided to restrict its underwriting in a certain area. Thus, when an insurer acts on the fact of a previous adverse decision alone, it may reject an individual whom it would otherwise have accepted if accurate and complete information were developed. Stigma may also result when an individual has previously purchased insurance from a "substandard" insurer or through an "assigned-risk" plan, even though the reasons for such previous action may not involve the individual or his eligibility directly.77
The Commission has not found that this problem exists in life and health insurance underwriting to the degree that it clearly does in personal property and liability insurance. Property and liability insurance applications often ask the individual whether he has previously been declined or rated, but rarely ask the reason for the rejection, presumably because, under the current system, the applicant will seldom know. A high percentage of the reasons may, in fact, relate to adverse characteristics possessed by the individual applicant or insured, as opposed to a general market condition unrelated to the individual's characteristics. Present practice, however, fails to distinguish between the two types of rejections.
Accepting from lay sources information that only a professional is competent to report is another questionable practice that stems from an insurer's reluctance to deprive itself of any information that may turn out to be useful. Medical-record information is crucial to life and health insurance underwriting and to claims processing. Collection of such technical information from anyone other than the individual himself, a medical source, or a close family member invites inaccuracies. Nevertheless, some insurers not only seek information concerning an individual's health from agents, or from the individual's neighbors, friends, and associates, but also use it as the basis for declining his application. Such information may also be communicated to other insurers. Until recently, the Medical Information Bureau accepted medical information obtained from lay sources, and the Impairment Bureau and the property and casualty loss indexes still do.78
Although support organizations such as the Medical Information Bureau have rules with respect to the type and quality of information reported to them, the rules are difficult to implement and enforce. The MIB, for example, has no way of knowing, except through periodic audits of member companies, whether medical or other information reported to it has come orginally from an authorized source. Thus, it cannot effectively control the quality of information in its files. Nor does the Bureau keep a complete accounting of all the disclosures,79 the result being that it cannot always propagate corrections when inaccuracies are discovered. The property and liability loss indexes also have no way of knowing whether a subscriber has falsely filed an index card without having a real claim, or whether, once received by an insurance institution, the index information is used for other purposes, such as underwriting, or making a personnel decision.80
Perhaps the best example of the inability of support organizations to regulate the use of the information they provide is the Medical Information Bureau's rule which prohibits the use of a Bureau report, intended only as an alert, as the basis for declining an applicant.81 Compliance with this rule has not been carefully audited in the past, and testimony before the Commission by the MIB indicates that as a result of the MIB's own audits there is evidence that some life insurers do render adverse decisions based solely on Medical Information Bureau codes.82 Furthermore, the reinvestigation requirement the MIB imposes on its members can be satisfied by going to an inspection bureau and getting information on file there-the same information which another insurer may have used to decline the applicant.
To some extent these problems are endemic to data exchanges, like the MIB, that are controlled by their users. Being wholly dependent, they cannot be expected to enforce their rules against those who sustain them. The end result, however, is that poor quality information can, in a variety of ways, cause an individual to be denied an insurance benefit or privilege for which he would otherwise be eligible. The insurer may lose too, by forfeiting a customer or by having its relationship with an existing policyholder deteriorate. Obsolete, inaccurate, or incomplete information serves no one.
THE ABSENCE OF A STRICT DUTY OF CONFIDENTIALITY
There is an understandable public concern about the confidentiality of records about individuals that insurance institutions and their support organizations maintain. As previously noted, the collection of information about an individual without his full knowledge of the scope of the inquiry and its consequences may weaken the relationship between the insurer and the individual. The individual may be deterred from applying or may mistrust the insurer when he does apply. The Commission heard testimony that some people do not buy insurance for fear that the resulting information flow will come back to haunt them, either in a subsequent insurance decision or through disclosure to their employer.83 Others do not use their benefits-for instance, psychiatric coverage-for fear claims information will not be held in strictest confidence.84 In addition, the individual may he more likely to lie about information which he feels may go beyond the insurer. Confidentiality has become such a concern that some who maintain records about individuals, such as doctors and psychologists, are increasingly reluctant or unwilling to disclose the information in them, even when authorized to do so by the individual.85 Other sources, such as neighbors and associates, may also refuse to provide information or may provide inaccurate information.
Although insurance institutions and support organizations now assume some responsibility for the confidentiality of the information they collect and maintain on individuals, earlier parts of this chapter show the extent to which personally identifiable information is disclosed by numerous insurance industry organizations. Within the industry, information sharing occurs on a routine basis. Moreover, information may be disclosed to those outside the industry without the individual's knowledge.86 The Commission believes that the key to solving this important problem is to create an enforceable expectation of confidentiality which clearly delineates the circumstances under which an insurance institution or support organization may disclose information about art individual without his authorization.
CURRENT LEGAL RESTRAINTS ON RECORD-KEEPING PRACTICES
STATE INSURANCE REGULATION
The primary regulatory mechanisms for overseeing the activities of insurance institutions are at the State level. State regulation has developed around two basic aims: (1) maintaining the solvency of individual insurance companies; and, (2) assuring fair business practices and pricing. Although interest in the record-keeping practices of insurance institutions has increased in the last few years, few States have focused significant attention on the privacy protection problems the Commission has identified. No State, to the Commission's knowledge, has enacted privacy protection legislation which would affect insurance record-keeping practices. More-over, regulation of insurance record-keeping practices at the State level is limited because State Insurance Departments do not have regulatory authority over most insurance-support organizations.
There are, however, existing regulatory mechanisms at the State level which could be used to implement some of the Commission's insurance recommendations. These include the unfair trade practices provisions of State insurance laws, and the authority State Insurance Commissioners have been given over the contents of those application forms which are considered part of the policy.
Most States have passed a version of the Model Unfair Trade Practices Act.87 These laws are applicable to all types of insurance and are designed to protect the insurance consumer by prohibiting insurance institutions from engaging in a wide range of practices specifically defined by the Act to be unfair. The Act includes prohibitions against false advertising, defamation of competitors, boycotts, fraudulent financial statements, rebates, and unfair discrimination. Many States have added to this statute an Unfair Claims Practices Act which protects claimants by forbidding unreasonable claim settlement practices, including misrepresentation, delays in claim payments, and claim settlement offers which are so low as to compel claimants to institute litigation to collect their claims.
The Model Act provides the State Insurance Commissioner with several mechanisms to enforce the prohibition against defined unfair trade practices. The Commissioner has the authority to promulgate regulations identifying the methods of competition or practices which come under the specific prohibitions enumerated in the Act. In addition, the Commissioner may hold a hearing and issue a cease and desist order whenever he believes an insurer is engaging in one of the unfair practices. Monetary penalties or suspension or revocation of a company's license may also be imposed for a violation of the defined unfair trade practices where the insurer knew or should have known that it was in violation of the Act.
In addition to the Commissioner's powers to enforce defined unfair trade practices, the Model Act also provides that he may hold hearings on any act or practice which he believes is unfair, even though the practice is not specifically defined in the Act. If, after a hearing, an undefined act or practice is found to be unfair, the Commissioner may issue a cease and desist order. The Model Act, however, does not empower the Commissioner to add by regulation new acts to the defined unfair trade practices, or to impose monetary penalties for engaging in undefined unfair trade practices.
Some States already make use of the Unfair Trade Practices Act prohibition against unfair discrimination to regulate record-keeping practices. The regulations, however, are limited in scope and, in almost all instances, are concerned with the use of infor mation in the underwriting process rather than its actual collection. For instance, the Privacy Commission heard testimony on the regulation of the relevance of information used in the underwriting process from a representative of the California Insurance Department. California has used its regulatory authority under its unfair trade practices laws to prohibit unfairly discriminatory practices on account of sex, marital status, unconventional life-styles, and sexual orientations differing from the norm. The California Department normally does not attempt to prohibit collection; rather, it acts on an ad hoc basis to prohibit the use of certain criteria in underwriting decisions upon the receipt of complaints from insurance consumers.88
Because the Model Unfair Trade Practices Act is applicable to all lines of insurance and contains strong enforcement provisions, it can serve as an appropriate regulatory mechanism for several of the Commission's recommendations. It will, however, be necessary to amend the Act to define certain unfair record-keeping practices as unfair trade practices. These unfair practices would then be subject to the full range of regulatory and enforcement authority granted Insurance Commissioners under the Model Act, including the power to hold hearings and issue cease and desist orders, and to impose monetary penalties.
Many State Insurance Commissioners have an additional power which could assist in the implementation of certain of the Commission's recommendations. In many States, Commissioners have the authority to approve policy forms. In the case of life and health policies, application forms are considered a part of the policy, so they would be subject to the Commissioner's approval. Thus, Insurance Commissioners in a number of States would be in a position to monitor and enforce the Commission's notification, authorization, and previous adverse decision recommendations insofar as life and health insurance are concerned.
FEDERAL REGULATION
The Federal government has only one law which affects the record-keeping practices of the insurance industry-the Fair Credit Reporting Act. The FCRA governs the use of inspection bureau reports prepared by support organizations in connection with underwriting decisions by insurers, and thus its effect on insurance institutions is limited to their role as users of such reports. There are also a few State fair credit reporting statutes similar to the Federal one. The Commission believes that amending the Fair Credit Reporting Act is a good mechanism to implement many of its recommendations that are beyond the scope of the present Act, including some of its insurance recommendations. The scope of the Act could be broadened, and its title and enforcement framework could be altered to reflect the new scope presented by some of the Commission's recommendations. In addition, the oversight functions presently given to the Federal Trade Commission could be expanded, thus avoiding the necessity of creating a new Federal agency to oversee implementation of those Commission recommendations which are proposed for adoption by amendment of the FCRA.
THE COMMON LAW
The final constraint upon record-keeping practices in the insurance industry is provided by the common law actions of defamation and privacy. Defamation provides liability for damage to reputation caused by the publication of untrue information about an individual. The tort of invasion of privacy provides liability under certain circumstances for, among other things, public airing of private information about an individual. Insurance institutions and support organizations may be able to raise a qualified privilege in defense of such actions.
In recognition of the need for a free flow of information in commercial transactions, most States have recognized a qualified business privilege which provides a defense for otherwise defamatory statements when made to the proper parties, in a proper manner, and for a valid business purpose, except if the statement is false and made with malicious intent to injure the individual to whom it refers. Similarly, there is a qualified privilege for invasion of privacy actions. These limits on common law actions enable insurance institutions and support organizations to exchange information for legitimate purposes relatively free of legal restraints. As noted earlier, however, the privilege is available only when information is disclosed to someone deemed to have an interest in it. It is for this reason that insurance institutions and their support organizations are careful to guard against the disclosure of information to anyone outside of the industry.
RECOMMENDATIONS
The Commission's approach to the problems described in this chapter has been to focus on strengthening and balancing the relationship between the individual insurance applicant, policyholder, or claimant and the insurance institution with whom he deals. As indicated at the outset, the Commission's recommendations have three objectives:
(1) to create a proper balance between what an individual is expected to divulge about himself to a record-keeping organization and what he seeks in return (to minimize intrusiveness);(2) to open up record-keeping operations in ways that will minimize the extent to which recorded information about an individual is itself a source of unfairness in any decision about him made on the basis of such information (to maximize fairness); and
(3) to create and define obligations with respect to the uses and disclosures that will be made of recorded personal information (to create a legitimate, enforceable expectation of confidentiality.)
In the insurance area, as in others it has studied, the Commission also believes that giving an individual certain rights without placing corresponding obligations on the institution with whom he has the primary record-keeping relationship is not likely to bring about adequate remedial action. Thus, the Commission believes that insurance institutions and insurance-support organizations must assume greater responsibility for their personal-data record-keeping practices. In some cases, this can be accomplished by bringing the forces of the marketplace to bear on record-keeping policy and practice, through voluntary adoption of standards set forth in this report, or through court action by individuals to enforce their rights. In others, government agencies should also be called upon to play monitoring and corrective roles. The Commission believes that both parties will benefit from this approach. The individual's position with respect to the records the insurance relationship generates about him will be strengthened, while insurers and insurance-support organizations will be assured of obtaining the kind of information that promotes fair and efficient operations. Greater confidence in insurance institutions and their role in society should result from opening up the process in this way.
One of the major reasons legislation is needed is that the individual is currently at a disadvantage in the insurance relationship. Some of the Commission's recommendations have attempted to protect the applicant, policyholder, or claimant by placing certain restraints on the insurer-limiting certain collection techniques, creating standards for the authorization forms used, and requiring reasonable procedures in the collection, use, and disclosure of information about an individual. The Commission's aim, however, is not so much to constrain insurance institutions and support organizations as it is to enhance the position of the individual so that he can protect his own privacy interests. To this end, the Commission has concluded that the insurer should inform the individual of the scope of its underwriting inquiry by a clear notice and an adequate authorization form; that the subject of an investigative report should be interviewed if he so desires; and that a mechanism should be created whereby the individual can question the propriety of a specific type of inquiry made in connection with an insurance decision about him. These recommendations are designed to give the individual a central role in the record-keeping practices (including information collection) of the insurance industry.
The ability of the individual to protect himself depends upon the knowledge he has of the records that are made about him. Thus, an individual should have access to a record about himself and a mechanism should exist whereby disputes concerning the accuracy of such a record can be settled. Access and correction rights are also needed to enable the individual to protect himself from investigations which exceed the scope of the notice he is given at the time he seeks to establish a relationship with an insurer, and to assure that the records maintained about him are accurate, timely, and complete. In addition, the individual should be informed of the reasons for an adverse decision about him and the specific information which supports those reasons, so that he can protect himself from unfair treatment resulting from the use of inaccurate, obsolete, or incomplete information.
This approach is not simply intended to be a procedural one. Rather, it is intended that the dynamics of the relationship between the insurer and the individual, rather than action by a legislature or regulator, will create certain standards governing the collection, maintenance, use, and disclosure of information by insurance institutions and support organizations. The Commission believes that notice, access, dispute, and an enforceable expectation of confidentiality are the tools an individual must have if he is to play an effective role in preventing the record-keeping practices of insurance institutions and support organizations from trespassing on his privacy interests. Armed with them, he can exert constructive pressure upon an insurer or agent. Even where the abuse concerns an insurance-support organization, pressure will be most effective on the insurer or agent, because the individual has a direct relationship with them, and because the prospect of adverse publicity that could affect the insurer's position in the marketplace provides the insurer with more incentive to be responsive than the support organization.
Overall, the Commission believes that the strategy it proposes for implementing these recommendations is a reasonable and practical one in that it:
As previously noted, because insurance is regulated primarily by State Insurance Departments, the Commission believes that the responsibility for implementing some of its recommendations should be properly lodged at the State level. In addition, the personal-data record-keeping practices of insurance institutions are also regulated to some extent by the Federal Fair Credit Reporting Act which the Commission believes is the proper vehicle for implementing recommendations that aim to strengthen the insurance relationship by eliminating artificial distinctions between the record-keeping practices of insurance institutions and the record-keeping practices of their support organizations. Finally, for reasons that are fully elaborated in Chapter 9 on government access to records about individuals maintained by organizations in the private sector, the Commission has concluded that the enforceable expectation of confidentiality it recommends must be implemented by Federal statute.
It should be noted, moreover, that the recommendations to be implemented by Federal statute, including those that would be implemented by amending the Fair Credit Reporting Act, give the individual actionable rights against insurance institutions and support organizations. The Commission has explicitly rejected the establishment of a Federal regulatory structure that could be quite costly both to the taxpayer and to the insurance industry. Instead, by making those who do not comply civilly liable for their failure to do so, and by making it comparatively easy for such actions to be brought, the Commission believes that a strong incentive for systemic reform will be created without subjecting those who favor reform to unnecessarily costly government regulation. The burden will fall on those who by their actions willfully and repeatedly disregard their responsibilities rather than on those who make a good faith effort to comply fully. In short, the implementation of the Commission's recommendations is designed to place an increasing financial burden on those companies who encourage costly disputes by resisting openness, or who fail to adopt reasonable procedures to control the collection, use, or disclosure of records about individuals.
Finally, insurance institutions should not be unduly exposed to liability which arises only because of the openness of the process. The objective of the Commission's recommendations is to cleanse the system of decisions based on inaccurate or incomplete information; not to create windfall recoveries for bad information or practices of the past.
Definitions for some of the terms used in the recommendations and discussion which follow may be found in the glossary at the end of this chapter.
Intrusiveness
The Commission's first three recommendations address the scope and character of the inquiry to which an insurer may require an individual to submit as a condition of establishing or maintaining an insurance relationship. Because insurance is concerned with the protection of individuals or personal property, the process of granting insurance coverage necessarily involves intrusions on personal privacy. The question is simply (or perhaps not so simply) how much of an intrusion and by what methods.
GOVERNMENTAL MECHANISMS
For some years now, controversies over the propriety of asking certain kinds of questions of an individual have generally centered on the relevance of the information sought to the decision to be made. For example, the Privacy Act of 1974 requires each Federal agency to limit its collection, maintenance, use and dissemination of information about individuals to that which "is relevant and necessary" to a purpose the agency is required to perform by statute or Executive Order.89 The California Insurance Department, relying on its authority to prevent unfairly discriminatory practices, investigates the relevance of certain items of information used by insurers doing business in the State and may prohibit the use of any item whose relevance to underwriting decisions or pricing cannot be demonstrated to the Department's satisfaction.
A related, and in many respects more difficult, question concerns inquiries which, while demonstrably relevant, are objectionable on other grounds. Legislatures may prohibit, and have prohibited, the use of certain items of information on fairness grounds. Race, for example, has been excluded as an eligibility or rating criterion for life underwriting even though its relevance to life expectancy can be demonstrated.90 On the other hand, the Privacy Act of 1974 strives, not very successfully, to ban the collection and use of information pertaining to an individual's exercise of his First Amendment rights on the grounds that such inquiries by government agencies constitute an unwarranted invasion of personal privacy, i.e., that they fail the test not of relevance or fairness, but of propriety 91
Thus far, there have been few instances in which items of personal information have been proscribed on grounds of impropriety, i.e., unwarranted intrusiveness. In the insurance area, California has come close in proscribing the collection and use of information concerning "moral lifestyle."92 The California approach is almost unique among State insurance regulatory authorities and all the California Department's other investigations, except for "moral life-style," have turned on other issues, such as fairness. In some cases regulation has not been necessary because the impropriety of certain types of inquiries is universally recognized. An example would be collection of information about an individual from his priest, minister, or rabbi.
It should be noted, moreover, that fairness and propriety issues usually cannot be dealt with in the same way. As briefly discussed in Chapter 2, when. fairness is the overriding concern, such as in the Equal Credit Opportunity Act as amended, [15 U.S.C. 1691 et seq.], continued collection of certain information may be necessary to demonstrate that it is no longer being used to make decisions about individuals. For example, one cannot show that sex and race are not being systematically used to make credit decisions unless one can show that credit has been extended to women and minorities in proportion to their relative numbers in the credit grantor's market. And the most practical way to do that may well be to have the credit grantor record the sex and race of all applicants. This, however, is much different from situations where impropriety is the reason for proscribing information. There, the first act must be to prohibit collection, since the problem lies primarily in the asking of the question. Use may also be prohibited in such a situation but only to make sure that the information is totally excluded from the decision-making process.
The Commission believes that, in the future, society may have to cope with objections to the collection of certain information about an individual on the grounds that it is "nobody's business but his own." In some cases, these propriety issues may be resolved by prohibiting an inquiry on the grounds that it is irrelevant, but in others, where relevance can be demonstrated, proscription may be necessary on propriety grounds alone. In the Commission's view, questions of this nature are best resolved on a caseby-case basis. One must be concerned about undue government interference in such controversies. The Commission believes, moreover, that all such determinations must be prospective, so as to avoid retroactive punishment for behavior which at the time was wholly consistent with prevailing societal expectations and norms. However, the Commission also believes that institutional mechanisms are needed so that such questions can be raised and resolved.
Insurers have historically enjoyed considerable latitude in determining what information is and is not necessary to a given decision about an individual. Underwriting is far from an exact science. Moreover, industry spokesmen argue that the cost of collecting information is a powerful enough incentive to collect only relevant information. Yet others claim that insurance institutions collect a great deal of information whose relevance is questionable. Indeed, the industry has been criticized for not taking advantage of its actuarial and computer expertise to refine its relevance criteria.
To a large extent, the relevance-propriety issue in insurance stems from some insurers' belief that they should insure only those of "high moral character," and should shun those whose mode of living differs from what society considers normal. In a society as diverse as ours, however, determining what "society considers normal" is no easy task, and relying on the independent judgment of underwriters to make this determination has led to considerable difficulties.
The Commission is mindful of the complexities that lie beneath the surface of the relevance-propriety issue in the insurance area. It is aware that a few States have taken an interest in certain insurance-related inquiries. Most, however, have not. The Commission, moreover, is not fully persuaded that the problem can be handled exclusively through market mechanisms. Although Recommendation (5) (see below) seeks to set corrective market forces in motion, the necessity of insurance in today's society may make it difficult for individuals to make their objections felt. Furthermore, should there be sentiment in favor of banning a particular category of inquiry, irrespective of its relevance, some way will have to be found for society to estimate and consider the cost involved in such an action and the way in which the cost will be distributed. Thus, in light of all these considerations, and out of its desire to eliminate unreasonable invasions of personal privacy, the Commission recommends:
Recommendation (1):
That governmental mechanisms should exist for individuals to question the propriety of information collected or used by insurance institutions, and to bring such objections to the appropriate bodies which establish public policy. Legislation specifically prohibiting the use, or collection and use, of a specific item of information may result; or an existing agency or regulatory body may be given authority, or use its currently delegated authority, to make such a determination with respect to the reasonableness of future use, or collection and use, of a specific item of information.
To implement this proposal, the Commission recommends that each State Insurance Commissioner collect individuals' complaints and questions concerning the propriety of particular types of inquiries, prepare periodic summary reports on the number of questions and complaints by category, and make them available to legislative bodies. If already authorized by the legislature, the Commissioner may take action. In California, for example, the legislature empowered the Commissioner to promulgate rules and regulations under the unfair trade practices article of the State insurance laws and the Commissioner then used that authority to declare discrimination based on sex, marital status, or sexual orientation a prohibited practice.93 [§790.03 and 790.10 of the California Insurance Code]. The rules the Commissioner adopts may prohibit the use of certain information in one line of insurance but not in another. Furthermore, within a given line of insurance, the Commissioner might allow certain information to be used as the basis for rating or determining risk, but not unless it has an impact on one or the other. For example, inquiry into the fact of cohabitation might be relevant in determining use of a vehicle, a valid rating criterion, but the mere fact of cohabitation, unrelated to vehicle use, could not be the basis of an underwriting or rating decision.
Currently, most Insurance Commissioners could address the use of irrelevant information under their general authority to hold hearings and issue cease and desist orders in connection with undefined unfair trade practices. The Commission believes, however, that the rule-making technique is fairer and more effective than looking one at a time at possible violations of a general prohibition against unfair trade practices. Not only will more insurers than the one offender have a say in the wisdom of the Commissioner's proposed prohibition, but the Commissioner's decision will only be subject to the narrow judicial review generally applied to rulemaking decisions. The Federal Insurance Administrator could also collect the reports compiled by the State Insurance Commissioners and periodically report on them to the Congress.
An alternate and not mutually exclusive suggestion is that the Federal Insurance Administrator, or another appropriate Federal entity, collect complaints concerning the propriety of insurance inquiries directly from individual consumers and from time to time report and make recommendations on them to the Congress. It is not recommended, however, that the Federal Insurance Administrator have the rule-making authority urged for State Insurance Commissioners, since regulation of information practices within the insurance industry is currently a State function.
PRETEXT INTERVIEWS
As indicated earlier, Factual Service Bureau obtained some of its information through pretext interviews or other false or misleading representations.94 A pretext interview is one in which the inquirer (1) pretends to be someone he is not; (2) pretends to represent someone he does not; or (3) misrepresents the true purpose of the interview. Mere silence on any or all of these points would not normally constitute a pretext interview. Indeed, an investigator could refuse to identify himself, his client, or the purpose of the inquiry, letting the person of whom the inquiry is being made infer whatever he wishes from such behavior. Nonetheless, an investigator dressed in a white lab coat making inquiries of a clerk in a hospital medical records room would be conducting a pretext interview if he allowed the clerk to assume he was a properly credentialed medical professional.
As pointed out in several chapters of this report, the Commission believes that some investigative practices are unreasonably intrusive, or at least have a high potential for depriving an individual of even a modicum of control over the disclosure of information about himself. An investigator conducting a pretext interview clearly raises that prospect. Thus, out of its desire to prevent unreasonable invasions of privacy resulting from the techniques used to collect information about individuals, the Commission recommends:
Recommendation (2):
That the Federal Fair Credit Reporting Act be amended to provide that no insurance institution or insurance-support organization may attempt to obtain information about an individual through pretext interviews or other false or misleading representations that seek to conceal the actual purpose(s) of the inquiry or investigation, or the identity or representative capacity of the inquirer or investigator.
This recommendation would apply to all insurance inquiries-whether for underwriting or first- or third-party claims. The prohibition would be enforceable by the Federal Trade Commission (FTC) against organizations that collect information by means of pretext interviews. An organization would be able to defend itself against an FTC action on the basis that it had k, taken reasonable steps and instituted reasonable procedures to prevent such activity. The use of pretext interviews should be made a civil offense, punishable by fines and cease and desist orders.
REASONABLE CARE IN THE USE OF SUPPORT ORGANIZATIONS
The reported practices of Factual Service Bureau also raise a legitimate concern about the care with which insurance institutions select and use the services of support organizations. An institution should not be totally unaccountable for the activities of others who perform services for it. The Commission believes that an insurance institution should have an affirmative obligation to check into the modus operandi of any support organizations it uses or proposes to use; and that if an insurance institution does not use reasonable care in selecting or using such organizations, it should not be wholly absolved of responsibility for their actions. Moreover, a like obligation should obtain where one support organization uses the services of another.
Currently, the responsibility of an insurance institution for the acts of a support organization depends upon the degree of control the insurance institution exercises over the support organization. Most insurance-support organizations are independent contractors who traditionally reserve the authority to determine and assure compliance with the terms of their contract. Thus, under the laws of agency, an insurer may be absolved of any liability for the illegal acts of a support organization if those acts are not required by the terms of the contract 95 In the Commission's opinion, the Factual Service Bureau case illustrates why this is not desirable. Accordingly, to deal with the responsibility of the institution that uses others to gather information about individuals for its own use, the Commission recommends:
Recommendation (3):
That the Federal Fair Credit Reporting Act be amended to provide that each insurance institution and insurance-support organization must exercise reasonable care in the selection and use of insurance-support organizations, so as to assure that the collection, maintenance, use, and disclosure practices of such organizations comply with the Commission's recommendations.
If it could be shown that an insurance institution had hired or used a support organization with knowledge, either actual or constructive, that the organization was engaging in improper collection practices, such as pretext interviews, an individual or the Federal Trade Commission could initiate action against both the insurance institution and the support organization and hold them jointly liable for the support organization's actions.
Fairness
THE REASONABLE PROCEDURES OBJECTIVE
As a general objective guiding the personal-data record-keeping practices of insurance institutions and their support organizations, the Commission recommends:
Recommendation (4):
That each insurance institution and insurance-support organization, in order to maximize fairness in its decision-making processes, have reasonable procedures to assure the accuracy, completeness, and timeliness of information it collects, maintains, or discloses about an individual.
Subsection 3(e)(5) of the Privacy Act of 1974 requires each Federal agency to
collect, maintain, use and discloses 96 all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination.
This provision is a requirement on management wholly independent of the rights the Act gives an individual. For a Federal agency whose administrative procedures are subject to congressional oversight, it s an appropriate requirement.97 The same, however, cannot be said of its applicability to the private sector.
As pointed out in Chapter 1, the Commission believes that the mix of rights and obligations its private-sector recommendations would establish are in themselves incentive enough to foster the kind of management attention to personal data record-keeping policy and practice that subsection 3(e)(5) of the Privacy Act requires. Thus, the Commission does not recommend that Recommendation (4) be incorporated in statute or regulation. Rather it envisages Recommendation (4) being implemented automatically as a consequence of the adoption of the other recommendations in this section, particularly Recommendations (10), (11), (12), (13), and (16), on access, correction, adverse decisions, disclosure of information from proper medical sources, and Recommendations (5), (6), and (17), on notice and disclosure.
The adoption of these recommendations will promote the maintenance of reasonable procedures by insurance institutions to assure the accuracy, completeness, and timeliness of information and provide a means whereby information collected, maintained, or disclosed may be corrected or updated by the individual.
FAIRNESS IN COLLECTION
NOTICE REGARDING COLLECTION FROM THIRD PARTIES
As indicated in the discussion of Recommendation (1), the Commission believes that the type of governmental mechanism called for should be used mainly in instances where the forces of the marketplace are not strong enough to induce the elimination of objectionable items from the insurer's scope of inquiry-for example, items that are demonstrably relevant but nonetheless objectionable on the grounds of propriety. To make market forces work to the advantage of the insurance purchaser, however, he must know the type of information that may be developed and considered in the decision-making process for an insurance transaction. Otherwise, he has no way of judging whether to take his business elsewhere. The application form itself serves to apprise the individual of some of the information that will be gathered about him, but as previously pointed out, the application normally gives at best only faint clues as to the type of inquiry that may be made of sources other than the individual himself.
Thus, to minimize the need for public-policy determinations as to the propriety of an insurer's inquiries about an individual, as well as inform the individual of the disclosures that must be made in order to obtain a favorable decision on his insurance application, the Commission recommends:
Recommendation (5):
That an insurance institution, prior to collecting information about an applicant or principal insured from another person in connection with an insurance transaction, notify him as to:
(a) the types of information expected to be collected about him from third parties and that are not collected on the application, and, as to information regarding character, general reputation, and mode of living, each area of inquiry;
(b) the techniques that may be used to collect such types of information;
(c) the types of sources that are expected to be asked to provide each type of information about him;
(d) the types of parties to whom and circumstances under which information about the individual may be disclosed without his authorization, and the types of information that may be disclosed;
(e) the procedures established by statute by which the individual may gain access to any resulting record about himself;
(f) the procedures whereby the individual may correct, amend, delete, or dispute any resulting record about himself;
(g) the fact that information in any report prepared by a consumer-reporting agency (as defined by the Fair Credit Reporting Act) may be retained by that organization and subsequently disclosed by it to others.
Recommendation (5) would not apply to information collected for first- or third-party claims or for marketing purposes where the information is collected prior to the initial application. in all other cases, however, it would provide the individual with information about the scope of inquiry to which he is agreeing: the manner in which the inquiry will be conducted (e.g.,through interviews of neighbors and associates) and the disclosures other institutions may possibly make in response to an inquiry from the insurer or an insurance-support organization. Most importantly, it would apprise the individual of the types of uses that may later be made of information without his authorization-for example, of medical-record information acquired by the insurer, or of "adverse information" acquired and retained by an investigative-reporting agency-while at the same time anticipating his need or desire to see and copy, or correct, information developed in the course of the inquiry. Thus, the recommendation would provide the individual with a detailed map of the information flows attendant upon the relationship he proposes to establish with the insurer.
It should be noted, moreover, that the subsection (a) requirement to notify as to "each area of inquiry" when information regarding character, general reputation, and mode of living is to be collected from a third party anticipates a level of specificity finer than currently considered acceptable under the Fair Credit Reporting Act. Furthermore, while the recommendation does not apply to information collected in connection with first- or third-party claims or for marketing purposes prior to the time the individual submits his application, the subsection (d) requirement to notify the individual of those parties to whom the information may be disclosed without his authorization would include notice of the fact that information on first-party property and liability claimants is sometimes disclosed to the loss indexes and the Insurance Crime Prevention Institute.
While unanimously agreeing that the type of notice called for in Recommendation (5) is necessary to solve the problems it addresses, the Commission was concerned about its practicality. One insurer, however, drafted an example which showed that the requirements of Recommendation (5) could be met by a notice that is neither unreasonably lengthy nor unreasonably complex.
As to implementation, while the Fair Credit Reporting Act governs notice requirements to some extent, Insurance Commissioners can also independently monitor industry compliance through their hearing authority under unfair trade practices laws as well as their authority to approve certain application forms. Finally, Recommendation (5) may be self-enforcing because Recommendations (11) and (12), it' adopted, will give the individual a right to have information beyond the scope of the notice given him deleted from any resulting underwriting or support-organization record about him.
NOTICE AS THE COLLECTION LIMITATION
The notice given pursuant to Recommendation (5) will be useless if the insurer's inquiry goes beyond what the notice anticipates. Furthermore, as indicated in the discussion of Recommendation (3) on reasonable care in the selection of support organizations, one of the problems with the insurance relationship is the degree to which it is attenuated by the insurer's frequent reliance on independent contractors in gathering information about individuals.
Thus, to assure that there will be consistency between the scope, techniques, and sources described in the Recommendation (5) notice and the actual inquiry that takes place, the Commission recommends:
Recommendation (6):
That an insurance institution limit:
(a) its own information collection and disclosure practices to those specified in the notice called for in Recommendation (5); and
(b) its request to any organization it asks to collect information on its behalf to information, techniques, and sources specified in the notice called for in Recommendation (5).
Like the notice recommendation itself, this recommendation does not apply to information collected in connection with first- or third-party claims or for marketing purposes where the information is collected prior to the initial application. Compliance with Recommendation (6) could be verified through the correction procedures called for in Recommendations (11) and (12) as well as Insurance Department examinations. If an individual finds that the insurer has information beyond that specified in the notice, the individual should be able to have it deleted from his record.
INFORMATION FOR MARKETING AND RESEARCH
Subsection 3(e)(3) of the Privacy Act of 1974 requires agencies to advise individuals whether the divulgence of particular items of information is mandatory or voluntary and the consequences of refusing to divulge them. The mandatory and voluntary concepts, however, have little meaning in the private sector, inasmuch as an individual's divulgences are all "voluntary" and an insurance institution can make "mandatory" anything it wishes. As a practical matter, an individual may have little choice but to comply with whatever requests for information are made of him. An example of the trepidation this can cause will be found in the discussion of the Blue Cross-Blue Shield psychiatric claims form in Chapter 7, on the medical-care relationship. Since this is so, insurance institutions should at least indicate on their application forms any requested information which is unnecessary for insurance coverage determination purposes but which is sought for marketing, research, or other purposes. Otherwise individuals will have no way of knowing whether such inquiries are necessary, and thus whether they should bring pressure on the insurer to make the inquiries truly voluntary. Accordingly, the Commission recommends:
Recommendation (7):
That any insurance institution or insurance-support organization clearly specify to an individual those items of inquiry desired for marketing, research, or other purposes not directly related to establishing the individual's eligibility for an insurance benefit or service being sought and which may be used for such purposes in individually identifiable form.
This recommendation, which would not apply to third-party claim transactions, should be voluntarily complied with by insurers and support organizations. While the determination of what is required to establish eligibility is left to the individual company and will undoubtedly vary to some degree, fairness to the individual requires that he be apprised of those items of information desired, but not required by the company to determine acceptability or price.
AUTHORIZATION STATEMENTS
The authorization forms used by the insurance industry determine what information insurance institutions and their support organizations can obtain from those with whom an individual has a confidential relationship. Many authorization forms now in use are so broad as to constitute an invitation to abuse. Many do not indicate that they will be used by investigative-reporting agency representatives to develop inspection reports or acquire medical-record information to be transmitted to the insurer. Many do not indicate that they will be used to get credit reports, or information from banks and other organizations.
Although today, banks, employers, and some other types of record-keeping organizations may be willing to disclose certain information about an individual without his authorization, the Commission's recommendations with respect to those types of organizations would make obtaining the individual's prior authorization necessary. When that happens, as well as in those situations where record keepers have confidential relationships with individuals today, such as in the medical-care relationship, the record keeper on whom the duty of confidentiality rests will be the final arbiter of what constitutes a valid authorization. As a practical matter, however, such a record keeper may be hard-pressed to refuse to honor a broadly worded authorization if the result is grave inconvenience to the individual or refusal to reimburse the record keeper for services already rendered to the individual. Thus, to set the standards whereby those who have a duty of confidentiality to an individual may properly be asked to disclose information about him to others, the Commission recommends:
Recommendation (8):
That no insurance institution or insurance-support organization ask, require, or otherwise induce an individual, or someone authorized to act on his behalf, to sign any statement authorizing any individual or institution to disclose information about him, or about any other individual, unless the statementis:
(a) in plain language;
(b) dated;
(c) specific as to the individuals and institutions he is authorizing to disclose information about him who are known at the time the authorization is signed, and general as to others whose specific identity is not known at the time the authorization is signed;
(d) specific as to the nature of the information he is authorizing to be disclosed;
(e) specific as to the individuals or institutions to whom he is authorizing information to be disclosed; <