US NAIC Summer 2024 National Meeting Highlights: Innovation Cybersecurity and Technology (H) Committee

On August 15, 2024, the Innovation, Cybersecurity, and Technology (H) Committee (“H Committee”) met at the Summer 2024 US National Meeting of the National Association of Insurance Commissioners (“NAIC”). The following are highlights from the meeting.

Task Force and Working Group Reports

The H Committee received and adopted reports on the recent activities of its downstream groups, including the Big Data and Artificial Intelligence (H) Working Group; the E-Commerce (H) Working Group; the Cybersecurity (H) Working Group; the Privacy Protections (H) Working Group; the Technology, Innovation, and Insurtech (H) Working Group; and the Third-Party Data and Models (H) Task Force. The reports noted the following:

• Big Data and Artificial Intelligence (H) Working Group: The Big Data and Artificial Intelligence (H) Working Group (the “BDAI Working Group”) met virtually on July 29. Among other matters, the BDAI Working Group received an update on the development of the health insurance artificial intelligence (“AI”)/machine learning (“ML”) survey, the results of which will be used to gain a better understanding of how the health insurance industry is using AI/ML and how such use is being governed. The BDAI Working Group expects to post the health insurance AI/ML survey no later than early October, with the goal of completing the survey by early spring 2025. The BDAI Working Group is also working on obtaining updates on the private passenger auto AI/ML survey through regulator-only discussions with selected auto carriers.
• E-Commerce (H) Working Group: The E-Commerce (H) Working Group met on April 4, when it discussed its 2024 work plan and adopted the E-Commerce Modernization Guide. The working group then met on July 18, when it heard a presentation on “open insurance” (a framework to enable more information sharing within the insurance industry) and had a robust discussion on adding language to NAIC privacy model laws to protect a consumer’s right to control the usage of their information.
• Privacy Protections (H) Working Group: The Privacy Protections (H) Working Group (the “Privacy Working Group”) met on June 12, hearing comments from interested parties and regulators on whether to revise NAIC Privacy of Consumer Financial and Health Information Regulation (#672) (“Model Act #672”) or to continue development of a new Insurance Consumer Privacy Protection Model Law (#674). The Privacy Working Group voted to revise Model Act #672. Among other matters, during its meeting on August 14, the Privacy Working Group agreed to expose the working group chair’s draft of the revised Model Act #672 for a 30-day public comment period ending on September 18.
• Technology, Innovation, and Insurtech (H) Working Group: The Technology Innovation and Insurtech (H) Working Group (the “Insurtech Working Group”) met on August 13. Jason Ralph from McKinsey & Company gave a presentation on insurtech changes and developments affecting the insurance industry, including how the insurtech community can help address various challenges facing the industry. The Insurtech Working Group also received a presentation from the InsurTech Coalition, which supports public policy that enables innovation, including fostering an environment in which innovation can thrive responsibly.

Please view our recent Legal Updates for updates regarding the Cybersecurity (H) Working Group and the Third-Party Data and Models (H) Task Force.

AI Presentations

The H Committee also heard three presentations regarding AI governance and regulatory tools, which are described in further detail below.

• Federal Regulatory Actions Related to the Use of Artificial Intelligence: The first presentation provided an overview and comparison of various tools used by federal agencies and state insurance regulators to regulate the use of AI. The presenter stated that based on current AI federal initiatives, it appears that state insurance regulators are utilizing most of the available AI regulatory concepts, but that given the rapid development of AI, insurance regulators likely will benefit from monitoring new and emerging federal AI initiatives. It was noted that while there is no comprehensive US federal law that universally regulates AI, state and federal regulators currently rely on leveraging existing laws to regulate AI using principles-based methodologies, seeking a balanced approach between promoting innovation and protecting consumers. The presentation also described additional tools that insurance regulators may want to explore, such as requirements to avoid conflicts of interest and the use of model forms and disclosures.
• NIST AI Safety Institute Consortium (AISIC) Efforts to Develop a Framework for Governing AI: The second presentation provided an overview of AI-related work done by the Society of Actuaries, including participation in the AI Safety Institute Consortium (“AISIC”), an organization formed by the Department of Commerce’s National Institute of Standards and Technology (“NIST”) and consisting of more than 200 leading AI stakeholders, including technology companies, technology research organizations, and research universities. AISIC seeks to develop guidelines and standards for the use of AI. The presentation provided an overview of key AISIC initiatives and working groups, which focus on topics such as evaluation of AI testing and auditing and safety and security. The presentation also noted that US actuarial professionals are strongly engaged with the rapid evolution of AI and highlighted the role of such professionals in ensuring the responsible use of AI in the insurance industry.  
• International Actuarial Association (IAA) Efforts to Survey Global AI Governance Frameworks: The final presentation described the work of the IAA’s AI Task Force, which was formed to advance the competency of the actuarial profession with respect to AI by creating awareness of the risks and opportunities related to AI, facilitating knowledge sharing, and educating actuaries. As part of this mandate, the AI Task Force monitors and evaluates AI governance frameworks across the globe. The presentation included a comparative review of the key components of AI governance frameworks from Australia, Canada, China, Europe, Singapore, the United Kingdom, and the United States. The presentation also covered the launch of NIST’s Assessing Risks and Impacts of AI program, which is intended to assess the societal risks and impacts of AI systems.

To view additional updates from the US NAIC Summer 2024 National Meeting, visit our meeting highlights page.