Data is an increasingly powerful asset for companies in every industry, and this is especially true in life insurance. A certain level of trust is required when companies share data. We believe that transparency builds trust and want to be completely transparent about the safeguards we’ve established to protect and secure one of your most important assets: your data that runs through our models.
In this blog post, we’ll review the types of data we receive (and don’t receive) from our customers and how our operating model and technical architecture help protect your data every step of the way.
The first safeguard is actually the lack of information—specifically, personally identifiable information (PII). We do not accept PII such as Social Security numbers, patient identification numbers, names, addresses, etc., because our models do not need that information to calculate a lifescore.
"...without PII or any other unique identifier, the data cannot be connected to another data set. It is essentially meaningless ..."
The lack of PII is important for obvious data privacy and security reasons. It’s also important because without PII or any other unique identifier, the data cannot be connected to another data set. It is essentially meaningless to anyone but you, our clients.
The nature of predictive modeling is also a safeguard in itself. Models don’t actually contain data; rather, they are built on historical data to help predict future outcomes. In our case, they were built on 20 years’ worth of applicant data that includes laboratory tests, personal health, family histories, underwriting information, and mortality outcome. The outcome is the most important data point in building the models, and we are never in possession of outcome data from clients.
The lack of mortality outcomes is an important barrier because it renders the data meaningless in terms of future machine learning. It is impossible for us to change, refine, enhance, or train the model—in any way—without your mortality data.
Independent tech stack
We are a wholly owned subsidiary of MassMutual and license their intellectual property. This operating model ensures that we have another important element that keeps your data safe: a completely separate, independent tech stack. We host copies of the MassMutual predictive models on our own tech stack. The customer portal, API, and any other code used to touch partner or applicant data is housed in our own cloud infrastructure, which is not connected to the MassMutual environment.
"This one-way street does not expose MassMutual to your data, and vice versa."
A simplified version of our deployment process involves MassMutual sending us the code. We deploy the code to our separate and secure tech stack, test, and then make the model available to our clients. This one-way street does not expose MassMutual to your data, and vice versa.
We understand the enormous amount of trust our clients place in us when they share their data. Our customer-centric protocols, technical architecture, and operating models were created to protect you and your data, every step of the way.