Credit: Meta/Adobe Stock
The Blue Cross and Blue Shield Association is trying to shape how state insurance regulators will oversee the AI systems operated by association member companies and other insurance companies.as well as by other insurance organizations.
The Chicago-based group is asking a team at the National Association of Insurance Commissioners to take steps such as narrowing requests for information about AI systems and respecting the confidentiality provisions in insurers' agreements with AI system vendors.
The association represents 33 separate U.S. insurance organizations, including Elevance and Health Care Service Corp. Its member companies provide or administer health coverage for 118 million people.
The NAIC's Big Data and Artificial Intelligence Working Group is developing an AI systems evaluation tool for state insurance regulators. The Blues have contributed to the project by commenting on a draft version of the tool.
The working group met Sunday in Hollywood, Florida, at an in-person session at the NAIC's fall national meeting.
The draft AI tool: The NAIC working group developing the AI tool hopes it will help "regulators to identify and assess AI systems' related risks," including "both financial and consumer risks," according to a background statement in a draft version of the tool included in a working group meeting packet.
The current draft of the tool includes a chart that a regulator can use to show how many AI systems are helping an insurer with tasks such as connecting with consumers and managing company finances.
Other elements in the draft tool include a glossary and sections that could help regulators understand who is in charge of an insurer's AI governance framework, how the insurer tests AI systems, how much attention the insurer's board is paying to use of AI, and how an insurer is managing AI systems that could easily hurt consumers, by, for example, making automated decisions about health insurance claims.
The Blues' views: Many of the Blues' comments have to do with matters such as fine-tuning the wording, but some could affect what kinds of information regulators typically get when they're regulating AI systems.
Many of the current AI systems, for example, "train," or acquire information and develop ideas about how the world works, by going through large pools of data.
The version of the draft AI tool marked up by the Blues provides a column regulators can use to list an AI's "Third Party Data Source/Vendor Name."
The Blues have suggested adding a note stating that providing the information in that column is optional.
"Requiring companies to disclose the identity of third-party data sources and vendor names may create conflicts with existing confidentiality agreements and nondisclosure obligations," according to the Blues. "Many vendor contracts explicitly restrict disclosure of their identity or solutions in regulatory filings outside of privileged examination contexts. Making vendor identification a mandatory field could therefore place insurers at risk of breaching contractual obligations."
Elsewhere, in a section for information about potentially high-risk systems, the version of the draft tool marked up by the Blues asks an insurer to discuss if the insurer has had any actions taken against it for use of the model.
The Blues have asked regulators to edit the question to show that insurers have to provide only information about formal legal or regulatory actions, and only "to the extent permitted by law."
Otherwise, an insurer could have to disclose actions that may be confidential or restricted from disclosure by state or federal law, the Blues say.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.