As technology evolves so does the risk landscape, voice-assisted technology is now being used more frequently in households and businesses. While this risk is an untapped area for brokers, could access to sensitive data negatively impact premiums? 

Alexa and Siri are just two types of artificial intelligence voice assistants, with a fifth (20%) of all searches on healthcare being via voice-assisted technology which is particularly popular with seniors, children and those with mobility problems, revealed the NHS. 

Last year, e-commerce giant Amazon was given free access to healthcare data collected by the NHS under a deal with Alexa, but this does not include access to patient records.

According to a blog by Amazon, it allows people to ask for health advice from verified NHS sources using voice-assisted technology using their Alexa device, for example a user can ask: ”Alexa, how do I treat a migraine?”

But with any new technology comes new risks. While it may be an untapped opportunity for brokers, underwriters are concerned with how to underwrite this evolving risk, cyber insurers with how to keep data safe and claims handlers are questioning who will pay the claim if this technology is inaccurate. 


Brokers, want to learn more about how to grow and protect your business? Don’t miss out on BrokerFest, digitalisation is just one of the topics to be covered at this event. Click here to find out more

Under current legislation patients have the right to access their own medical records but can only access others in limited circumstances according to GDPR under EU law, it is not known whether this might change post-Brexit.

Ben Davis, insurance lead of emerging technologies at Digital Risks believes the latest NHS – Amazon deal demonstrates the continuing trend of large tech companies competing in industries traditionally not part of their core business model.

He told Insurance Times: ”Technology companies are increasingly becoming an ‘everything’ company. This poses an increasing burden on the underwriters and brokers of these companies to understand multiple exposures at once. Traditional insurance lines like property and casualty are being influenced by this ‘everything’ model, as they are having to understand the application of technology to their respective areas of expertise.

”One might say that the biggest shift in insurance is not just the insurtech proposition, but the need for traditional underwriters to expand their hearts and minds to adapt to this rapidly changing space.”

Negatively impacted premiums 

Meanwhile, Jason Tooley, chief revenue officer at authentication platform Veridium, told Insurance Times that ”through user engagement it will be able to obtain highly sensitive data which could reveal the state of a person’s mental or physical health.

”If the platform is not secure, it would only require one point of entry for an attacker to gain access, leaving end-users at risk of being profiled and targeted based on health concerns. If such data were released into the hands of insurance brokers, in particular, we could expect to see consumer premiums negatively affected.”

Privacy gaps

Tim Boyce healthcare practice leader at CFC told Insurance Times: “The Amazon Alexa device does create a lot more cyber and privacy issues. Although the services that they are offering in the NHS are very much low level and the government have been doing everything it can to nullify people’s concerns, we need to be a bit careful.”

This is because it has been widely reported that staff at Amazon have access to information on those devices and they often use it to sift through and improve systems as well. Boyce said that while Amazon is not being given access to NHS patient data at present, the Alexa could be zapping information and redistributing it into machine learning tools, in a bid to triage patients’ conditions that way.

“Though it [patient data] won’t be personally identifiable, it does bring up certain ethical issues say if they were to sell that data to private healthcare insurers,” Boyce continued.

He added that these devices also present various privacy gaps, with big differences between public and private use. 

The NHSX  – a joint unit taking forward the UK healthcare system’s digital initiative said in a blog that it was working with the Amazon team to ensure that it can be “totally confident that Amazon is not sharing any of this information with third-parties”. 

Amazon restrict access through multi-factor authentication, services are all encrypted, and regular audits on their control environment to protect it. As has been observed by some journalists, this isn’t dissimilar to general search, but by voice so some of the concerns about privacy and commercialisation are the same that apply to all search providers,” it continued.

Tooley also believes that this partnership ”raises serious questions” in relation to data safety and the storage of highly sensitive data.

”Companies must look at how to protect their customers in the most secure way possible – minimising risk using techniques such as ‘Sharding’. Widely regarded as one of the safest data separation methods, ‘sharding’ breaks apart the data and distributes the storage between the device and server,” he said.

Who pays the claim?

Another issue, Boyce explained is in the event of a claim where a doctor is using a technology with artificial intelligence for analysing a CT scan or an X-ray, who do you blame if both the radiologist and the technology is incorrect?

 ”There’s no case law to back it and you could say that about the device – it’s a product that [gives] direct to consumer advice so [with] product failure where does that sit? I think that’s going to be a debate over the next decade – who makes the ultimate decision, the healthcare provider or the technology?” he added. 

On a more serious note, there is the issue of misdiagnosis. He explained that in the US: ”People can order repeat prescriptions in the US and that is being paid for by private health insurers. They are also being used for doctor’s notes. The reason that this is different in the UK is that all of this sits within the NHS, [it] holds all of this data and that is golden as all these big tech firms really like data because then they analyse it, advertise and then target products.”

In the US Amazon have already moved into healthcare but this is its first foray into the NHS in the UK, and the healthcare provider has a 10-year plan in partnership with the government to digitalise the system. 

“If you look at healthcare, it’s one of the last remaining industries that has not undergone a digital revolution. It’s still very much stuck in the dark ages globally,” Boyce said. 

Tooley added that over the past few years there’s been a shift towards digital transformation and innovation within the healthcare sector, ”however this is not always matched by an increase in organisational security measures. These new technologies are creating a gap that can be called the “attacker’s arbitrage”, an opportunity for bad actors – people posing as others - to exploit sensitive data because it is unprotected.”

Savvy enough?

Boyce continued: “The big [question] is are consumers savvy enough to know the implications of giving information to a third-party provider.”

He fears that with less control over data there could be more oversights, this could deepen the opioid crisis for insurers with the user being able to order repeat prescriptions more easily. 

Boyce cited Amazon US’s two partnerships – Berkshire Hathaway and JP Morgan, and the potential profit margins in pharmaceuticals.

“It’s essentially distributing drugs in the same way that they distribute products all over the world, there’s quite a lot of money in healthcare. People spend hundreds of thousands on healthcare in America.”

But Boyce concluded that if something went wrong, the results would be catastrophic, ”somebody could die, it’s a life and death situation”. 

Subscribers read more 

City insurers brace as opioid crisis unravels 

opioid crisis