3 - Administration
The Administration Department is responsible for providing Division of Insurance employees with various operational and administrative services. It ensures that other departments have the necessary resources to carry out the regulatory mission of the agency.
The Administration Department's mission is to ensure:
- The availability of adequate funding to carry out the Division mission
- The efficient, accurate and secure receipt of revenue associated with fees, fines and assessments
- Communication of, and compliance with, federal, state and collective bargaining labor requirements
- The availability of knowledgeable, motivated and trained human resources capable of carrying out the Division mission
- The timely payment of all Division fiscal obligations
- The best value procurement of goods and services
- The safety and security of employees, visitors and property
The comfort of Division employees and visitors
3.2 2008 Goals
|•||Complete a review of agency policies and procedures concerning the security of personal and confidential data and - if necessary - adopt and implement the maximum feasible measures needed to ensure the security, confidentiality, and integrity of personal information.||Ongoing|
|•||Ensure that OLLIE II, which allows Business Entity Producers to renew their licenses online, is completed on time and on budget.||Complete|
|•||With the Insurance Rate Comparison Project Team, ensure the successful design, development and launch of an Insurance Rate Comparison website by March, 2008. The site seeks to educate consumers on how to shop for competitive auto insurance rates in the new managed competition environment.||Complete|
|•||As part of the project team, create a media campaign around the launch of managed auto competition and the Insurance Rate Comparison website. Create a media strategy that includes radio advertisements, television advertisements, mass transit posters, etc. aimed at informing consumers on the "Better Rates for Better Drivers" concept.||Complete|
|•||Implement the internal process requirements allowing the receipt of electronic fee payments from insurance companies utilizing the electronic form and rate filing submission system known as SERFF.||Complete|
|•||Plan, organize and execute a management planning seminar for Division leadership that invites industry, academic, advocacy, policymaking and consumer protection experts to share their views on future trends in the insurance industry.||Complete|
|•||In preparations for the expiration of the agency's lease in 2010, document the Division's program, personnel and space requirements and submit data to Department of Capital Asset Management for the issuance of a Request for Proposals.||Complete|
|•||Adopt a mail services program that reduces postage costs up to 9%.||Complete|
|•||Report on the agency's progress toward completing its Affirmative Action and Diversity goals as outlined in its 2008-2009 Plans.||Complete|
|•||Complete billing of assessments according to timelines so as to ensure collection of all open receivables before year-end and compliance with state Comptroller guidelines and Division internal control plan.||Complete|
|•||Collect all revenue in a timely and accurate way. Ensure compliance with state comptroller guidelines and Division internal control plan.||Complete|
|•||Complete all hiring and staffing requests in a timely manner so as to ensure available human resources to carry out the Division mission.||Complete|
|•||Guide agency users in drafting and issuing Requests for Responses for various professional services. Assist in evaluating and selecting vendors. Ensure procurements are completed in compliance with Operational Services Division requirements.||Complete|
|•||Coordinate in-house training for agency personnel on the conflict of interest law, workplace/domestic violence prevention, sexual harassment prevention, the Americans with Disabilities Act, and the Family and Medical Leave Act.||Complete|
3.3 Primary Activities
Insurance Rate Comparison Website (IRC) and the "Better Rates for Better Drivers" Media Campaign
Following the Commissioner's decision to introduce competition into the automobile insurance market, a group of Division employees from various disciplines came together to work on in order to bring the goals of managed competition to fruition. During the next year, the Private Passenger Auto Managed Competition Team would:
- Design and implement a regulatory framework for managed competition providing affordable premiums for good drivers, a competitive rating system, and a business environment that attracts new insurers to the state
- Design and launch a consumer website known as the Insurance Rate Comparison Website, allowing users to find sample premium rates and contact information for insurance companies and agents
- Design and launch a media campaign, known as "Better Rates for Better Drivers", educating consumers on managed competition and the premium reducing options available to them
To ease consumers through a confusing shift in the marketplace, the Team decided to develop an online web tool with which consumers could find information on the insurance companies selling auto insurance, sample premiums offered by each company, and information on whom to contact to purchase auto insurance. The launch of the website would be accompanied by a media campaign that would draw attention to the changes and the new options available to consumers.
The Insurance Rate Comparison website, located at www.mass.gov/autorates , launched in February 2008 after weeks of software development and testing, meetings with industry personnel and consumer advocate groups, and the development and launch of the "Better Rates for Better Drivers" marketing campaign which blanketed various media outlets across the state during the Spring of 2008. Consumers answer a few simple questions on the website and the site generates a list of sample premiums offered by each of the state's insurers. The site instructs consumers to contact an agent or company to obtain an actual rate quote. By clicking on the site's "AgentFinder" feature, consumers can easily connect with insurance professionals in their area. Consumers using the website discover that there are huge variations in prices and discounts being offered by different companies and this motivated them to get serious about calling their agent and start comparison shopping.
The Division's Private Passenger Automobile Managed Competition Team was selected to receive the Manuel Carballo Governor's Award for Excellence in Public Service as part of the 2008 Performance Recognition Award Program.
Security and Confidentiality of Data
Executive Order 504, An Order Regarding the Security and Confidentiality of Personal Information, was adopted and made effective on September 19, 2008. The order requires executive department agencies to "…adopt and implement the maximum feasible measures reasonably needed to ensure the security, confidentiality, and integrity of personal information as defined in the Security Freezes and Notification of Data Breaches Statute (M.G.L. c. 93H), and personal data as defined in the Fair Information Practices Act (M.G.L. c. 66A)." Together with the Secretariat Chief Information Officer, and the Division's Information Technology and Legal Departments, the Administration Department took steps to ensure compliance with the Executive Order in accordance with its implementation timetable. In 2008, the agency began utilizing the Mandatory Procurement Standards and Procedures for all contracts solicited for IT solutions that involve personal information or personal data. The Division also appointed an agency Information Security Officer (ISO). In 2009, the agency will implement the remaining mandates of Executive Order 504 as required by the Information Technology Division.
In 2007, the Office of the State Comptroller issued a memorandum relating to Payment Card Industry (PCI) Data Security Standards (DSS) compliance, a mandatory program of the major credit card associations to create common industry security requirements for cardholder data. According to the Comptroller, all Commonwealth entities that process, transmit or store cardholder data are required to adhere to certain data security standards mandated by the credit card associations. The primary focus of the PCI standards is to help merchants - in our case, Commonwealth Departments - improve the safekeeping of cardholder information by tightening overall security standards. This overall review reduces the chances of experiencing security breaches, fraud and potential catastrophic financial losses, penalties and loss of trust in Commonwealth public facing applications.
The PCI Security Standards Council mandates compliance of certain information security requirements for any merchant that "transmits, stores, accesses, or processes" cardholder information. Merchants found to be non-compliant with the respective security requirements may be subject to substantial fines and penalties in the event of a data breach.
Although the Division does not transmit, store, access or process credit card information at this time, the agency deemed it prudent to pursue compliance with PCI DSS for the Automated Clearing House transactions processed by its OLLIE and OPRA websites and to assess whether the agency is well poised to begin accepting credit cards at some point in the future. In December 2008, the Office of Consumer Affairs agencies, including the Division of Insurance, engaged a Qualifying Security Assessor (QSA) to verify that adequate personal identity and financial protection exists for citizens and businesses who choose to conduct electronic business with the Commonwealth, and to minimize the significant financial and reputation exposure resulting from fines and penalties imposed as a result of a security breach.
OLLIE (Online Licensing of Individuals and Entities), Phase II
In 2008, a project team including members of the Information Technology, Producer Licensing and Administration sections, successfully enhanced the functionality of the OLLIE website to provide business entity producers the ability to renew their licenses online. OLIIE is the Division's Online Licensing of Individuals and Entities system, which originally launched in 2007. It is a state-of-the-art system offering insurance producers the opportunity to renew their licenses online, as well as the ability to update their licensing profile with product and sales information that may be helpful to consumers. This producer profile information populates the AgentFinder website, which connects consumers to insurance professionals based on criteria provided by the consumer. AgentFinder allows consumers to generate a list of agents from a database of the state's 70,000 licensed insurance professionals based on the geographic, product and company specifications that he or she selects. With the enhancements achieved in 2008, consumers can now find an insurance agency based on the same search criteria, in addition to its branch office locations.
The license renewal process was once a paper intensive process. Hundreds of Massachusetts residents now choose OLLIE for the speed, precision and efficiency its online features offer. OLLIE was made available to business entities in December 2008 and initial results indicate that it is being adopted at twice the rate as the individual renewal site. During the first full month the site was available to business entities, some 65% of them chose to renew their licenses online. Data indicates that an average of 30% of individual producers are opting to renew online with OLLIE.