Business Insurance will be back online in October. Please check back then to subscribe/register.

All existing subscriptions will be honored. Contact with any questions.


RMIS providers put increasing emphasis on compliance risk

Federal and state regulatory changes expand employer reporting requirements

RMIS Compliance Risk

Claims management and risk management information system tools have changed as the challenges risk managers face have grown in number and complexity.

One area of increasing emphasis for risk managers and RMIS providers is compliance risk.

Tom Wimberly, Atlanta-based vice president of product management and product marketing at Aon eSolutions, said there is a natural overlap between compliance and RMIS.

“The information that you need to be compliant is something that a RMIS would typically have,” Mr. Wimberly said. “What the RMIS will do is put a bow around it.”

While risk managers need to be mindful of federal and state rules and international standards, the privacy, security and data breach notification rules in the Health Insurance Portability and Accountability Act are among the most stringent.

To make sure its products are HIPAA-compliant, Mr.Wimberly said Aon eSolutions itself received accreditation from Washington-based health care accrediting organization URAC.

“We needed to have the right processes in place to make sure we were handling data correctly for our clients,” he said. The efforts included encrypting data in transit and at rest in its new data center and implementing strict policies on who handles data and when. “HIPAA is so severe in the way you must protect data that it laid the groundwork for compliance with other regulations,” he said.

Aside from federal laws and rules, 10 states are implementing major changes this year on workers compensation injury reporting requirements, said Pat Cannon, regulatory reporting solutions client manager for San Diego-based Mitchell International Inc.


The state changes require “major planning and changes by the workers comp industry,” Mr. Cannon said. “Claim administrators need to get prepared for many changes with first report of injury and subsequent report of injury to be in compliance with electronic data interchange reporting.”

Compliance risk, along with features that address litigation management, loss forecasting and security management, have put more distance between RMIS and traditional claims management systems and moved RMIS software toward governance risk and related compliance tools.

“In the last five years, the technology has totally changed,” said Emily Cummins, director of tax and risk management for the National Rifle Association, and a member of the Technology Advisory Council for the Risk & Insurance Management Society Inc.''

Lisanne Sison, director of enterprise risk management for Sacramento, Calif.-based Bickmore & Associates Inc., said that the accountability and monitoring aspects of RMIS help support successful enterprise risk management initiatives. While compliance efforts are by nature reactive, a RMIS can help an organization be more proactive, strategic and preventative, she said.

“RMIS is not just a reporting tool slapped on top of the claims systems anymore,” Ms. Sison said. “RMIS is becoming a business intelligence tool to give context and meaning to risks outside the insurable risk area. It's hard to have a robust ERM (enterprise risk management) program without the tracking that RMIS can provide.”

“Claims don't generate themselves,” she said. “It's other issues that drive those claims.”

By enabling a risk manager to drill down into anomalies, a RMIS facilitates identifying and improving conditions that lead to losses. “A robust RMIS helps ensure that you're tracking things that can become catastrophic losses,” she said.

Ms. Cummins agreed that as RMIS tools improve, they will become more useful in enterprise risk management.

“The revolution in the space is taking the technology beyond RMIS and making them into true ERM tools,” she said.

More from BI