Noooooo! I sent the wrong document!

Minimizing the risk: Document privacy and compliance

Insurance companies and other businesses in regulated industries view security breaches and regulatory infractions associated with customer communications as big risks. Poorly-constructed documents, errors in distribution, or obsolete content can result in fines, lawsuits, remediation expenses, negative publicity and even loss of customers.

Mistakes and regulatory infractions can happen in high-volume documents and “1-off” single-recipient correspondence alike, but for different reasons and the preventative actions need to be different.

High-volume errors

In production environments, a great many personalized documents are created in large batches, largely unseen by human eyes. Software bugs, human error, and network communication interruptions can cause data from two different customers to be printed on the same document. Or events such as mechanical issues, paper jams, or operator errors can result in pages from different accounts finding their way into an envelope mailed to a single customer.

Double-stuffed envelopes, out of sync duplex printing, incorrect paper or envelope stock, obsolete boilerplate text, and mixed up data can cause concern for customers and grief for the insurance provider and their print/mail processing vendors. I recently heard a story where one TPA solution provider incorrectly printed and mailed over 10,000 documents to Carrier A’s insured using Carrier B’s logo and name. You can imagine the nightmare that caused.

Modern print and mail facilities should have safeguards to prevent or catch these kinds of mistakes, but they still happen. When they do, the negative publicity is damaging. Sending corrected documents, staffing for extra customer service support, and measures such as stopping payment on checks or paying for credit monitoring are expensive.

Exposure of a different kind

Though the number of impacted customers is small compared to high-volume document operations, employee errors or lack of controls in departmental “1-off” correspondence systems can cause privacy or compliance issues too. Without a centralized document template facility, employees may be relying on the copy-and-paste method of document composition. This can lead to embarrassing and costly mistakes.

A simple human error such as choosing the wrong document template can create problems when regulations for document language or content differ among localities. Accidently leaving private information in the body of a document (left over from the previous recipient) is another easy mistake made in manual workflows based on standalone copies of word processing software.

Take preventative measures

Fortunately, insurers can reduce the risk of regulatory and privacy infractions in both the high-volume environment and “1-off” correspondence.

Insurance companies should perform regular audits to verify the processes, controls, and procedures at in-house or outsourced print/mail facilities to prevent or intercept document errors before they get into the mail. The audits should confirm quality control protocols are diligently enforced.

For “1-off” correspondence and other lower-volume materials produced by internal departments, insurers can lower their exposure to privacy and compliance violations by implementing centralized document template repositories. Once centralized, the only copy of a document template is the official one authorized by the legal department. In this type of environment, there is no risk of individual users working with obsolete materials. Templates containing variable data placeholders, including locality-specific text blocks, are resolved at composition time. Such solutions eliminate many of the errors associated with copying and pasting.

Electronic documents are not exempt from privacy and regulatory compliance violations. Though paper-handling issues are no longer present, many of the items that cause incidents are the same as those encountered in physical document workflows. Similar error-checking, quality control, and centralization strategies are useful in the world of electronic messages just as they are for print.

COVID-19 update

The spread of COVID-19 continues to evolve and in this context, we wish to inform you that Xpertdoc is closely monitoring the situation and would like to inform you of the measures taken by our team to support its employees, customers and partners.

We do not foresee any impact on the delivery of our services and want to assure our customers that we are executing our continuity plans in order to ensure that our customers continue to receive our services without jeopardizing the safety and security of our personnel.

In accordance with the recommendations of government authorities, here are some of the measures being taken by Xpertdoc:

Remote work for all employees
Arrangements have already been made and we have requested that all our employees work from home. Our continuity plan includes a full deployment of remote work arrangements to ensure uninterrupted service to our clients and partners.

Hosting and cloud services
We have been assured by our suppliers that there are no known impacts to these services, and we are confident that we are able to effectively manage the delivery of our cloud services to all our customers.

We have cancelled all business travel until further notice for all our employees. If employees have or will travel for personnel reasons, they will be asked to respect the quarantine delay before participating in any business activities.

Events and gatherings
All our events have been postponed or cancelled. Our employees are no longer allowed to participate in any events, seminars or gatherings.

We are committed to providing the best possible service to our customers and partners, to ensure that you can continue digital communications with your own audience. In these critical moments if we can help please do not hesitate to contact us.


The Xpertdoc Team

Mise à jour sur la COVID-19

La propagation de la COVID-19 continue d’évoluer et, dans ce contexte, nous souhaitons vous informer que Xpertdoc suit de près la situation et que notre équipe a pris des mesures pour soutenir ses employé(e)s, clients et partenaires.

Nous ne prévoyons aucun impact sur la prestation de nos services et voulons assurer nos clients que nous mettons en œuvre notre plan de continuité des affaires, afin de garantir que vous continuiez à recevoir nos services, sans compromettre la santé et la sécurité de notre personnel.

Conformément aux recommandations des autorités gouvernementales du Québec, voici quelques-unes des mesures prises par Xpertdoc :

Travail à distance pour tou(te)s les employé(e)s
Nous avons demandé à tou(te)s nos employé(e)s de travailler à domicile. Notre plan de continuité des affaires comprend des arrangements de travail à distance pour assurer un service ininterrompu à nos clients et partenaires.

Hébergement et services infonuagiques
Nos fournisseurs nous ont assuré qu’il n’y avait pas d’impacts connus sur les services d’hébergement et infonuagiques. Ainsi, nous sommes convaincus d’être en mesure de gérer efficacement la livraison de nos services infonuagiques à tous nos clients.

Nous avons annulé tous nos voyages professionnels jusqu’à nouvel ordre, pour tou(te)s les employé(e)s. Si des employé(e)s ont voyagé ou doivent voyager pour des raisons personnelles, il(elle)s seront placé(e)s en quarantaine pour une durée de 14 jours, avant leur retour au travail.

Événements et rassemblements
Tous nos événements ont été reportés ou annulés. Nos employé(e)s ne sont plus autorisé(e)s à participer à des événements, séminaires ou rassemblements.

Nous nous engageons à fournir le meilleur service possible à nos clients et partenaires, afin de garantir que vous puissiez continuer vos opérations sans interruption. Dans ces moments critiques, nous sommes là pour vous aider. N’hésitez pas à communiquer avec nous si nécessaire.


L’équipe Xpertdoc