19 - Data

Question 1

What is Personal data

Answer 1

Personal data is information which would allow an individual to be identified, either on its own or when combined with other information

Question 2

Examples of personal data

Answer 2

Name
Address
Personal email address
Occupation
DOB 
Health status
Race or ethnicity
Criminal record

Question 3

What is Sensitive personal dat?

Answer 3

Sensitive personal data is information which is more private to the individual
Its disclosure to others without consent could cause the individual a high level of distress or damage

Question 4

Examples of sensitive personal data

Answer 4

o Racial or ethnic origin
o Political opinions
o Religious or other similar beliefs
o Membership of trade unions
o Physical or mental health condition
o Sexual life
o Convictions, proceeding and criminal acts

Question 5

Under what conditions might Sensitive personal data be processed

Answer 5

1. The data subject has given explicit consent
2. It is required by law for employment purposes
3. It is needed in order to protect the vital interests of the individual or another person
4. It is needed in connection with the administration of justice or legal proceedings

Question 6

What is the main concern of using / transferring data across international borders?

Answer 6

The legislation around data handling may be more stringent in one of the two countries and organisations need to take extra care to not breach local standards.

Question 7

List the eight conditions of the POPI Act in South Africa.

Answer 7

1. Accountability
2. Processing limitation
3. Purpose specification
4. Further processing
5. Information quality
6. Openness
7. Security safeguards
8. Data subject participation

Question 8

Describe the POPI Act condition of accountability.

Answer 8

The party responsible for processing the data is also responsible for compliance with POPI.

Question 9

Describe the POPI Act condition of processing limitation.

Answer 9

Information must be processed in a fair, lawful and relevant manner, after consent is given by the data subject.

Question 10

Describe the POPI Act condition of purpose specification.

Answer 10

Personal information must be collected for a specific purpose. Record keeping to be destroyed when personal data is no longer relevant or authorised to be held.

Question 11

Describe the POPI Act condition of further processing limitation

Answer 11

Further processing must be compatible with the initial collection prupose.

Question 12

Describe the POPI Act condition of information quality

Answer 12

Data completeness, accuracy and updates to be ensured by holder of the data.

Question 13

Describe the POPI Act condition of openness

Answer 13

Documentation to be maintained on all processing operations and maintaining transparency on data use.

Question 14

Describe the POPI Act condition of security safe-guards

Answer 14

Integrity and confidentiality of personal data must be secured and all processing done only by authorised operators. Notification to be done on security compromises.

Question 15

Describe the POPI Act condition of data subject participation.

Answer 15

The data subject may request confirmation of personal data held and request correction or deletion of any inaccurate, misleading or outdated information held.

Question 16

Aside from criminal action and fines, what is another damaging effect of data breaches occurring within a company’s data bases?

Answer 16

Damage to reputation and the ability to retain and attract clients.

Question 17

What is data governance?

Answer 17

Data governance is the overall management of the: availability, usability, integrity and security of data

Question 18

Give the aspects that a data governance policy should aim to cover. (5)

Answer 18

1. The specific roles and responsibilities of individuals in the organisation with regards to data.
2. How an organisation will capture, analyse and process data.
3. Issues with respect to data security and privacy
4. The controls that will be put in place to ensure that the required data standards are applied
5. How the adequacy of the controls will be monitored on an ongoing basis with respect to data usability, accessibility, integrity and security.

Question 19

Give the data governance risks (4).

Failure to have adequate data governance policy can lead to?

Answer 19

1. Legal and regulatory non-compliance
2. Inability to rely on data for decision making
3. Reputational issues
4. Incurring additional costs

Question 20

Give a data concern around mergers and acquisitions. (3)

Answer 20

1. Should data be combined into one system
2. Which company’s system to use
3. Data aggregation issues.

Question 21

Give the main risks associated with data. (6)

Answer 21

1. The data are inaccurate or incomplete
2. The data are not credible due to being insufficient volume, particularly for the estimation of extreme outcomes.
3. The data are not sufficiently relevant to the intended purpose
4. Past data may not reflect what will happen in the future.
5. Chosen data groups may not be optimal
6. The data are not available in an appropriate form for the intended purpose.

Question 22

Why may past data not be an accurate reflection of future experience.

Answer 22

1. Past abnormal events
2. Significant random fluctuations
3. Future trends not being reflected sufficiently in past data
4. Changes in the way in which past data was recorded
5. Changes in the balance of any homogeneous groups underlying the data
6. Heterogeneity with the group to which the assumptions are to relate
7. The past data may not be sufficiently up to date
8. Other changes

Question 23

What is big data?

Answer 23

Big data comprises very large data sets, often brought together from different sources, and which can be analysed very quickly

Question 24

State the data protection principle which may be difficult to meet when using big data

Answer 24

Personal data should be adequate, relevant and not excessive for the purposes concerned.

Question 25

How can companies avoid big data being excessive and personal for the given purpose?

Answer 25

Anonymisation can be used to ensure that the data is not considered to be personal data.

Question 26

List the main uses that actuaries make of data.

Answer 26

1. Premium rating, product pricing and determining contributions
2. Setting provisions
3. Experience analysis
4. Risk management - underwriting and reinsurance
5. Investing
6. Accounting
7. Management information
8. Marketing
9. Administration

Question 27

List the key data required for active members when valuing a pension scheme

Answer 27

1. Membership ID / number
2. Date of birth
3. Date of joining employer
4. Date of joining the scheme
5. Date / age of retirement
6. Current salary
7. Salary scale / growth assumptions
8. Category of membership
9. Dependents - marital status
10. Age of dependants
11. Data from previous valuations for reconciliations

Question 28

Outline the design features of a good proposal form.

Answer 28

1. Collects data at an appropriate level - including data that are not currently used but may be used in the future
2. Be clear and unambiguous - to capture the correct information
3. Have inputs that are quantitative as far as possible

Question 29

Give a design feature of the claims form in order to store good quality data.

Answer 29

Should be clear and unambiguous and link to the proposal form - to cross check information

Question 30

Give features of data inputting processes that can ensure that good quality data is stored by a company. (5)

Answer 30

1. Inputs should be in the same order as the proposal form
2. Staff that are inputting data should be trained
3. Financial incentives for accurate inputting
4. Data systems should have data validation checks - blank entries and sensible entry values
5. Send policyholders copies of the key information in order to check all values are captured correctly

Question 31

Give the data system features that can help ensure that good quality data is stored by an insurance company.

Answer 31

1. The system should be capable of storing information so that historical data is available for future pricing exercises
2. System should be robust yet flexible
3. System should be secure - restricting access of people who can manipulate data
4. Regular checks of data movements and changes
5. Single integrated systems can make data handling easier

Question 32

List reasons why claims data might not be directly comparable between different general insurance companies.

Answer 32

1. Organisations operating in different geographical or socio-economic sections of the market
2. Different policies being sold - policy conditions or perils
3. Products being sold by different sales methods or to different target markets
4. Differing underwriting standards at the initial claims stage
5. Different companies assessing risk differently - different rating factors
6. Data being stored or recorded differently or relating to different time periods

Question 33

Describe the issues with using industry data.

Answer 33

1. Supplied data may be inaccurate or incomplete
2. May be out of date
3. May not be relevant to the intended purpose
4. Data may not be available in intended format
5. Chosen data groups within the industry-wide data may not be optimal
6. The coding used for the factors by which the data is split may vary between pension schemes
7. May have different definitions of benefits
8. May not be detailed enough data
9. Data may be less flexible than is required
10. Data may not be credible at extreme conditions
11. Data may not reflect what will happen in the future

Question 34

Describe how industry data may not be relevant for a benefit scheme.

Answer 34

1. Not originally collected for the intended purpose
2. May not be accurately comparable
3. Employer operates in a different geographical region
4. Has a different socio-economic mix of members than the industry average
5. The nature of the benefits is very different to industry averages
6. The extent of voluntary vs compulsory membership differs from the industry average

Question 35

List the reasons that past data may not reflect future experience.

Answer 35

1. Past abnormal events
2. Significant random fluctuations
3. Future trends not reflected in historical data
4. Changes in the way in which past data was recorded
5. Changes in the balance of homogeneous groups underlying the data
6. Other changes such as medical, social or economic.

Question 36

What is algorithmic decision making?

Answer 36

Algorithmic decision making refers to investment trading decisions that are automated so that they take place without human interventions

Question 37

Give the advantages of algorithmic decision making.

Answer 37

1. Faster
2. More efficient
3. Possibly lower dealing costs on trades
4. It is possible to implement complex trading strategies

Question 38

Give the disadvantages of algorithmic decision making.

Answer 38

1. Could be errors in the algorithm or the data or parameters - especially when a large number of trades could be implemented in a short period
2. Algorithm may not operate in adverse conditions
3. Trading may be suspended before algorithmic trading can be completed in turbulent markets
4. Could have adverse impacts on the financial systems

Question 39

Give the main sources of data for an insurance company.

Answer 39

1. Publicly available data
2. Internal data
3. Industry-wide data collection
4. Reinsurance data

Question 40

Give the main issue with using internal data.

Answer 40

There may not be sufficient data for launching or pricing a new product or target markets.

Question 41

Give some advantages of using industry-wide data

Answer 41

1. Can compare experience with that of the industry as a whole
2. Can provide an indication of the ways in which competitors attract policyholders through differences between the company and the industry-wide data.

Question 42

How can individual assets data be checked:

Answer 42

1. Check that a liability or asset exists on a given date
2. Check that a liability is held or an asset is owned at a given date
3. Check that when an event is recorded, the time of the event and the associated income or expenditure are allocated to the correct accounting period
4. Check that data are complete – no unrecorded liabilities or assets
5. Check the appropriate value of an asset or liability has been recorded

Question 43

Describe the main data checks that actuaries can use.

Answer 43

RECONCILIATIONS

1. Reconciliations of member / policy numbers
2. Reconciliations of benefits and premiums
3. Reconciliation of beneficial owner and custodian records where assets are owned by a third party

CONSISTENCY CHECKS

5. Consistency of asset income data and accounts
6. Consistency of salary related contribution and benefit levels with the accounts
7. Consistency between average sum assured and premium for each class, and when compared with previous investigations
8. Consistency between start and end period shareholdings adjusting for sales etc
9. Consistency between actuary and custodian’s records
10. Consistency between contributions and active members
11. Consistency between pension benefits and number of pensioners

SPOT CHECKS

12. Records picked at random for spot checks.
13. Look for very high or very low values/ unusual values
14. Full deed audit for certain assets, eg property
15. Validity of dates

Question 44

Give the main circumstances under which there may be a lack of ideal data.

Answer 44

1. Insufficient volume to provide credible results

2. Data captured at insufficient details

Question 45

Describe the main issue with using summarised data.

Answer 45

The records cannot be validated which makes error detection impossible

Question 46

Outline the issues with provisions that are too large

Answer 46

1. The funding level will appear to be lower than it actually is
2. Capital may not be used efficiently

Question 47

Outline the issues with provisions that are too small

Answer 47

1. Over time it will become apparent that additional money is required
2. Worst case is insolvency

3, Profits will be recognised earlier and the payment of tax will be accelerated4. Inappropriate business decisions can be made.