1. What is fraud?
   There are several kinds of fraud: the common ones are duplicated claims and fabricating the loss.  Network/syndicated claim fraud is more complicated and less easy to detect. By establishing an Insurance Fraud Prevention Claims Database (IFPCD), we can quickly detect suspicious claims for further investigation and deter fraudsters.

   
   

2. Insurance companies paying fraudulent claims – what does it have to do with me?
   Insurance fraud is a serious criminal offence which not only affects the insurance industry but all policyholders at large.  International experience shows that for every $100 claims insurance companies settle, $10 to $15 involve a certain element of fraud.  At the end of the day, honest policyholders will be shouldering the claims payout illegally pocketed by fraudsters.

   
   

3. How does the IFPCD detect and prevent fraud?
   The IFPCD applies an AI tool that speeds up the entire claim and fraud detection process.  Through applying algorithm on fraud scenarios and analyzing claims data, the IFPCD will detect and alert participating insurers on possible claims anomalies. The insurers concerned will then conduct further investigations to determine the validity of the claims and take appropriate actions.  Databases applying similar AI technology are seen in Singapore, France, etc. 

   
   

4. Will my claims data be used against me when I apply for insurance?
   The IFPCD will only be used for claims processing and detection of fraud.  ONLY claims handlers and related authorized personnel are allowed access to the IFPCD.  There is a Code of Practice prohibiting insurance companies from using data in the IFPCD for underwriting and any other purposes.  

   
   

Data Access

5. What information are you collecting?  When will my data go into the IFPCD?
   Your data will go into the IFPCD when a new claim is filed. In other words, no data will be transferred to the IFPCD unless there is a claim.
   We will be collecting the following:
   
   

   • Policy information – e.g. policy number, client ID

   • Claims information – e.g. date of accident, date of treatment

   • Personal data – e.g. ID / passport number, name, date of birth

   • Third party data – e.g. healthcare provider, repair shop

     
     

6. Can I check that you have correct information in the IFPCD? 
   You can request access to your data in the IFPCD to confirm its validity.  Such request must be made in person at our office as we need to authenticate your identity before releasing any personal information.  Please contact the IFPCD Office at 28619392 or ifpcd@hkfi.org.hk for details.

   
   

7. What if I don’t want my claims related data transferred to IFPCD?
   The IFPCD is established to protect the interest of all policyholders.  Your data will ensure the efficacy of the system in achieving this ultimate goal.  Moreover, the personal data collection statement states that your personal data will be used for the purposes of processing your application, investigate and settle claims, and detect and prevent fraud.  The regulatory body also welcomes the introduction of the IFPCD, which is a tool to protect bona fide claimants.  Since the IFPCD will become an integral part of claims handling process to help detect fraud and accelerate the handling process, customers should note that the transfer of claims related data is justified and reasonable.  If you are concerned with your data transferred to the IFPCD, you may contact your insurer(s).

   
   

Privacy & Security

8. Who are making sure that my data privacy is being protected and use for the right purpose?
   From day one we have attached great importance to data privacy protection in line with public expectations.  Our IFPCD fully embraces the concept of privacy-by-design in respect of system architecture and operations.  We have conducted several discussion sessions with Privacy Commissioner for Personal Data and incorporated their input and observations.  An independent Steering Committee comprising of distinguished community leaders and experts in related fields is set up to oversee the proper establishment and operations of the IFPCD to ensure that public interest is well safeguarded.

   
   

9. How do you ensure my data is not misused?
   Firstly, the latest personal data collection statement of the insurers state that your personal data will be used for the purposes necessary to process application, investigate and settle claims and detect and prevent fraud.  Secondly, we have set up a rigorous auditing and monitoring routine on the use of the IFPCD as well as the data. All of the participating insurers will have to sign an agreement to observe the Code of Practice on the restrictive use of the IFPCD.
   
   Furthermore, your data will not be transferred to the IFPCD if you have never filed any claims. And if there is an alert from the IFPCD, only authorized claims personnel from involved insurers can view the data. 

   
   

10. What sort of safeguards have you put in place to keep my data safe?
    The relevant AI technology is provided by Shift Technology, a French Company based in Paris with an office in Hong Kong. Shift Technology has confirmed that the IFPCD is European Union (EU) - General Data Protection Regulation (GDPR) compliant. Shift Technology uses highly secured technology, and all data transfer is encrypted. There are also stringent controls over the access of data by authorized personnel with specific security badges.

    
    

Fraud Alerts

11. What if the IFPCD wrongfully accuses me of being a fraudster?
    The IFPCD only detect anomalies which may require claims handlers’ review for further investigation.   Since the IFPCD will only help detecting suspicious claims, verification of a fraudulent claims case still required in depth investigation by Insurers.   As such, you won’t be wrongly accused as fraudster by the IFPCD.