Your pool’s service providers are likely already using AI to support your operations, which introduces risks related to data privacy, security, transparency and accountability.
It’s important to understand how service providers use AI and place safeguards to protect pool (and member) data.
Our Service Provider AI Checklist is a practical method to look at AI use across contract relationships. Use the checklist during provider selection, contract negotiations, compliance reviews, and ongoing service management to support stronger oversight and more informed decision-making.
The checklist includes:
- General AI use and transparency. Identify potential risks and ensure providers communicate clearly about AI-supported processes.
- Data handling and privacy. Review how service providers collect, store and use pool data within AI systems. Confirm that appropriate privacy protections and data safeguards are in place.
- Security. Evaluate how providers protect AI systems and pool data from breaches, unauthorized access and manipulation.
- Fairness, bias and ethical considerations. Assess how providers monitor AI systems to reduce the risk of unfair or inconsistent outcomes.
- Regulatory compliance and legal considerations. Confirm AI practices align with applicable laws, regulations and contractual requirements.
- Ongoing monitoring and communication. Establish processes for continued oversight, communication and performance review as AI systems evolve.
- Explainability and accountability. Understand how AI systems support decisions and identify who remains responsible for outcomes.
- Documentation and evidence. Maintain records that demonstrate due diligence, support risk management efforts and document compliance activities.
Be sure to review our recently updated Advisory Standards for Recognition. The updated standards address AI use in claims management, underwriting, service provider contracts, data security and business continuity.