Does the NAIC bulletin apply to small agencies?

The bulletin formally addresses insurers, but carriers increasingly push governance expectations down to agencies. A written AI policy is fast becoming a contractual expectation, not just a best practice.

Can we use AI for claims correspondence?

With care. AI can draft, but a licensed human should review anything that communicates a coverage position. The generated policy includes that requirement.

AI Policy Template for Insurance

Insurance is one of the few industries where regulators have already moved: most states have adopted the NAIC Model Bulletin, which expects insurers — and by extension their distribution partners — to maintain written AI governance programs. Even a small agency benefits from a policy that controls what policyholder data touches AI tools and requires human review of anything resembling a coverage or claims determination.

Generate a policy customized for insurance agencies in about 3 minutes:

Generate my insurance AI policy

Free preview · $49 one-time to download

AI risks specific to insurance agencies

State regulators have adopted the NAIC model bulletin requiring written AI governance programs
AI involvement in underwriting or claims decisions can trigger unfair-discrimination scrutiny
Policyholder data entered into consumer chatbots may violate GLBA and state privacy rules
AI-drafted coverage explanations that are wrong can create E&O exposure

Compliance requirements your policy must address

State Insurance Regulations

AI use in underwriting, rating, or claims handling is subject to state insurance department oversight, including the NAIC Model Bulletin on the use of AI by insurers. Any AI involvement in coverage or claims decisions requires documented human review and must be disclosed to the compliance function.

GLBA

Nonpublic personal information (NPI) covered by the Gramm-Leach-Bliley Act — including account numbers, balances, credit information, and any data collected in connection with providing a financial product — must not be entered into AI tools that have not been approved for NPI under the Company's GLBA safeguards program.

What a complete insurance AI policy includes

Purpose, scope, and who the policy covers (employees, contractors, volunteers)
Approved AI tools and the process for approving new ones
Acceptable uses — and the prohibited list, including data that must never enter prompts
Privacy-law clauses for your jurisdictions (GDPR, EU AI Act, CCPA, PIPEDA) plus State Insurance Regulations and GLBA requirements
Human review and accountability rules for AI output
Incident reporting, enforcement, and annual review

Frequently asked questions

Does the NAIC bulletin apply to small agencies?: The bulletin formally addresses insurers, but carriers increasingly push governance expectations down to agencies. A written AI policy is fast becoming a contractual expectation, not just a best practice.
Can we use AI for claims correspondence?: With care. AI can draft, but a licensed human should review anything that communicates a coverage position. The generated policy includes that requirement.

Get your insurance AI policy

Answer a few questions, preview the full document free, and download it as editable Word for a one-time $49.

Start the generator

DraftAIPolicy is not a law firm; documents are self-help templates, not legal advice.

Other industries

Accounting & Bookkeeping Legal Services Healthcare & Medical Practices Financial Services & Advisory Education (K-12 & Districts)Higher Education Software & SaaS Marketing & Creative Agencies