Guide7 min read

Is It Safe to Use AI for Insurance Work?

Yes for general questions, no with a raw file: health, financial and ID data must be anonymised before any AI prompt. The honest method inside.

By Pierre de ONYRI

The short answer: yes for general questions, no with a raw file. AI can explain a clause or a claims procedure. But an insurance file stacks the most sensitive data there is. Health records. Financial details. IDs and addresses. Pasted into a consumer ChatGPT, that mix goes to a third party. It can be retained, reviewed by a human, or reused for training. There is a clean method. Anonymise the identifiers and sensitive values before you send. The AI works on the shape of the file, not the real values.

Why an insurance file is 'double-sensitive'

Insurance runs on the most delicate data, all at once. A single claim can combine a medical record, bank details, a salary and a government ID number. That combination is what makes the file dangerous. You don't expose one field. You expose the highest-risk mix in one move.

Health is the hardest part. Under the GDPR, Article 9 treats health data as 'special category'. Its processing is prohibited by default. It is allowed only under narrow conditions, such as explicit consent. The bar is far higher than for ordinary personal data.

Yet insurance files routinely contain exactly this health data. It sits next to financial details and ID numbers. Pasting the lot into a consumer tool therefore sends the highest-risk combination to a third party in one gesture.

The rules depend on the data and the entity

Several frameworks may apply. Which one depends on the data and the entity. Here is how to read them without overreaching.

In Europe, the GDPR settles the health question. Article 9 makes it special category with heightened protection. This is the cleanest, least debatable point in the whole topic.

In the US, the FTC explains the role of the Gramm-Leach-Bliley Act (GLBA, a federal finance law). It requires 'financial institutions' to protect the confidentiality of customers' nonpublic personal information. The FTC defines that category broadly. It includes companies significantly engaged in financial products or services. Whether a given insurer is covered depends on the entity and the activity.

HIPAA (the HHS Privacy and Security Rules) can also apply. It covers protected health information held by a covered entity or its business associate. It does not trigger automatically in an insurance context. It all depends on the specific data and who holds it.

One more layer matters in the US. Insurance there is regulated mostly at the state level. State insurance commissioners and NAIC model laws add their own rules. Do not assume one federal rule covers everything.

FrameworkWhen it may applyWhat it targets
GDPR Article 9 (EU/UK)Whenever a file holds health dataSpecial category: processing prohibited by default
GLBA (US, FTC)If the entity meets the broad 'financial institution' definitionConfidentiality of customers' financial information
HIPAA (US, HHS)Protected health information + covered entity or associateDedicated Privacy and Security safeguards
State regulators (US)Insurance activity supervised at state levelNAIC model laws / insurance commissioners
Applicability depends on the data and the entity, never automatically. Sources: EUR-Lex (GDPR Art.9), FTC (GLBA).

What OWASP says about sensitive-data leaks

The risk isn't only theoretical. The OWASP Top 10 for LLM Applications lists 'Sensitive Information Disclosure' (LLM02:2025) among the top risks. A model can surface personal, financial or health data, credentials or proprietary data through its outputs.

OWASP also notes a key point. With inadequate controls, data entered by one user could in some cases be exposed to another. These are rare but recognised scenarios. For an insurance file, the stakes are direct.

The mitigation OWASP recommends is concrete. Sanitize and scrub data so user-supplied sensitive input doesn't enter training or get echoed back. Add strict access controls. Limit what the model can return. This supports a simple rule: strip identifiers before any prompt.

The fix: anonymise before you send

A defensible workflow takes a few steps. It removes the client identifiers, the policy and claim numbers, and the specific health and financial values. The model still reasons over the file's shape. You restore the real values locally, after the reply.

  • Client identifiers: name, address, ID number.
  • Policy and claim numbers.
  • Health values: diagnoses, procedures, care dates.
  • Financial values: bank details, salary, payout amounts.

Pair this with vetted tools, not a consumer chatbot. Sign a DPA (a Data Processing Agreement) or a BAA (a US healthcare Business Associate Agreement). Require no-training terms. Keep a human reviewer in the loop.

Two-part diagram: at top, a claim file with three rows — health, money, ID — all in the clear (amber) travels toward an AI card that receives the exposed file, with an amber high-risk alert; at bottom, the same file anonymized shows cobalt tokens under a shield, and the AI receives only tokens with a checkmark.
After GDPR Article 9 (EUR-Lex), the FTC's GLBA guidance, and the OWASP LLM02:2025 guidance on sensitive information disclosure.
  1. 1Spot the identifiers and sensitive values in the file.
  2. 2Replace them with reversible tokens, in the browser.
  3. 3Send only the anonymized text to the model.
  4. 4Restore the real values in the reply, locally.

That's what ONYRI Sanitize is for. The engine detects a file's sensitive data — health, bank details, salary, IDs, addresses — and replaces it with reversible tokens before sending. Detection and the mapping stay in your browser. Only anonymized text reaches the model. The AI finds only tokens, never the client's real values. You gain a precaution, to combine with the rules that GDPR, GLBA or HIPAA impose on your case.

Frequently asked questions

Is it safe to use AI for insurance work?
Yes for general questions, no with a raw file. AI can explain a clause, a claims procedure or a rule with no client data at all. But never paste a full file into a consumer ChatGPT: it stacks health, financial and ID data, the most sensitive mix there is. Anonymise those values before you send. This is risk reduction, not a compliance guarantee.
Which rules apply to insurance data?
It depends on the data and the entity. In Europe, GDPR Article 9 protects health data as special category. In the US, the GLBA (via the FTC) covers financial information held by 'financial institutions', and HIPAA covers protected health information held by a covered entity. State regulators add their own rules. None triggers automatically just because insurance is involved.
Can an AI really leak another client's data?
It's a recognised risk, but a rare one. The OWASP LLM02:2025 guidance lists sensitive information disclosure among the top LLM application risks. With inadequate controls, data entered by one user could in some cases be exposed to another. Stripping identifiers before any prompt reduces that risk directly.

Sources & references

Keep your sensitive data in your browser

ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.

Anonymize my prompt

Read next