Case Study - GenAI Negotiations

Case Study – OpenAI Advisory Services – U.S. Insurance Firm – Secured Data & Capped AI Spend

Case Study – OpenAI Advisory Services – U.S. Insurance Firm – Secured Data & Capped AI Spend

Case Study – OpenAI Advisory Services – U S Insurance Firm – Secured Data & Capped AI Spend Backgro

Background

A mid-sized U.S. insurance company had been piloting GPT tools to enhance customer service and streamline claims processing. Early trials of a GPT-based virtual assistant demonstrated promise in providing quick customer answers and efficient claims review.

The insurer then moved to formalize a long-term OpenAI (Azure) contract to scale these capabilities enterprise-wide. Yet, as an insurer handling sensitive personal data, they were extremely cautious.

Any AI agreement would need to strictly protect client information and maintain predictable costs to satisfy regulators and the firm’s risk standards.

Challenges

Reviewing the standard OpenAI service contract, the insurer uncovered several red flags. The default data usage clause would have permitted the AI provider to retain and reuse the insurer’s data for model training – an unacceptable risk under privacy laws and company policy.

The contract also lacked any spending cap – if AI usage surged during a disaster, costs could skyrocket. Liability terms were also one-sided: if the AI made a bad recommendation, the insurer would bear all the risk.

Lacking AI contract experience, leadership worried about signing away data control or inviting compliance and budget disasters. They decided to hire an expert to conduct an AI contract risk review, pinpointing and addressing these dangers before moving forward.

How Redress Compliance Helped

Redress Compliance provided a comprehensive OpenAI Contract Risk Review for the insurer. The Redress team scrutinized the draft agreement and immediately highlighted critical issues. To protect data privacy, they revised the contract to prohibit OpenAI from storing any customer data beyond the provision of the service.

All policyholder data would have to be deleted after processing and never used to train the vendor’s models. Next, Redress implemented cost controls, including a clause that capped monthly usage charges and required detailed usage reports, ensuring the firm could never be billed above an agreed-upon limit without approval.

This essentially put a ceiling on AI spend and eliminated the risk of billing surprises during peak claim periods. Redress also adjusted liability. They negotiated shared responsibility if the AI’s output caused a major error. For example, if the GPT assistant gave incorrect coverage advice, the vendor would help remediate the issue instead of leaving the insurer solely liable.

As an extra safety measure, Redress included a requirement for the AI to provide explainability (confidence scores or rationale for its answers) to give the company oversight of automated decisions.

Each change was supported by references to insurance regulations and standard industry practices, helping bring the vendor on board with the adjustments.

Outcome and Impact

With Redress Compliance’s guidance, the insurance firm secured an AI contract it could trust.

Sensitive customer data is now safeguarded: the final agreement prohibits any secondary use of policyholder information and mandates strict data deletion practices, ensuring that no client data will be retained or repurposed.

Financial exposure is controlled through the new spend cap and oversight provisions – even if AI usage spikes during a catastrophe, the company won’t face runaway bills. The balanced liability terms further reduce operational risk.

The insurer can integrate GPT into critical workflows, knowing that if the AI ever makes a serious mistake, the vendor will help make it right and support remediation.

By conducting a thorough GenAI licensing review up front, the company likely avoided significant unforeseen costs and compliance nightmares.

What was once a risky contract became a secure, compliant partnership. Leadership can now move forward with AI innovation confident that both customer data and the company’s bottom line are protected.

Client Testimonial

“Our priority was protecting our customers and our budget – Redress Compliance made sure the AI contract did both,” said the CIO of the insurance firm. “They caught the clauses that would have put us at risk and rewrote them in our favor.

We now have an AI agreement with strong data safeguards and cost controls. Redress gave our legal and IT teams the expertise to negotiate confidently. We can innovate with AI now, knowing we’re protected on all fronts.”

Call-to-Action

Getting ready to adopt AI but concerned about hidden risks in the contract? Redress Compliance can be your safety net. Our AI contract risk advisory experts will spot and fix fine print issues – from data use to cost exposure – before you sign. Don’t let unseen pitfalls derail your AI project. Contact Redress Compliance to secure an AI agreement that meets your compliance standards and business goals.

Read about our GenAI Negotiation Services.

Read about our other GenAI Negotiation Case Studies.

Would you like to discuss our GenAI Negotiation Services with us?

Please enable JavaScript in your browser to complete this form.
Name
Author
  • Fredrik Filipsson

    Fredrik Filipsson is the co-founder of Redress Compliance, a leading independent advisory firm specializing in Oracle, Microsoft, SAP, IBM, and Salesforce licensing. With over 20 years of experience in software licensing and contract negotiations, Fredrik has helped hundreds of organizations—including numerous Fortune 500 companies—optimize costs, avoid compliance risks, and secure favorable terms with major software vendors. Fredrik built his expertise over two decades working directly for IBM, SAP, and Oracle, where he gained in-depth knowledge of their licensing programs and sales practices. For the past 11 years, he has worked as a consultant, advising global enterprises on complex licensing challenges and large-scale contract negotiations.

    View all posts

Redress Compliance