3 Questions to Confirm Who Owns Your Agency’s Data

• November 1, 2025

By Kasey Connors

In today’s insurance landscape, agencies rely on technology for nearly every part of their business: client communication, policy management, quoting, claims and marketing. The lifeblood of an agency is its data, which flows through multiple vendor systems every day. But as more technology enters the picture, so do new risks.

For example, who really owns that data once it’s stored in a vendor’s system? What happens if an agency decides to switch platforms? And can agents freely connect their data across tools to build the client experience they want, or are they locked into whatever their vendor dictates?

These questions are not hypothetical. They’re issues that agencies across the country have run into, often at great cost. And for many, they remain unanswered.

“When agents adopt new technology, they may unknowingly give providers broad rights to use their data just by clicking through an end-user agreement,” cautions Cal Durland, executive director of the AUGIE Group. “It’s not just about the agency management systems—it’s about every tool agents allow into their workflows. If they don’t pause to read the fine print, they may find themselves out of compliance with carrier contracts or, worse, giving up control of their most valuable asset: their data.”

When independent agencies adopt new technology, few things are as critical as understanding who controls their data. Contracts with agency management systems (AMS), customer relationship management (CRM) systems and other InsurTech vendors often hold subtle language that can affect ownership, portability and integration of agency data.

“The good news is that agents can take steps today—review your contracts, ask the hard questions and understand how to undo permissions you may have previously granted,” Durland says. “Independent agents thrive on choice and flexibility, and that must extend to how they manage their data.”

Keith Savino, managing partner and cyber practice leader at Trucordia and chair of the AUGIE Group, connects the issue of who owns agency data back to everyday insurance principles.

“We talk about ‘care, custody and control’ every day when we sell policies. Those same principles apply to agency data,” he says. “Too many professionals assume that if the data is in the cloud, it’s always backed up and protected. That simply isn’t true. The time to ask who really has care, custody and control of your data is before a breach or a system change, not after.”

He also points out that data control doesn’t end when an agency changes its technology partner. “Data control is a cornerstone of our business, and it doesn’t end when an agent parts ways with a technology provider,” he says. “It’s critical to think ahead about retention and compliance.”

“While a vendor should shred your data once the relationship ends, agencies still need a strategy to maintain records for statutes of limitation that extend years into the future,” he adds.

A recent discussion hosted by the Big “I” Agents Council for Technology (ACT) with Rushang Shah, chief marketing officer at HawkSoft, and Mike Stansbury, managing principal at OneDigital, shed light on three essential questions every agency must ask:

1) Does the agreement give the vendor ownership of your agency data? Data ownership is often confused with data access, Shah explained. “For years, agencies ran everything through a single system,” he said. “Today, we’ve moved into a fragmented InsurTech stack, which makes ownership questions more complicated.”

The definition of data ownership matters. If a contract does not clearly state that the agency owns its data, vendors may assert usage or monetization rights. As a result, Shah urged agencies to get clarity in writing.

“Law favors the clear,” he said. “Make sure agreements clarify who has usage rights, what vendors can do with the data and who ultimately owns it.”

Stansbury agreed that the issue often comes down to fine print. “I’m a contract reader,” he said. “I began seeing clauses that implied vendors could copy our data or use it for their own purposes. That was a red flag. As agents, we need to protect the work product we create for our clients.”

Without explicit protections, agencies risk losing control of their most valuable asset. Before signing any new vendor agreement, ask directly, “Does this contract clearly state that we own our data?” If the answer is vague, request revisions or bring in legal counsel.

Both speakers encouraged agencies to pull out existing contracts and review them carefully—even if agreements were signed years ago.

Agents can strengthen their contracts by adding clear language that affirms their exclusive ownership of data, requires vendors to return and destroy it when the relationship ends, and limits its use strictly to delivering the contracted services.

2) What happens to your data if you leave the vendor? Even when agencies retain ownership of their data, moving it to a new vendor can be expensive and time-consuming. “Agencies are often surprised by fees, delays or incomplete exports,” Shah said. “They think, ‘I gave you this data, why am I paying to retrieve it?’ Unless expectations are clear up front, agencies face unexpected costs on the back end.”

Stansbury shared a personal story that illustrates the challenge. “Imagine renting a storage unit,” he said. “When you put your belongings in, it’s free. But when you go to take them out, the facility says, ‘That’ll be $7,000.’ That’s what happened to me when I moved AMS. I had to pay tens of thousands of dollars to access data that was mine all along.”

Further, the costs don’t stop with retrieval. Some vendors impose delays—90 days or more—before data is made available. Others provide exports in proprietary formats that make transferring to new systems difficult or incomplete.

“Agencies often don’t realize until it’s too late that the [data] export is partial, or in a proprietary format,” Shah said. “If you can’t move your full data set, you’re at risk of losing critical client information.”

Stansbury admitted he once paid more than $50,000 just to extend a contract long enough to preserve access to agency records.

“It’s never too late to pull your contract out and read it,” Stansbury said. “Understand what you’ve already signed. If necessary, bring in a third party to help you interpret the language. Don’t wait until you’re transitioning systems to find out it’ll cost you.”

To solve this issue, agents should look for commitments to deliver data in open, usable formats, such as CSV or JSON, not proprietary files that lock you in. Document these answers in writing and, if possible, attach them as an addendum to the contract.

ACT and the Big “I” offer sample contract language that agencies can use to negotiate better terms before signing. These resources can help ensure agencies retain timely, affordable and complete access to their data when changing vendors. Go to iamagazine.com and search for “Independent Agents Own Their Data But Contract Language Is Still Important” to access the sample language.

3) Does the vendor allow you to integrate with other platforms? Agencies must ask whether vendors give them the freedom to integrate their data with third-party platforms. Shah framed it as a question of independence.

“One of the fundamental value propositions of an independent agent is freedom of choice,” he said. “Your technology should support that same freedom. If you go with a vendor, can you integrate with other tools to differentiate your agency or are you locked in?”

Many vendors market themselves as platforms but still restrict integrations or charge high fees for application programming interfaces (APIs). This limits an agency’s ability to build a customized technology stack.

“Your data is only as strong as the weakest link in your InsurTech stack,” Shah explained. “If one vendor controls access, it undermines your ability to innovate.”

Stansbury agreed, noting that integration is central to client experience. “For independent agencies, we serve clients across multiple carriers and products,” he said. “To deliver a seamless experience, we need technology that talks to each other. If a vendor walls off our data, it hurts not just us, but our clients.”

Agencies should ask vendors direct questions about integration: Will data be accessible through standard formats? Are APIs open or closed? What rights does the vendor claim over third-party usage? These details determine whether an agency can continue adapting its tech stack to serve clients better.

A Call to Action for Agencies

The panel closed with practical advice. Shah distilled the discussion into three must-ask questions:

• What does the agreement say about ownership?
• What happens to my data if I leave?
• Do I have freedom of choice to integrate?

Stansbury’s final message was more personal. “You are in control. It is your data. But with a single signature, you can give that control away,” he said. “Don’t assume your vendor’s default contract protects you. Ask the questions, get it in writing and don’t be afraid to negotiate.”

He also pointed out that sometimes vendors simply need to be reminded of what’s in the contract. “We had to bring in a third party just to make a vendor honor what was already written,” he said. “They were denying us access until we pushed back. It was a waste of time, but it reinforced why clarity up front is so important.”

Independent agencies thrive on their ability to serve clients with freedom and flexibility. But that same freedom must extend to how they manage their data. As technology stacks grow more complex, agencies cannot afford to overlook ownership, portability and integration. By asking the right questions up front, reviewing contracts carefully and leveraging industry resources, agencies can protect their most valuable asset—their data—and ensure it continues to serve their clients, not their vendors.

Kasey Connors is executive director of the Big “I” Agents Council for Technology.