If your SaaS platform sells into insurance carriers, MGAs, or reinsurers, the compliance stack is unlike any other vertical: NAIC Model Laws enforced state-by-state, HIPAA for health carriers, NYDFS Circular Letter 2023-01 for AI-driven underwriting, PCI DSS for premium payment flows, and the GLBA Safeguards Rule for every non-bank financial institution that handles non-public personal information.
This article covers 5 import-ready n8n workflows built specifically for InsurTech SaaS vendors. Each one is tuned to the regulatory timelines and incident response windows that state DOI examiners and your enterprise carrier customers will ask about in security reviews.
Who This Is For
| Tier | Compliance Drivers |
|---|---|
LARGE_PROPERTY_CASUALTY_CARRIER |
NAIC Model Laws, state DOI market conduct exams, GLBA Safeguards Rule |
HEALTH_INSURANCE_CARRIER |
HIPAA 45 CFR Part 164, ACA §1557, state DOI market conduct |
LIFE_ANNUITY_CARRIER |
NAIC Model #880 (suitability), GLBA, state DOI, actuarial opinion filing |
SPECIALTY_LINES_CARRIER |
E&S market conduct, Lloyd's standards, NAIC Model, surplus lines tax |
INSURTECH_MGA |
Producer licensing, binding authority limits, state DOI, NAIC Model |
REINSURER |
NAIC Model #785 (credit-for-reinsurance), recoverables audit, RBC filing |
INSURANCE_ANALYTICS_PLATFORM |
NYDFS Circular Letter 2023-01 AI/ML, FCRA §1681b (if scoring consumers) |
Compliance flags your workflows use for routing:
-
NAIC_MODEL_LAW_APPLICABLE— core state-filed rate/form and market conduct obligations -
STATE_DOI_MARKET_CONDUCT_APPLICABLE— active or scheduled DOI examination -
HIPAA_COVERED_ENTITY— health insurance carrier PHI obligations -
NYDFS_CIRCULAR_2023_01_AI— AI/ML used in NY underwriting or claims decisions -
PCI_DSS_PREMIUM_PAYMENT— payment card data in premium collection -
GLBA_SAFEGUARDS_RULE— 16 CFR Part 314 annual safeguards review required
Workflow 1: InsurTech Customer Onboarding Drip
Trigger: Webhook — new insurance carrier account created.
What it does: Classifies the carrier tier and active compliance flags, then sends a 3-step onboarding drip tailored to their regulatory profile: Day 0 welcome with tier-specific compliance resources, Day 3 integration walkthrough, Day 7 compliance check-in.
{
"name": "InsurTech Customer Onboarding Drip",
"nodes": [
{
"id": "w1n1",
"name": "Webhook",
"type": "n8n-nodes-base.webhook",
"typeVersion": 1,
"position": [
240,
300
],
"parameters": {
"path": "insurtech-onboarding",
"responseMode": "onReceived"
}
},
{
"id": "w1n2",
"name": "Classify Tier and Flags",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
460,
300
],
"parameters": {
"jsCode": "const d=$input.first().json;\nconst carrier_type=(d.carrier_type||'').toUpperCase();\nconst tiers=['LARGE_PROPERTY_CASUALTY_CARRIER','HEALTH_INSURANCE_CARRIER','LIFE_ANNUITY_CARRIER','SPECIALTY_LINES_CARRIER','INSURTECH_MGA','REINSURER','INSURANCE_ANALYTICS_PLATFORM'];\nconst tier=tiers.includes(carrier_type)?carrier_type:'INSURTECH_MGA';\nconst flags={\n NAIC_MODEL_LAW_APPLICABLE:true,\n STATE_DOI_MARKET_CONDUCT_APPLICABLE:!!d.active_doi_exam,\n HIPAA_COVERED_ENTITY:tier==='HEALTH_INSURANCE_CARRIER',\n NYDFS_CIRCULAR_2023_01_AI:!!d.uses_ai_underwriting&&d.domicile_state==='NY',\n PCI_DSS_PREMIUM_PAYMENT:!!d.accepts_card_payment,\n GLBA_SAFEGUARDS_RULE:true\n};\nconst note=flags.HIPAA_COVERED_ENTITY?'HIPAA BAA is required \u2014 your covered entity obligations begin at go-live.':flags.NYDFS_CIRCULAR_2023_01_AI?'NYDFS Circular Letter 2023-01 requires AI explainability logs for NY underwriting decisions.':'GLBA Safeguards Rule 16 CFR Part 314 annual review is required within 12 months of go-live.';\nreturn [{json:{...d,tier,flags,compliance_note:note,onboarding_ts:new Date().toISOString()}}];"
}
},
{
"id": "w1n3",
"name": "Gmail Day 0 Welcome",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
680,
300
],
"parameters": {
"operation": "send",
"toList": "={{ $json.contact_email }}",
"subject": "Welcome to [Platform] \u2014 {{ $json.tier }} compliance resources enclosed",
"message": "Hi {{ $json.contact_name }},\n\nWelcome. {{ $json.compliance_note }}\n\nYour {{ $json.tier }} integration guide and DOI filing calendar template are attached.\n\nBest,\nThe [Platform] Team",
"options": {}
}
},
{
"id": "w1n4",
"name": "Log to Sheets",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4,
"position": [
900,
300
],
"parameters": {
"operation": "append",
"documentId": "YOUR_SHEET_ID",
"sheetName": "onboarding_log",
"columns": {
"mappingMode": "autoMapInputData"
}
}
},
{
"id": "w1n5",
"name": "Wait 3 Days",
"type": "n8n-nodes-base.wait",
"typeVersion": 1,
"position": [
1120,
300
],
"parameters": {
"amount": 3,
"unit": "days"
}
},
{
"id": "w1n6",
"name": "Gmail Day 3 Integration Tips",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1340,
300
],
"parameters": {
"operation": "send",
"toList": "={{ $json.contact_email }}",
"subject": "Day 3: Policy admin, payment, and DOI filing integrations",
"message": "Hi {{ $json.contact_name }},\n\nDay 3 check-in. Top integrations our {{ $json.tier }} customers connect first:\n\n1. Policy administration system (webhook or REST API)\n2. Premium payment processor \u2014 PCI scope boundary clarification enclosed\n3. State DOI filing portal\n\nDoc: [link]\n\nBest,\nThe [Platform] Team",
"options": {}
}
},
{
"id": "w1n7",
"name": "Wait 4 More Days",
"type": "n8n-nodes-base.wait",
"typeVersion": 1,
"position": [
1560,
300
],
"parameters": {
"amount": 4,
"unit": "days"
}
},
{
"id": "w1n8",
"name": "Gmail Day 7 Compliance Check-in",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1780,
300
],
"parameters": {
"operation": "send",
"toList": "={{ $json.contact_email }}",
"subject": "Day 7: Quick compliance check-in for your {{ $json.tier }} account",
"message": "Hi {{ $json.contact_name }},\n\nWeek 1 complete. Three questions before your first DOI exam cycle:\n\n1. NAIC annual statement filing tracker loaded?\n2. State DOI market conduct calendar configured?\n3. {{ $json.compliance_note }}\n\nBook a 30-min compliance review: [link]\n\nBest,\nThe [Platform] Team",
"options": {}
}
}
],
"connections": {
"Webhook": {
"main": [
[
{
"node": "Classify Tier and Flags",
"type": "main",
"index": 0
}
]
]
},
"Classify Tier and Flags": {
"main": [
[
{
"node": "Gmail Day 0 Welcome",
"type": "main",
"index": 0
}
]
]
},
"Gmail Day 0 Welcome": {
"main": [
[
{
"node": "Log to Sheets",
"type": "main",
"index": 0
}
]
]
},
"Log to Sheets": {
"main": [
[
{
"node": "Wait 3 Days",
"type": "main",
"index": 0
}
]
]
},
"Wait 3 Days": {
"main": [
[
{
"node": "Gmail Day 3 Integration Tips",
"type": "main",
"index": 0
}
]
]
},
"Gmail Day 3 Integration Tips": {
"main": [
[
{
"node": "Wait 4 More Days",
"type": "main",
"index": 0
}
]
]
},
"Wait 4 More Days": {
"main": [
[
{
"node": "Gmail Day 7 Compliance Check-in",
"type": "main",
"index": 0
}
]
]
}
}
}
Workflow 2: State DOI Market Conduct & Regulatory Filing Monitor
Trigger: Daily at 8 AM.
What it does: Reads a Google Sheet of active state DOI filings and market conduct exam deadlines. Classifies each by urgency — OVERDUE, CRITICAL (≤14 days), URGENT (≤45 days), WARNING (≤90 days), NOTICE (≤120 days). Sends Slack alerts to #regulatory-compliance and emails the filing owner for anything needing action.
Key angle: State DOI market conduct exams are not a single federal event — each state has its own cycle and response window. Missing a response deadline is a separate violation from the original conduct issue. This workflow keeps every state filing visible in one place.
{
"name": "State DOI Market Conduct & Regulatory Filing Monitor",
"nodes": [
{
"id": "w2n1",
"name": "Schedule Daily 8AM",
"type": "n8n-nodes-base.scheduleTrigger",
"typeVersion": 1,
"position": [
240,
300
],
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 8 * * *"
}
]
}
}
},
{
"id": "w2n2",
"name": "Read Regulatory Filings Sheet",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4,
"position": [
460,
300
],
"parameters": {
"operation": "readAllRows",
"documentId": "YOUR_SHEET_ID",
"sheetName": "regulatory_filings"
}
},
{
"id": "w2n3",
"name": "Classify Filing Urgency",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
680,
300
],
"parameters": {
"jsCode": "const today=new Date();\nconst rows=$input.all().map(item=>{\n const d=item.json;\n const due=new Date(d.due_date);\n const days=Math.ceil((due-today)/(1000*60*60*24));\n let urgency,color;\n if(days<0){urgency='OVERDUE';color='#FF0000';}\n else if(days<=14){urgency='CRITICAL';color='#FF4500';}\n else if(days<=45){urgency='URGENT';color='#FF8C00';}\n else if(days<=90){urgency='WARNING';color='#FFD700';}\n else if(days<=120){urgency='NOTICE';color='#90EE90';}\n else return null;\n return {json:{...d,days_until_due:days,urgency,color}};\n}).filter(Boolean);\nif(rows.length===0)return [{json:{no_action:true,checked_at:today.toISOString()}}];\nreturn rows;"
}
},
{
"id": "w2n4",
"name": "IF Any Alerts",
"type": "n8n-nodes-base.if",
"typeVersion": 1,
"position": [
900,
300
],
"parameters": {
"conditions": {
"boolean": [
{
"value1": "={{ $json.no_action }}",
"value2": true,
"operation": "notEqual"
}
]
}
}
},
{
"id": "w2n5",
"name": "Slack #regulatory-compliance",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1120,
220
],
"parameters": {
"operation": "post",
"channel": "#regulatory-compliance",
"text": "=*DOI/NAIC Filing Alert \u2014 {{ $json.urgency }}*\nFiling: {{ $json.filing_type }}\nState: {{ $json.state }}\nDue: {{ $json.due_date }} ({{ $json.days_until_due }} days)\nOwner: {{ $json.owner }}\nCitation: {{ $json.regulation_citation }}",
"otherOptions": {}
}
},
{
"id": "w2n6",
"name": "Gmail Regulatory Team",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1120,
420
],
"parameters": {
"operation": "send",
"toList": "={{ $json.owner_email }}",
"subject": "[{{ $json.urgency }}] {{ $json.state }} DOI filing due {{ $json.due_date }}",
"message": "Filing: {{ $json.filing_type }}\nState: {{ $json.state }}\nDue Date: {{ $json.due_date }} ({{ $json.days_until_due }} days)\nRegulation: {{ $json.regulation_citation }}\nNAIC Accreditation: {{ $json.naic_accreditation_state }}\n\nPlease confirm this is on track or escalate to compliance officer.",
"options": {}
}
}
],
"connections": {
"Schedule Daily 8AM": {
"main": [
[
{
"node": "Read Regulatory Filings Sheet",
"type": "main",
"index": 0
}
]
]
},
"Read Regulatory Filings Sheet": {
"main": [
[
{
"node": "Classify Filing Urgency",
"type": "main",
"index": 0
}
]
]
},
"Classify Filing Urgency": {
"main": [
[
{
"node": "IF Any Alerts",
"type": "main",
"index": 0
}
]
]
},
"IF Any Alerts": {
"main": [
[
{
"node": "Slack #regulatory-compliance",
"type": "main",
"index": 0
},
{
"node": "Gmail Regulatory Team",
"type": "main",
"index": 0
}
],
[]
]
}
}
}
Workflow 3: NAIC/HIPAA/NYDFS/GLBA Compliance Deadline Tracker
Trigger: Weekdays at 8 AM.
What it does: Reads a compliance calendar with 14 deadline types and routes alerts by urgency. Covers the full InsurTech regulatory stack — NAIC annual statement filings, HIPAA annual security risk analysis (45 CFR §164.308(a)(1)), NYDFS Circular Letter 2023-01 AI disclosure, NYDFS §500.17(b) February 15 cybersecurity certification, PCI DSS annual assessment, and GLBA Safeguards annual review.
Supported deadline types:
-
NAIC_ANNUAL_STATEMENT_FILING— NAIC blanks, state-specific statutory filing -
STATE_DOI_MARKET_CONDUCT_EXAM— state DOI examination response window -
HIPAA_ANNUAL_SECURITY_RISK_ANALYSIS— 45 CFR §164.308(a)(1) annual SRA -
HIPAA_BREACH_NOTIFICATION_60DAY— 45 CFR §164.408 OCR 60-day notification window -
NYDFS_CIRCULAR_2023_01_AI_DISCLOSURE— Circular Letter 2023-01 AI/ML underwriting disclosure -
NYDFS_PART_500_ANNUAL_CERT— 23 NYCRR §500.17(b) February 15 annual certification -
PCI_DSS_ANNUAL_ASSESSMENT— PCI DSS 4.0 ROC or SAQ -
GLBA_SAFEGUARDS_ANNUAL_REVIEW— 16 CFR Part 314 annual review -
STATE_UNFAIR_TRADE_PRACTICES_EXAM— state UTP Act market conduct exam -
REINSURANCE_RECOVERABLES_AUDIT— NAIC Model #785 credit-for-reinsurance -
ACTUARIAL_OPINION_ANNUAL— NAIC actuarial opinion and memorandum -
RISK_BASED_CAPITAL_FILING— NAIC RBC annual filing -
SOC2_TYPE2_RENEWAL— SOC 2 Type II annual renewal -
ANNUAL_PENTEST— annual penetration test
{
"name": "NAIC/HIPAA/NYDFS/GLBA Compliance Deadline Tracker",
"nodes": [
{
"id": "w3n1",
"name": "Schedule Weekdays 8AM",
"type": "n8n-nodes-base.scheduleTrigger",
"typeVersion": 1,
"position": [
240,
300
],
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 8 * * 1-5"
}
]
}
}
},
{
"id": "w3n2",
"name": "Read Compliance Calendar",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4,
"position": [
460,
300
],
"parameters": {
"operation": "readAllRows",
"documentId": "YOUR_SHEET_ID",
"sheetName": "compliance_calendar"
}
},
{
"id": "w3n3",
"name": "Evaluate Deadlines",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
680,
300
],
"parameters": {
"jsCode": "const today=new Date();\nconst DEADLINE_TYPES={\n NAIC_ANNUAL_STATEMENT_FILING:'NAIC blanks \u2014 state-specific statutory filing',\n STATE_DOI_MARKET_CONDUCT_EXAM:'State DOI market conduct examination response',\n HIPAA_ANNUAL_SECURITY_RISK_ANALYSIS:'HIPAA 45 CFR \u00a7164.308(a)(1) annual SRA',\n HIPAA_BREACH_NOTIFICATION_60DAY:'HIPAA 45 CFR \u00a7164.408 \u2014 60-day OCR notification window',\n NYDFS_CIRCULAR_2023_01_AI_DISCLOSURE:'NYDFS Circular Letter 2023-01 AI/ML underwriting disclosure',\n NYDFS_PART_500_ANNUAL_CERT:'NYDFS 23 NYCRR \u00a7500.17(b) annual cybersecurity certification (Feb 15)',\n PCI_DSS_ANNUAL_ASSESSMENT:'PCI DSS 4.0 Report on Compliance or SAQ',\n GLBA_SAFEGUARDS_ANNUAL_REVIEW:'GLBA Safeguards Rule 16 CFR Part 314 annual review',\n STATE_UNFAIR_TRADE_PRACTICES_EXAM:'State Unfair Trade Practices Act market conduct exam',\n REINSURANCE_RECOVERABLES_AUDIT:'NAIC Model #785 credit-for-reinsurance recoverables audit',\n ACTUARIAL_OPINION_ANNUAL:'NAIC actuarial opinion and memorandum annual filing',\n RISK_BASED_CAPITAL_FILING:'NAIC RBC annual filing',\n SOC2_TYPE2_RENEWAL:'SOC 2 Type II annual renewal',\n ANNUAL_PENTEST:'Annual penetration test'\n};\nconst alerts=$input.all().map(item=>{\n const d=item.json;\n if(!DEADLINE_TYPES[d.deadline_type])return null;\n const due=new Date(d.due_date);\n const days=Math.ceil((due-today)/(1000*60*60*24));\n let urgency;\n if(days<0)urgency='OVERDUE';\n else if(days<=14)urgency='CRITICAL';\n else if(days<=45)urgency='URGENT';\n else if(days<=90)urgency='WARNING';\n else if(days<=120)urgency='NOTICE';\n else return null;\n const dedup_key=`${d.deadline_type}_${d.due_date}`;\n return {json:{...d,urgency,days_until_due:days,regulatory_note:DEADLINE_TYPES[d.deadline_type],dedup_key}};\n}).filter(Boolean);\nif(alerts.length===0)return [{json:{no_alerts:true}}];\nreturn alerts;"
}
},
{
"id": "w3n4",
"name": "IF Alerts Exist",
"type": "n8n-nodes-base.if",
"typeVersion": 1,
"position": [
900,
300
],
"parameters": {
"conditions": {
"boolean": [
{
"value1": "={{ $json.no_alerts }}",
"value2": true,
"operation": "notEqual"
}
]
}
}
},
{
"id": "w3n5",
"name": "Slack #compliance-ops",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1120,
220
],
"parameters": {
"operation": "post",
"channel": "#compliance-ops",
"text": "=*[{{ $json.urgency }}] InsurTech Compliance Deadline \u2014 {{ $json.days_until_due }} days*\nType: {{ $json.deadline_type }}\nDue: {{ $json.due_date }}\nNote: {{ $json.regulatory_note }}\nOwner: {{ $json.owner }}",
"otherOptions": {}
}
},
{
"id": "w3n6",
"name": "Gmail Compliance Owner",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1120,
420
],
"parameters": {
"operation": "send",
"toList": "={{ $json.owner_email }}",
"subject": "[{{ $json.urgency }}] {{ $json.deadline_type }} due {{ $json.due_date }}",
"message": "Compliance Deadline Alert\n\nType: {{ $json.deadline_type }}\nDue: {{ $json.due_date }} ({{ $json.days_until_due }} days)\nRegulatory basis: {{ $json.regulatory_note }}\n\nPlease confirm this is on track.",
"options": {}
}
}
],
"connections": {
"Schedule Weekdays 8AM": {
"main": [
[
{
"node": "Read Compliance Calendar",
"type": "main",
"index": 0
}
]
]
},
"Read Compliance Calendar": {
"main": [
[
{
"node": "Evaluate Deadlines",
"type": "main",
"index": 0
}
]
]
},
"Evaluate Deadlines": {
"main": [
[
{
"node": "IF Alerts Exist",
"type": "main",
"index": 0
}
]
]
},
"IF Alerts Exist": {
"main": [
[
{
"node": "Slack #compliance-ops",
"type": "main",
"index": 0
},
{
"node": "Gmail Compliance Owner",
"type": "main",
"index": 0
}
],
[]
]
}
}
}
Workflow 4: InsurTech Security Incident and HIPAA/NYDFS/PCI Breach Pipeline
Trigger: Webhook — incident detected in your platform.
What it does: Classifies the incident type, calculates the regulatory response window, fires an immediate Slack alert to the right channel, logs to Postgres with an immutable audit trail, and emails CISO + Legal with the exact regulatory citation and required action.
Supported incident types with response windows:
-
PHI_UNAUTHORIZED_ACCESS— HIPAA 45 CFR §164.408: notify OCR within 60 days, affected individuals within 60 days, media if >500 in a state -
PREMIUM_PAYMENT_DATA_BREACH— PCI DSS 4.0: notify acquirer within 72 hours; card brand within 24h if >10,000 accounts -
NYDFS_CYBERSECURITY_INCIDENT— 23 NYCRR §500.17: 72-hour notice to NYDFS -
AI_MODEL_ADVERSE_DECISION_COMPLAINT— NYDFS Circular Letter 2023-01: maintain explainability log; DOI may examine during market conduct -
STATE_DOI_MARKET_CONDUCT_TRIGGER— preserve all underwriting and claims records immediately -
GLBA_NPI_UNAUTHORIZED_DISCLOSURE— 16 CFR §314.15: notify FTC if >500 customers affected
{
"name": "InsurTech Security Incident and HIPAA/NYDFS/PCI Breach Pipeline",
"nodes": [
{
"id": "w4n1",
"name": "Webhook Incident",
"type": "n8n-nodes-base.webhook",
"typeVersion": 1,
"position": [
240,
300
],
"parameters": {
"path": "insurtech-incident",
"responseMode": "onReceived"
}
},
{
"id": "w4n2",
"name": "Classify Incident",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
460,
300
],
"parameters": {
"jsCode": "const d=$input.first().json;\nconst INCIDENTS={\n PHI_UNAUTHORIZED_ACCESS:{severity:'CRITICAL',window_hours:1,notify:'OCR within 60 days \u2014 HIPAA 45 CFR \u00a7164.408',slack:'#incident-response'},\n PREMIUM_PAYMENT_DATA_BREACH:{severity:'CRITICAL',window_hours:1,notify:'PCI DSS 4.0 \u2014 notify acquirer within 72 hours; card brand within 24h if >10,000 accounts',slack:'#incident-response'},\n NYDFS_CYBERSECURITY_INCIDENT:{severity:'CRITICAL',window_hours:72,notify:'NYDFS 23 NYCRR \u00a7500.17 \u2014 72-hour notice to NYDFS',slack:'#incident-response'},\n AI_MODEL_ADVERSE_DECISION_COMPLAINT:{severity:'HIGH',window_hours:48,notify:'NYDFS Circular Letter 2023-01 \u2014 maintain explainability log; DOI may examine',slack:'#compliance-ops'},\n STATE_DOI_MARKET_CONDUCT_TRIGGER:{severity:'HIGH',window_hours:24,notify:'State DOI market conduct exam trigger \u2014 preserve all underwriting records',slack:'#regulatory-compliance'},\n GLBA_NPI_UNAUTHORIZED_DISCLOSURE:{severity:'HIGH',window_hours:24,notify:'GLBA Safeguards Rule 16 CFR \u00a7314.15 \u2014 notify FTC if >500 customers',slack:'#incident-response'}\n};\nconst type=d.incident_type||'UNKNOWN';\nconst meta=INCIDENTS[type]||{severity:'MEDIUM',window_hours:72,notify:'Internal review \u2014 classify and escalate',slack:'#incident-response'};\nreturn [{json:{...d,incident_type:type,...meta,detected_at:new Date().toISOString()}}];"
}
},
{
"id": "w4n3",
"name": "Slack Immediate Alert",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
680,
220
],
"parameters": {
"operation": "post",
"channel": "={{ $json.slack }}",
"text": "=:rotating_light: *InsurTech Security Incident \u2014 {{ $json.severity }}*\nType: {{ $json.incident_type }}\nDetected: {{ $json.detected_at }}\nWindow: {{ $json.window_hours }}h\nAction: {{ $json.notify }}\nReporter: {{ $json.reporter }}",
"otherOptions": {}
}
},
{
"id": "w4n4",
"name": "Log to Postgres",
"type": "n8n-nodes-base.postgres",
"typeVersion": 2,
"position": [
680,
420
],
"parameters": {
"operation": "executeQuery",
"query": "INSERT INTO insurtech_incidents(incident_type,severity,window_hours,regulatory_note,reporter,detected_at,raw_payload) VALUES($1,$2,$3,$4,$5,$6,$7::jsonb)",
"additionalFields": {
"queryParams": "={{ [$json.incident_type,$json.severity,$json.window_hours,$json.notify,$json.reporter,$json.detected_at,JSON.stringify($json)] }}"
}
}
},
{
"id": "w4n5",
"name": "Gmail CISO and Legal",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
900,
300
],
"parameters": {
"operation": "send",
"toList": "ciso@yourcompany.com",
"ccList": "legal@yourcompany.com",
"subject": "[{{ $json.severity }}] InsurTech Incident \u2014 {{ $json.incident_type }} \u2014 {{ $json.window_hours }}h window",
"message": "Incident Type: {{ $json.incident_type }}\nSeverity: {{ $json.severity }}\nDetected: {{ $json.detected_at }}\nRegulatory window: {{ $json.window_hours }} hours\n\nRequired action: {{ $json.notify }}\n\nStart incident log immediately. Do not communicate externally without legal review.",
"options": {}
}
}
],
"connections": {
"Webhook Incident": {
"main": [
[
{
"node": "Classify Incident",
"type": "main",
"index": 0
}
]
]
},
"Classify Incident": {
"main": [
[
{
"node": "Slack Immediate Alert",
"type": "main",
"index": 0
},
{
"node": "Log to Postgres",
"type": "main",
"index": 0
}
]
]
},
"Slack Immediate Alert": {
"main": [
[
{
"node": "Gmail CISO and Legal",
"type": "main",
"index": 0
}
]
]
},
"Log to Postgres": {
"main": [
[]
]
}
}
}
Workflow 5: Weekly InsurTech Platform KPI Dashboard
Trigger: Every Monday at 8 AM.
What it does: Reads platform metrics and compliance events, builds a WoW comparison table, and emails the CEO with a BCC to the CISO — the CISO BCC is intentional: it closes the governance loop between commercial performance and open compliance incidents on one weekly read.
KPIs tracked: MRR (WoW%), active accounts, premium volume processed, active DOI filings, open HIPAA incidents, open NYDFS incidents.
{
"name": "Weekly InsurTech Platform KPI Dashboard",
"nodes": [
{
"id": "w5n1",
"name": "Schedule Monday 8AM",
"type": "n8n-nodes-base.scheduleTrigger",
"typeVersion": 1,
"position": [
240,
300
],
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 8 * * 1"
}
]
}
}
},
{
"id": "w5n2",
"name": "Read Platform Metrics",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4,
"position": [
460,
300
],
"parameters": {
"operation": "readAllRows",
"documentId": "YOUR_SHEET_ID",
"sheetName": "platform_metrics"
}
},
{
"id": "w5n3",
"name": "Read Compliance Events",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4,
"position": [
460,
480
],
"parameters": {
"operation": "readAllRows",
"documentId": "YOUR_SHEET_ID",
"sheetName": "compliance_events"
}
},
{
"id": "w5n4",
"name": "Merge Metrics",
"type": "n8n-nodes-base.merge",
"typeVersion": 2,
"position": [
680,
380
],
"parameters": {
"mode": "combine",
"combinationMode": "multiplex"
}
},
{
"id": "w5n5",
"name": "Build KPI Report",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
900,
380
],
"parameters": {
"jsCode": "const metrics=$input.all().map(i=>i.json);\nconst m=metrics[0]||{};\nconst prev=metrics[1]||{};\nconst pctChg=(curr,prev)=>prev&&prev!=0?((curr-prev)/prev*100).toFixed(1)+'%':'N/A';\nconst hipaa_open=metrics.filter(x=>x.incident_type==='PHI_UNAUTHORIZED_ACCESS'&&x.status==='OPEN').length;\nconst nydfs_open=metrics.filter(x=>x.incident_type==='NYDFS_CYBERSECURITY_INCIDENT'&&x.status==='OPEN').length;\nconst html=`<h2>InsurTech Platform Weekly KPI \u2014 ${new Date().toISOString().split('T')[0]}</h2><table border=1 cellpadding=4><tr><th>Metric</th><th>This Week</th><th>Prior Week</th><th>WoW</th></tr><tr><td>MRR ($)</td><td>${m.mrr||0}</td><td>${prev.mrr||0}</td><td>${pctChg(m.mrr,prev.mrr)}</td></tr><tr><td>Active Accounts</td><td>${m.active_accounts||0}</td><td>${prev.active_accounts||0}</td><td>${pctChg(m.active_accounts,prev.active_accounts)}</td></tr><tr><td>Premium Volume Processed ($)</td><td>${m.premium_volume||0}</td><td>${prev.premium_volume||0}</td><td>${pctChg(m.premium_volume,prev.premium_volume)}</td></tr><tr><td>Active DOI Filings</td><td>${m.active_doi_filings||0}</td><td>\u2014</td><td>\u2014</td></tr><tr><td>HIPAA Open Incidents</td><td style='color:${hipaa_open>0?'red':'green'}'>${hipaa_open}</td><td>\u2014</td><td>\u2014</td></tr><tr><td>NYDFS Open Incidents</td><td style='color:${nydfs_open>0?'red':'green'}'>${nydfs_open}</td><td>\u2014</td><td>\u2014</td></tr></table>`;\nreturn [{json:{...m,html_report:html,report_date:new Date().toISOString().split('T')[0]}}];"
}
},
{
"id": "w5n6",
"name": "Gmail CEO BCC CISO",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1120,
300
],
"parameters": {
"operation": "send",
"toList": "ceo@yourcompany.com",
"bccList": "ciso@yourcompany.com",
"subject": "Weekly InsurTech KPI \u2014 {{ $json.report_date }}",
"message": "={{ $json.html_report }}",
"options": {
"appendAttribution": false
}
}
},
{
"id": "w5n7",
"name": "Slack #management",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1120,
480
],
"parameters": {
"operation": "post",
"channel": "#management",
"text": "=Weekly InsurTech KPI {{ $json.report_date }}: MRR ${{ $json.mrr }} | Active accounts {{ $json.active_accounts }} | Premium volume ${{ $json.premium_volume }} | DOI filings {{ $json.active_doi_filings }} active",
"otherOptions": {}
}
}
],
"connections": {
"Schedule Monday 8AM": {
"main": [
[
{
"node": "Read Platform Metrics",
"type": "main",
"index": 0
},
{
"node": "Read Compliance Events",
"type": "main",
"index": 0
}
]
]
},
"Read Platform Metrics": {
"main": [
[
{
"node": "Merge Metrics",
"type": "main",
"index": 0
}
]
]
},
"Read Compliance Events": {
"main": [
[
{
"node": "Merge Metrics",
"type": "main",
"index": 1
}
]
]
},
"Merge Metrics": {
"main": [
[
{
"node": "Build KPI Report",
"type": "main",
"index": 0
}
]
]
},
"Build KPI Report": {
"main": [
[
{
"node": "Gmail CEO BCC CISO",
"type": "main",
"index": 0
},
{
"node": "Slack #management",
"type": "main",
"index": 0
}
]
]
}
}
}
Why Self-Hosted n8n Closes the DOI Exam Question
| Compliance Concern | Zapier/Make Problem | n8n Self-Hosted Answer |
|---|---|---|
| NYDFS Circular Letter 2023-01 AI explainability | AI decision data routed through Zapier = attribution gap; DOI examiner cannot trace the decision chain | Self-hosted n8n keeps the complete AI decision log in-scope and git-versioned for DOI examination |
| HIPAA 45 CFR §164.308 — Business Associate chain | Every iPaaS node that touches PHI is a BA — Zapier's BAA covers transmission, not the logic nodes | n8n self-hosted: no new BA party; data never leaves your VPC |
| PCI DSS 4.0 Req. 12.8 — Third-party service provider management | Zapier and Make are in scope as TPSPs; each one requires a written agreement and annual risk review | Self-hosted n8n eliminates the TPSP assessment for your automation layer |
| State DOI market conduct exam — records subpoena | Workflow execution logs hosted on Zapier servers raise state jurisdiction questions | Self-hosted n8n execution logs stay on your infrastructure; no third-party discovery |
| GLBA Safeguards Rule 16 CFR §314.8 — encryption and access controls | NPI (non-public personal information) flowing through SaaS iPaaS triggers access control review | n8n self-hosted: NPI stays inside your defined security perimeter |
Get All 5 Workflows
These 5 workflows are available as import-ready JSON at stripeai.gumroad.com. Individual templates start at $12. The complete FlowKit bundle (all 15 templates) is $97.
Questions about adapting these for your specific state DOI filings or NYDFS submission format? Drop a comment below.
Top comments (0)