WHY THE INSURANCE WORLD MUST SIT UP AND TAKE NOTICE OF THE INCOMING GDPR

Although means of transfer and storage have changed dramatically, the world of insurance has always been characterised by data. Even before the dawn of the digital age, comprehensive information on assets to be underwritten and the risks associated with their protection has always meant that insurers are ‘data processing’ companies.

The digital age has heralded an explosion in data volumes as richer information on assets can be collected. More complex and accurate risk modelling is an innovation that in turn scoops up large swathes of data to better predict future eventualities.

The insurance industry is highly globalised and relies on data transfers across continents, where data governance regulations can differ substantially. The General Data Protection Regulation (GDPR) – which will be introduced by the EU in May 2018 – will bestow a range of new responsibilities upon insurers holding data on EU citizens. This means that the vast majority of insurers, whether based in Europe or beyond, will need to be compliant with this regulation.

Jan-Mar 2018 Issue

EXL Service