The GDPR and Insurance
Don't underestimate the preparation work
Celent has extensively covered the data topic within the insurance industry over the past few years. I notably defined a framework to help insurers identify factors to consider when investing in data-related initiatives in a report titled A Heat Map for Insurers’ Use of Consumer Data: Perspectives on Current and Future Data Challenges. For a majority of insurers, regulation — and more precisely consumer data protection regulation (interpretation, changes, and lack of clarity) — represents the major concern when using consumer personal data that is publicly available on social networks or on other internet sources.
With the General Data Protection Regulation, the European Union wants to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy. The GDPR has important principles that I think are important for insurers to understand:
- Fair data procession
- Lawful ground for processing
- Data security
- Personal data breach reporting