Insurance companies in Ireland are keeping some of the personal records of motorists beyond the legally allowed data retention period, a watchdog has discovered.
The Irish Data Protection Commissioner has released its 2015 report which revealed that insurance firms are not deleting records of penalty points as they are supposed to under the Road Traffic Act.
According to the report, the law states that penalty points should remain on a licence record only for a period of three years.
“The audit found evidence of the retention of penalty-point data beyond three years,” said the report, which was released on the regulator’s website.
“As a result, the Office is continuing to engage with the companies audited in 2016 to agree on an acceptable retention period and archiving solution.”
The report said the audit of the insurance sector was “notable” and that the industry was “selected for particular attention in 2015.”
The insurance companies that were audited and inspected last year included
Aviva, Axa,
Allianz and
Zurich. The report did not specifically identify the firms that committed the violations.
The report explained that the purpose of the audits was to examine existing facilities within insurance firms to access penalty-point data in conjunction with the roll-out of a new sectoral hub by industry body Insurance Ireland.
“We will continue to examine this area further in 2016,” the report said.
Related stories:
Berkshire Hathaway hit by regulator ruling
Sale of Abbey Life Assurance hit by regulator investigation
Regulator slaps CT Capital with £2.4m fine over insurance complaints handling
