Insurance giant Allianz has upped its game when it comes to data protection.
As per European Union data protection law, the transfer of personal data to regions outside the EU is restricted – unless approved Binding Corporate Rules (BCRs) are in place, enabling multinational firms, such as Allianz, to make intra-organisational transfers across borders without falling foul of EU rules. BCRs provide EU-level privacy protection, and Allianz has received approval from the EU-mandated Bavarian Data Protection Authority.
“Our business is built on trust,” commented Allianz SE board member Helga Jung. “In an era where data privacy is an increasingly sensitive issue, it is critical that Allianz continue to be at the forefront of privacy protection.
“BCRs approval emphasises how we are committed to maintaining the trust of our customers, employees, and business partners.”
In order to be BCRs-approved, Allianz had to show it has a comprehensive and effective framework that will allow it to safely and lawfully transfer personal data out of Europe. It started the process in 2016, with more than 80 sub-projects spread over 700 companies across the Allianz Group as part of its global regulatory change programme.
Allianz said European data protection authorities scrutinised its internal governance setup and BCRs implementation, as well as how the firm embeds requirements into organisational processes. As a result, the insurer is happy to note that gaining BCRs status is an indication that it is ready for the May 25 implementation of the EU General Data Protection Regulation.
“It has been a significant undertaking, but it’s worth it,” said group chief privacy officer Dr Philipp Räther. “For Allianz, privacy is a core business capability and a corporate social responsibility.”