Is the insurance industry ready for the GDPR?

Industry should be poised for a “massive undertaking” when it comes to compliance, expert says

Is the insurance industry ready for the GDPR?

Insurance News

By Lucy Hook

In an industry like insurance, where more data often means better decisions, legislation like the GDPR – which comes into force next May – means big change.

“At the very highest level, the GDPR is a huge deal for insurance companies,” Jason Du Preez, CEO and founder of privacy engineering firm Privitar, told Insurance Business.

Insurance is one of the most data-accruing industries, as information underpins decisions, but naturally much of this data is extremely sensitive – meaning insurance companies could have huge exposures under the new data protection laws.

But while the GDPR will bring in potential fines of up to 4% of an entity’s total revenue worldwide, the legislation is not driven by the desire to merely punish companies, according to Du Preez.

Want the latest insurance industry news first? Sign up for our completely free newsletter service now

“The purpose of the legislation is not to impose restrictions and create friction, it’s actually the converse,” he said. “It’s saying, first and foremost, we want you to know what data you have and understand that very comprehensively, and we then want you to understand how that data is being processed and used, and we want any algorithms or profiling you’re executing on that data to be explainable and transparent.”

The high-level objective of the regulation is to make it easier to extract value in a digital economy, and to drive organisations towards taking a data-centric view of their businesses, Du Preez said.

However, much of the industry’s infrastructure is still some way from being ready – “so there is going to be a massive exercise and undertaking that will need to occur in order to be in a position where there is no risk of a very severe penalty.”

When it comes to compliance, the first step is for firms to understand the data that they hold – which can be a pretty daunting task – and only then can the data and the surrounding risks be analysed.

“I’m familiar with even some smaller insurance firms and brokers that have generated huge amounts of data and accumulated that over the years, and that presents quite a challenge,” Du Preez added.

Keep up with the latest news and events

Join our mailing list, it’s free!