The European Union General Data Protection Regulation [GDPR] is due to come into force in May 2018. The Information Commissioner’s Office [ICO] is to be responsible for enforcing the GDPR in the UK, acting as the regulator, and is in talks with the government and the insurance industry around compliance issues. The new regulation provides greater powers to the consumer to protect and access their data.

Businesses will be required to be transparent about the way they are using customer data and mandated to declare any cyber attacks and data breaches.

Significant concerns about the new regulation are being raised in the insurance industry and reports suggest many organisations have yet to begin to properly prepare for the new regulatory environment. Uncertainties around the implementation of the new law are causing a considerable degree of confusion and inertia. Meanwhile a sea of ‘GDPR experts’ are promoting their services using the ticking clock syndrome and fears of fines for non-compliance to encourage their take up.

Data is clearly fundamental to insurance businesses. Insurers hold a wealth of historic personal customer data which is used to assist in pricing risk, detecting fraud and improving the customer experience via customer profiling.

What are the major changes faced by insurers in the way they collect, process and store their customers' data? 

Read the in-depth article to learn more about it.