With less than a year to go until General Data Protection Regulation (GDPR) comes into effect, now is the time for insurance professionals to get up-to-speed on what this means for our industry.
The Data Protection Commissioner describes the regulation as emphasising: “transparency, security and accountability by data controllers and processors, while at the same time standardising and strengthening the right of European citizens to data privacy”. This regulation will therefore affect every organisation and industry, as well as all individuals on a personal and/or professional level.
The following resources will help to explain the main points to be aware of and steps organisations can take to ensure compliance by 25 May 2018.
1. GDPR: What's in store for the insurance industry?
In our second issue of the member magazine, The Insider, Elaine Morrissey (Associate Solicitor at McDowell Purcell) looked at how the regulation will impact the insurance industry, highlighting key changes such as:
- Liability for breaches of the GDPR (administration fines and compensation)
- Data access requests
- Right to be forgotten
- Codes of conduct
- Processing of personal data relating to criminal convictions and offences
2. Data Protection Commissioner: The GDPR and You
What better place to get up-to-speed on GDPR than with the office of the Data Protection Commissioner? This useful guide explains the steps to compliance in a clear and concise way and includes information on:
- Becoming accountable
- Communicating with staff and service users
- Using customer consent as grounds to process data
- Processing children’s data
- Reporting data breaches
- Appointing Data Protection Officers in your organisation
3. Cisco: Introduction to GDPR
This short video contains an interview with Cisco’s Cyber Security Director, Terry Greer-King who gives some background as to why this regulation is being introduced and highlights some of the essential points to be aware of.
4. DAC Beachcroft: A guide for the insurance industry
Some key topics covered include:
- Security measures
- Cyber risk perspective
- Data subject rights
5. ICO: Getting ready for the GDPR (self-assessment)
This handy quiz from the Information Commissioner’s Office in the UK allows you to assess how prepared your business is ahead of next year’s deadline, returning a Red, Amber or Green status.
Your result will also highlight the areas that need improvement and suggest the actions to take in order to ensure compliance. This website also contains a range of other useful resources that are updated on a regular basis.
Other useful links:
General Data Protection Regulation – full textGeneral Data Protection Regulation – What, Why, Where & When
Preparing for General Data Protection Regulation: 12 Steps to take now