More Related Content Similar to Are you prepared for information compliance (20) Are you prepared for information compliance 1. www.exdion.com
USA | UK | INDIA
Copyright © 2019 Exdion Solutions Pvt. Ltd.
Is Privacy the talking point for Insurers &
Brokers Now?
2. www.exdion.com
USA | UK | INDIA
Copyright © 2019 Exdion Solutions Pvt. Ltd.
In recent years, protection of consumer privacy has gained prominence with legislature and regulatory
agencies. European Union has rolled out GDPR and US Federal agencies are promulgating novel
approaches to rein in internet majors in collecting & using consumer information. Insurance industry
collects a considerable amount of information every year about the policy holders. This information
allows them to create personalized policies, adjust tariffs and keep up with newer market offerings
and customer needs. With the emergent privacy standards Insurance industry compliance package
must be enriched to meet the requirements. If not they fail exposed to business risk that be
devastating. A commercial risk (a sanction could have serious consequences in terms of reputation) as
well as financial losses (for example, fines for GDPR noncompliance can go up to $23 Million Plus or
4% of the annual global turnover whichever is higher).
Global consumer piracy laws require Insurance agencies to buttress their information governance to
meet:
The right of access to the data
The right to be informed about processing of the data
The right of rectification
The right of opposition
The right to portability
The right to be forgotten
3. www.exdion.com
USA | UK | INDIA
Copyright © 2019 Exdion Solutions Pvt. Ltd.
California is the first state that has adopted a similar law in June 2018 – California Consumer Privacy
Act 2018. The law goes into effect on January 1st 2020. Adoption of this law would mean that every
consumer in California would be able to question and stop their information being used in any manner
or method. The Brokers would have to ensure that their client data (either in part or full) is not
transmitted out of the US for any activities including data processing, accounting and other business
processes related activities without the consent of the client.
Today a large number of Brokers use offshoring companies to perform some of their activities and this
could create issues in terms of instituting processes for client approval and data security measures.
European Union’s General Data Protection Regulation (GDPR) went into effect in EU countries in
May 2018, One of the most important features of GDPR is the need for consent from consumers
before their data is used, Consumer’s need to be notified if their data is being moved outside of the
EU and also will be given a chance to contest the use of their data for any data algorithms.
What is your dependency on Outsource/Offshore partners in conducting your business?
How do you plan to address Consumer Privacy Concerns?
How do you propose to provide access to client data within and outside of your IT environment?
What are the new processes that would have to be put in place to address some of the laws
relating to Client Consent and Analytics?
Why should USA Insurers and Brokers be concerned about this GDPR?
Some Key Questions for the Insurance C-Suite to ponder on:
4. About Exdion:
Exdion is a leading InsurTech solutions provider and a full cycle Transformation partner in the broker
community space. With over 15 years of deep domain Property and Casuality expertise, and over 100+ years of
cumilative experience, Exdion delivers path-breaking InsurTech solutions across the Policy Lifecycle.
Exdion's InsurTech products combine the power of Cognitive Science, Robotic Process Automation (RPA),
Artificial Intelligence (AI), Machine Learning (ML) and Deep Learning (DL) to bring future-ready technology to
brokers.
For more information visit us at
www.exdion.com
or
info@exdion.com
Follow us on-
www.exdion.com
USA | UK | INDIA
Copyright © 2019 Exdion Solutions Pvt. Ltd.
Preparing for “Information Compliance”
As an Insurance company you can’t take the risk of non-compliance. The work towards Insurance
compliance requires comprehensive planning and gradual roll out. Exdion Solution recommends all
Insurance companies adopt a four point strategy:
Create a Data Protection Office (DPO) and set up supportive steering committees.
Run an audit of “risk and internal controls” to identify areas that need to be corrected. Identify all
areas where consumer data is not encrypted or stored in devices with low security.
Adopt smart information governance tools such as access, tractability, communication devices &
systems
Run periodic Information security audit drills
Information compliance is not an option for Insurance companies. This is one cover they cannot ignore.
1.
2.
3.
4.