SlideShare a Scribd company logo

Data Ethics: Legal and ethical obligations to Insurance company

Download as PPTX, PDF
K
KoppisettiBhargav

Legal and ethical obligations for the Indian Insurance companies when they are dealing with customers data

1 of 27
THE LEGAL AND ETHICAL OBLIGATIONS OF LIFE INSURANCE COMPANIES K.Bhargav Student at University of Hyderabad
Insurance • An entity which provides insurance is known as an Insurer or Undertaker • A person or entity who buys insurance is known as an insured or as a policyholder Insurance provides protection against a predictable event that arises unexpectedly. Those who are likely to suffer from such loss buy insurance by paying premiums, which are used to pay losses that may arise.
Types of Insurance • Whole Life Insurance • Endowment Policy • Money back Policy • Unit Linked Insurance scheme • Child Plan • Pension Plan Life Insurance • Travel Insurance • Health Insurance • Property Insurance • Auto Insurance General Insurance
General Insurance A general insurance is a contract that offers financial compensation on any loss other than death. It insures everything apart from life. Travel Insurance A travel insurance compensates financial liabilities arising out of medical and non-medical emergencies during travel abroad or within the country Health Insurance Reimburse the insured for expenses incurred from illness or injury, or pay the care provider directly Property Insurance Protects the physical property and equipment of a business against loss from theft, fire or other perils with its coverage Auto Insurance Protects you against financial loss in the event of an accident or theft of your vehicle 4
Life Insurance Life insurance is a contract that offers financial compensation in case of death Whole Life Policy It covers you for a lifetime, family member receives a certain sum of money after death of policy holder Pension Policy It is valid for a certain period, a lump sum amount will be paid to family member in the event of your death Endowment Policy This helps to build retirement fund. Policy holder can get a regular pension amount after retirement Money Back Policy Percentage of the sum assured will be paid periodically throughout the term. After the expiry of the term, balance amount as maturity. Sum assured in case of death Child Plan This ensures your child’s financial security. In the event of death of policy holder, child gets a lump-sum amount. A part of your premium goes towards your insurance cover. The remaining amount is invested in Debt and Equity. Lump sum amount in the event of your death Unit Linked Insurance
Why do you need Insurance? Insurance is a way of managing risks. When you buy insurance, you transfer the cost of a potential loss to the insurance company in exchange for a fee, known as the premium. Insurance companies invest the funds securely, so it can grow, and pay out when there’s a claim
Insurance Data Model
OUR PROCESS 1 2 3 4 5 Data in Motion Data at Rest Data at Source Data in Use Data at Destruction Prescribed by IRDA
Types of Data involved in Insurance Business Non Critical Data or Personal Information Critical Data or Sensitive Personal data Data Source
Personal Data Any information that relates to a natural person either directly or indirectly and other information available to Insurance company which is capable of identifying such person • There are no specific rules that govern the processing of personal data according to Insurance regulators • If Personal data is processing for a specific purpose, adequate notice of the processing should be provided to the individual and data can be stored only as long as reasonably necessary to satisfy the purpose for which it is processed
Sensitive Personal Data Sensitive personal data or information include information that is not freely available or accessible in the public domain • Customer Id and Passwords • financial information such as bank account or credit card or debit card or other payment instrument details • physical, physiological and mental health condition • sexual orientation • medical records and history • Insurance details of the customer like claim amount, Nomination
Key rules on collection of Sensitive personal Data 1. it is necessary to obtain the consent of the provider of information prior to the collection and such consent should be in writing 2. sensitive personal data or information can only be collected where necessary for a lawful purpose that is connected with a function or activity of the Insurance company 3. the disclosure of sensitive personal data or information to any third party requires the prior permission of the customer. The third party that receives such sensitive personal data or information shall not disclose it further and must be based in a country offering the same levels of data protection as India. Key rules on handling of Sensitive personal Data 1. The Insurance company must comply with general requirements such as not keeping sensitive personal data or information for longer than is required and ensuring it is kept secure or applying reasonable security practices and procedures. 2. The stringent requirements with respect to the processing of sensitive personal data and information including requiring explicit consent, imposing additional conditions for cross-border transfers and requiring a copy to be stored in India. 3. The Insurance company is allowed to share information with government agencies mandated under the law to obtain information Collection and Processing of Sensitive Personal Data
Data Controls and Analysis Organizations define and implement procedures to ensure the confidentiality, integrity, availability and consistency of all data in a more robust manner. Processing of personal data must comply with seven principles ● only personal data necessary for the purpose should be collected ● it should be for a specific purpose ● processing of personal data has to be fair and reasonable ● it should be lawful ● adequate notice of the processing should be provided to the individual ● personal data processed should be complete, accurate and not misleading ● personal data can be stored only as long as reasonably necessary to satisfy the purpose for which it is processed Surveyors and loss assessors are prohibited from using any confidential information to their personal advantage or to the advantage of a third party
Data Storage  Insurers are required to maintain total confidentiality of policyholder information, unless it is legally necessary to disclose the same to statutory authorities.  A privacy policy is required even when no sensitive personal data or information is being stored and processed  Insurance companies must take a number of measures to ensure transparency and accountability, implementing appropriate security safeguards and implementing procedures and mechanisms to address grievance of data principals  Adopting ‘privacy by design’, maintaining transparency regarding its general practices on processing of personal data  Insurance companies are required to have its security practices and procedures certified and audited by an independent auditor who is approved by the central government at least once every year
Data Transfer ● Sensitive personal data could be transferred outside India only with the express consent of the individual and in compliance with standard contractual clauses. ● Critical personal data could be transferred only to a person or entity providing emergency health services if such transfer is necessary for prompt action ● Transfer of critical personal data should be notified to the Authority within a prescribed time
Data Protection Officer Appointment of Data Protection Officer Insurance company are required to designate a grievance officer Data protection officer has a number of responsibilities including providing information and advice to the data fiduciary, monitoring data processing activities, advising on data protection impact assessments, providing assistance to the Authority and acting as the point of contact for the data principals.
Destruction of Data Sensitive Information need to be disposed safely are • Payroll • Personal customer information • Medical records and claims • Healthcare provider and payment reports • Income statements, Balance sheet • Accident claims • Tax filings and internal audits • Medicaid/ACA information • Development plans and forecast reports • Information breaches happen not just because of inferior firewalls, weak passwords, malicious hacks or cyber attacks but because of employee error, negligence or poor judgement • Insurance company need to ensure employees know how to identify, handle and securely dispose of confidential information whether that information is digital or in paper form.
Use of data for Marketing • The biggest problem for any life insurance company is mis-selling of policies to the customers resulting in high lapsation of policies and high agent turnover • Personal information and data collected by insurance companies and intermediaries, can be utilized to personalize products, develop targeted marketing initiatives and effectively reduce fraudulent claims • adequate internal mechanisms for reviewing, monitoring and evaluating its controls, systems, procedures and safeguards so as to ensure (i) the integrity of the automatic data processing systems (ii) privacy of data is maintained at all times. These internal mechanisms are to be reviewed annually by specified persons
Consequences ● Fine of up to INR 500,000 when there is disclosure of personal information in breach of a lawful contract or without consent ● Imprisonment of up to three years when there is disclosure of personal information in breach of a lawful contract or without consent ● Liable to pay damages as compensation to affected persons if they are negligent in implementing and maintaining reasonable security practices and procedures to protect sensitive personal data or information
Use of Analytics in Insurance sector ● Efficient fraud detection reduces annual claims payouts ● Spot more fraud cases along with anticipating new type of frauds which might occur in future ● Reduced false positive rate, boosts employee productivity, minimizes loss adjustment expenses and avoids customer ire and legal interventions ● Predictive Analytics takes the big data collected by insurers and uses it to most accurately and precisely calculate ● Pricing and risk selection ● Claims triage, Emerging trends ● Pricing strategies, Promotional content ● Claims processing IoT insurance data will be used to improve, among many things: ● Risk assessment ● Marketing campaigns ● Claims processing ● Claims leakage ● Product pricing
Officially, Ajith Singh died in a road accident 8km from his village in Haryana’s Rohtak district at 7am on April 1, 2018. It’s what his wife, Satwanti, who claimed to be present on the spot, reported at the Hisar Sardar police station. The unidentified driver was charged under Sections 279 (rash driving) and 304-A (death by negligence) of the Indian Penal Code . Five people known to the deceased identified his body at the mortuary, including his wife, older brother, and nephew. At least 150,000 people are killed in road accidents in India every year. Ajith happened to be just another one — an ordinary end to an ordinary life. Days before he was killed, Ajith had signed up for personal accident insurance policy with at least four companies, at an average premium of ₹5,000. An “accidental death” would entitle his nominee to at least ₹25 lakh from one. Sometime between 2017 and 2018, many insurance agencies operating in Haryana began to suspect a trend. Case Study
Observations • During that period, Bharti AXA General Insurance received a stream of Personal Accidental Claims from Haryana. There was a strange commonality to them. • The nominee’s bank account was opened just one or two months prior to buying Bharti AXA General Insurance policies. The PAN (Permanent Account Number) card of nominees was also issued just a couple of months before • As per medical documents, the observations were that all insured died due to head injuries and they were brought dead to the hospital. While scrutinizing these cases, three common mobile numbers were found. • Similar concerns were coming up at Bajaj Allianz. The following points were noticed: • Executives such claims received by the company in 2017-18 “the deceased were insured for ₹10 lakh each, neither for a higher value, nor for a lower value; • Mysteriously, in all the four cases, the victim was riding pillion on a motorbike whose driver lost balance because of the sudden emergence of an animal in front of the vehicle • The road accidents killing their clients were being reported at the same police stations in Sonepat, Jhajjar, Hisar and Panipat.
Observations • The Insurance Companies reached out to the families, neighbors, doctors and police officers in each of these cases. No one was willing to talk, but they picked up some information. • In 2018, he reported back to the insurance companies saying he had “concrete doubt” that these deaths weren’t caused by road accidents. • These farmers had died of cancer. On April 5, 2019, Bharti AXA filed a complaint with the director general of police in Panchkula, after a year of internal investigations, alleging that a gang of conmen had defrauded the company of crores of rupees. • On April 20, after two weeks of investigation, STF arrested the mastermind of the scam and his two close aides from Sonepat. • Everything about the scam sounds strangely unreal. The Haryana-based gang allegedly identified terminal cancer patients from rural, low-income backgrounds, got them to insure themselves with multiple companies by hiding their condition, waited for them to die, and then put their dead bodies through “accidents”.
Cost to customers ● A growing number of frauds also calls for tighter controls and underwriting that leads to delays in policy issuance as well as claim settlements. ● Frauds can dent a customer’s confidence and act as a hindrance for the sector in its attempt to offer improved and simplified protection products. ● At times, certain facilities are denied given the high risk of frauds. There is unnecessary harassment caused to genuine policyholders, if their application is flagged as a potential fraud requiring additional due diligence. Effects of the Frauds Reputational damage to the insurer ● Fraudulent claims cause great reputational damage to the insurer and hence can lead to a higher rejection rate of claims too. The company’s ability to manage claims is questioned and customers often lose trust in the process. ● The fear of fraudulent claims has made insurers develop extensive underwriting methods that require investments across talent, time and technology. Investigation of claims is carried out for all claims above a certain threshold. ● This further drives up the cost of the cover to the whole group
Most insurance companies try to eradicate possible frauds at the issuance stage itself as legal and compliance issues come up at the time of rejecting a claim. Also, claims repudiation brings with it, a reputational risk. Several companies in the industry have updated their underwriting process to help them detect more frauds. Some of the methods include: • Restrictions in geographies with a history of frauds: There may be a chance that if a resident of these areas, applies for a policy, conditions may be placed on the agent or the branch sourcing that policy. • Predictive modelling: Statistical methods such as predictive modelling are also being applied to the underwriting process. These are particularly helpful in eliminating the subjectivity when assessing a policy for potential fraud. Although given their efficiency, a significant amount of effort is put on additional due diligence and investigations on the basis of model results. • Repository of fraud claims within the insurance industry: The use of a common database and analytics tools such as credit scoring firm Measures can be taken
RESOURCES ● https://www.irdai.gov.in/ADMINCMS/cms/frmGeneral_Layout.aspx?page=PageNo108&flag=1 ● https://www.internationallawoffice.com/Newsletters/Insurance/Portugal/Morais-Leito-Galvo-Teles-Soares-da- Silva-Associados/Legal-basis-for-processing-personal-health-data-for-insurance-purposes ● https://www.acko.com/articles/general-info/types-of-insurance/ ● https://www.cooperators.ca/en/Resources/protect-what-matters/why-do-you-need-insurance.aspx ● https://www.rms.com/blog/tag/exposure-data/ ● https://corporate.cyrilamarchandblogs.com/2019/05/data-protection-indian-insurance-sector-regulatory- framework-part-2/ ● https://www.linklaters.com/en/insights/data-protected/data-protected---india
Thanks a lot

Recommended

Business Health for Healthcare Businesses
Business Health for Healthcare BusinessesBusiness Health for Healthcare Businesses
Business Health for Healthcare Businesses
Insureon
 
Data Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemData Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information System
Quotient Consulting
 
Sample Business Associate Agreement
Sample Business Associate AgreementSample Business Associate Agreement
Sample Business Associate Agreement
Jorge M. Abril, P.A.
 
Bcbs mitchigan non payment codes
Bcbs mitchigan non payment codesBcbs mitchigan non payment codes
Bcbs mitchigan non payment codes
Rajinikanth Dhakshanamurthi
 
2014 Willow Creek Physician Office Compliance Plan
2014 Willow Creek Physician Office Compliance Plan2014 Willow Creek Physician Office Compliance Plan
2014 Willow Creek Physician Office Compliance PlanCarly Bethea
 
Social Security and Medicare
Social Security and MedicareSocial Security and Medicare
Social Security and MedicareBBSI
 
Claim management
Claim managementClaim management
Claim managementNeha Satwani
 
Ch 01 structure of the insurance industry
Ch 01 structure of the insurance industryCh 01 structure of the insurance industry
Ch 01 structure of the insurance industry
utharanthava
 

Recommended

Business Health for Healthcare Businesses
Business Health for Healthcare BusinessesBusiness Health for Healthcare Businesses
Business Health for Healthcare Businesses
Insureon
 
Data Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemData Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information System
Quotient Consulting
 
Sample Business Associate Agreement
Sample Business Associate AgreementSample Business Associate Agreement
Sample Business Associate Agreement
Jorge M. Abril, P.A.
 
Bcbs mitchigan non payment codes
Bcbs mitchigan non payment codesBcbs mitchigan non payment codes
Bcbs mitchigan non payment codes
Rajinikanth Dhakshanamurthi
 
2014 Willow Creek Physician Office Compliance Plan
2014 Willow Creek Physician Office Compliance Plan2014 Willow Creek Physician Office Compliance Plan
2014 Willow Creek Physician Office Compliance PlanCarly Bethea
 
Social Security and Medicare
Social Security and MedicareSocial Security and Medicare
Social Security and MedicareBBSI
 
Claim management
Claim managementClaim management
Claim managementNeha Satwani
 
Ch 01 structure of the insurance industry
Ch 01 structure of the insurance industryCh 01 structure of the insurance industry
Ch 01 structure of the insurance industry
utharanthava
 
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
benefitexpress
 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS
- Mark - Fullbright
 
Professional Services Agreements: Best Practices and Implementation
Professional Services Agreements: Best Practices and ImplementationProfessional Services Agreements: Best Practices and Implementation
Professional Services Agreements: Best Practices and Implementation
Fredrikson & Byron
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
Datamatics Business Solutions Ltd.
 
Types of Health Insurance in India
Types of Health Insurance in IndiaTypes of Health Insurance in India
Types of Health Insurance in India
Prateek Jha
 
Life insurance Claims and Settlement by Dr. Amitabh Mishra
Life insurance Claims and Settlement by Dr. Amitabh MishraLife insurance Claims and Settlement by Dr. Amitabh Mishra
Life insurance Claims and Settlement by Dr. Amitabh Mishra
Amitabh Mishra
 
insurance Claim
insurance Claiminsurance Claim
insurance Claim
Rahul Chauhan
 
The benefits of revenue cycle and compliance collaboration
The benefits of revenue cycle and compliance collaborationThe benefits of revenue cycle and compliance collaboration
The benefits of revenue cycle and compliance collaboration
BESLER
 
Health care documentation quality assessment and management best practices
Health care documentation quality assessment and management best practicesHealth care documentation quality assessment and management best practices
Health care documentation quality assessment and management best practices
Rajinikanth Dhakshanamurthi
 
Medicare presentation
Medicare presentationMedicare presentation
Medicare presentationNicholas G. Siradas
 
Gdpr for business full
Gdpr for business fullGdpr for business full
Gdpr for business full
Fionnuala Hendrick
 
Health Insurance Update for 2016
Health Insurance Update for 2016Health Insurance Update for 2016
Health Insurance Update for 2016
PICPA
 
Medicare presentation
Medicare presentationMedicare presentation
Medicare presentation
Nicholas G. Siradas
 
Health insurance
Health insuranceHealth insurance
Health insurance
Sunil Garg
 
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best PracticeHIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
benefitexpress
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issues
JagdeepSingh394
 
Principles and guidelines and approach for the documents
Principles and guidelines and approach for the documentsPrinciples and guidelines and approach for the documents
Principles and guidelines and approach for the documents
vaanila2023
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
Next Dimension Inc.
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
DATAVERSITY
 
Data Management Protection Acts
Data Management Protection ActsData Management Protection Acts
Data Management Protection ActsJoseph White MPA CPM
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
Owako Rodah
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
Vaileth Mdete
 

More Related Content

What's hot

[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
benefitexpress
 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS
- Mark - Fullbright
 
Professional Services Agreements: Best Practices and Implementation
Professional Services Agreements: Best Practices and ImplementationProfessional Services Agreements: Best Practices and Implementation
Professional Services Agreements: Best Practices and Implementation
Fredrikson & Byron
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
Datamatics Business Solutions Ltd.
 
Types of Health Insurance in India
Types of Health Insurance in IndiaTypes of Health Insurance in India
Types of Health Insurance in India
Prateek Jha
 
Life insurance Claims and Settlement by Dr. Amitabh Mishra
Life insurance Claims and Settlement by Dr. Amitabh MishraLife insurance Claims and Settlement by Dr. Amitabh Mishra
Life insurance Claims and Settlement by Dr. Amitabh Mishra
Amitabh Mishra
 
insurance Claim
insurance Claiminsurance Claim
insurance Claim
Rahul Chauhan
 
The benefits of revenue cycle and compliance collaboration
The benefits of revenue cycle and compliance collaborationThe benefits of revenue cycle and compliance collaboration
The benefits of revenue cycle and compliance collaboration
BESLER
 
Health care documentation quality assessment and management best practices
Health care documentation quality assessment and management best practicesHealth care documentation quality assessment and management best practices
Health care documentation quality assessment and management best practices
Rajinikanth Dhakshanamurthi
 
Gdpr for business full
Gdpr for business fullGdpr for business full
Gdpr for business full
Fionnuala Hendrick
 
Health Insurance Update for 2016
Health Insurance Update for 2016Health Insurance Update for 2016
Health Insurance Update for 2016
PICPA
 
Medicare presentation
Medicare presentationMedicare presentation
Medicare presentation
Nicholas G. Siradas
 
Health insurance
Health insuranceHealth insurance
Health insurance
Sunil Garg
 
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best PracticeHIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
benefitexpress
 

What's hot (15)

[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
[Medi]Caring About Delayed Retirement: A Closer Look at Medicare Strategy
 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS
 
Professional Services Agreements: Best Practices and Implementation
Professional Services Agreements: Best Practices and ImplementationProfessional Services Agreements: Best Practices and Implementation
Professional Services Agreements: Best Practices and Implementation
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
 
Types of Health Insurance in India
Types of Health Insurance in IndiaTypes of Health Insurance in India
Types of Health Insurance in India
 
Life insurance Claims and Settlement by Dr. Amitabh Mishra
Life insurance Claims and Settlement by Dr. Amitabh MishraLife insurance Claims and Settlement by Dr. Amitabh Mishra
Life insurance Claims and Settlement by Dr. Amitabh Mishra
 
insurance Claim
insurance Claiminsurance Claim
insurance Claim
 
The benefits of revenue cycle and compliance collaboration
The benefits of revenue cycle and compliance collaborationThe benefits of revenue cycle and compliance collaboration
The benefits of revenue cycle and compliance collaboration
 
Health care documentation quality assessment and management best practices
Health care documentation quality assessment and management best practicesHealth care documentation quality assessment and management best practices
Health care documentation quality assessment and management best practices
 
Medicare presentation
Medicare presentationMedicare presentation
Medicare presentation
 
Gdpr for business full
Gdpr for business fullGdpr for business full
Gdpr for business full
 
Health Insurance Update for 2016
Health Insurance Update for 2016Health Insurance Update for 2016
Health Insurance Update for 2016
 
Medicare presentation
Medicare presentationMedicare presentation
Medicare presentation
 
Health insurance
Health insuranceHealth insurance
Health insurance
 
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best PracticeHIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
 

Similar to Data Ethics: Legal and ethical obligations to Insurance company

Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issues
JagdeepSingh394
 
Principles and guidelines and approach for the documents
Principles and guidelines and approach for the documentsPrinciples and guidelines and approach for the documents
Principles and guidelines and approach for the documents
vaanila2023
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
Next Dimension Inc.
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
DATAVERSITY
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
Owako Rodah
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
Vaileth Mdete
 
WVA Insurance & Risk Management
WVA Insurance & Risk ManagementWVA Insurance & Risk Management
WVA Insurance & Risk Management
NurulKhairiahMohamed
 
New Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit KhandelwalNew Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit Khandelwal
amitkhand
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
Harrison Clark Rickerbys
 
Insurance.pptx
Insurance.pptxInsurance.pptx
Insurance.pptx
NimishaKapoor9
 
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
Harrison Clark Rickerbys
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
Harrison Clark Rickerbys
 
Insurance Credentialing Services Simplifying the Medical Credentialing Proces...
Insurance Credentialing Services Simplifying the Medical Credentialing Proces...Insurance Credentialing Services Simplifying the Medical Credentialing Proces...
Insurance Credentialing Services Simplifying the Medical Credentialing Proces...
Instapay Healthcare Services
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
Harrison Clark Rickerbys
 
How to Get Medical Pre-approval or Prior Authorization Effectively
How to Get Medical Pre-approval or Prior Authorization EffectivelyHow to Get Medical Pre-approval or Prior Authorization Effectively
How to Get Medical Pre-approval or Prior Authorization Effectively
Outsource Strategies International
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
Iain Wicks MCIPR
 
Bayzat Benefits Brochure (1)
Bayzat Benefits Brochure (1)Bayzat Benefits Brochure (1)
Bayzat Benefits Brochure (1)Mohamed Althis
 
Startups - data protection
Startups - data protectionStartups - data protection
Startups - data protection
Mathew Chacko
 

Similar to Data Ethics: Legal and ethical obligations to Insurance company (20)

Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issues
 
Principles and guidelines and approach for the documents
Principles and guidelines and approach for the documentsPrinciples and guidelines and approach for the documents
Principles and guidelines and approach for the documents
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
 
Data Management Protection Acts
Data Management Protection ActsData Management Protection Acts
Data Management Protection Acts
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
 
WVA Insurance & Risk Management
WVA Insurance & Risk ManagementWVA Insurance & Risk Management
WVA Insurance & Risk Management
 
New Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit KhandelwalNew Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit Khandelwal
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
Insurance.pptx
Insurance.pptxInsurance.pptx
Insurance.pptx
 
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
Insurance Credentialing Services Simplifying the Medical Credentialing Proces...
Insurance Credentialing Services Simplifying the Medical Credentialing Proces...Insurance Credentialing Services Simplifying the Medical Credentialing Proces...
Insurance Credentialing Services Simplifying the Medical Credentialing Proces...
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
 
How to Get Medical Pre-approval or Prior Authorization Effectively
How to Get Medical Pre-approval or Prior Authorization EffectivelyHow to Get Medical Pre-approval or Prior Authorization Effectively
How to Get Medical Pre-approval or Prior Authorization Effectively
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
 
Bayzat Benefits Brochure (1)
Bayzat Benefits Brochure (1)Bayzat Benefits Brochure (1)
Bayzat Benefits Brochure (1)
 
Startups - data protection
Startups - data protectionStartups - data protection
Startups - data protection
 
MED- ASSIST PROFILE
MED- ASSIST PROFILEMED- ASSIST PROFILE
MED- ASSIST PROFILE
 

Recently uploaded

06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
John Andrews
 
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdfCh03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
haila53
 
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
u86oixdj
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
Roger Valdez
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
mzpolocfi
 
一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理
一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理
一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理
slg6lamcq
 
Criminal IP - Threat Hunting Webinar.pdf
Criminal IP - Threat Hunting Webinar.pdfCriminal IP - Threat Hunting Webinar.pdf
Criminal IP - Threat Hunting Webinar.pdf
Criminal IP
 
Nanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdfNanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdf
eddie19851
 
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfEnhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
GetInData
 
The Building Blocks of QuestDB, a Time Series Database
The Building Blocks of QuestDB, a Time Series DatabaseThe Building Blocks of QuestDB, a Time Series Database
The Building Blocks of QuestDB, a Time Series Database
javier ramirez
 
Best best suvichar in gujarati english meaning of this sentence as Silk road ...
Best best suvichar in gujarati english meaning of this sentence as Silk road ...Best best suvichar in gujarati english meaning of this sentence as Silk road ...
Best best suvichar in gujarati english meaning of this sentence as Silk road ...
AbhimanyuSinha9
 
Machine learning and optimization techniques for electrical drives.pptx
Machine learning and optimization techniques for electrical drives.pptxMachine learning and optimization techniques for electrical drives.pptx
Machine learning and optimization techniques for electrical drives.pptx
balafet
 
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
axoqas
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
ahzuo
 
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
74nqk8xf
 
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
dwreak4tg
 
Adjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTESAdjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTES
Subhajit Sahu
 
Learn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queriesLearn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queries
manishkhaire30
 
【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】
【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】
【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】
NABLAS株式会社
 

Recently uploaded (20)

06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
 
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdfCh03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
 
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
 
一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理
一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理
一比一原版(Adelaide毕业证书)阿德莱德大学毕业证如何办理
 
Criminal IP - Threat Hunting Webinar.pdf
Criminal IP - Threat Hunting Webinar.pdfCriminal IP - Threat Hunting Webinar.pdf
Criminal IP - Threat Hunting Webinar.pdf
 
Nanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdfNanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdf
 
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfEnhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
 
The Building Blocks of QuestDB, a Time Series Database
The Building Blocks of QuestDB, a Time Series DatabaseThe Building Blocks of QuestDB, a Time Series Database
The Building Blocks of QuestDB, a Time Series Database
 
Best best suvichar in gujarati english meaning of this sentence as Silk road ...
Best best suvichar in gujarati english meaning of this sentence as Silk road ...Best best suvichar in gujarati english meaning of this sentence as Silk road ...
Best best suvichar in gujarati english meaning of this sentence as Silk road ...
 
Machine learning and optimization techniques for electrical drives.pptx
Machine learning and optimization techniques for electrical drives.pptxMachine learning and optimization techniques for electrical drives.pptx
Machine learning and optimization techniques for electrical drives.pptx
 
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
 
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
 
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
 
Adjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTESAdjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTES
 
Learn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queriesLearn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queries
 
【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】
【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】
【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】
 

Data Ethics: Legal and ethical obligations to Insurance company

  • 1. THE LEGAL AND ETHICAL OBLIGATIONS OF LIFE INSURANCE COMPANIES K.Bhargav Student at University of Hyderabad
  • 2. Insurance • An entity which provides insurance is known as an Insurer or Undertaker • A person or entity who buys insurance is known as an insured or as a policyholder Insurance provides protection against a predictable event that arises unexpectedly. Those who are likely to suffer from such loss buy insurance by paying premiums, which are used to pay losses that may arise.
  • 3. Types of Insurance • Whole Life Insurance • Endowment Policy • Money back Policy • Unit Linked Insurance scheme • Child Plan • Pension Plan Life Insurance • Travel Insurance • Health Insurance • Property Insurance • Auto Insurance General Insurance
  • 4. General Insurance A general insurance is a contract that offers financial compensation on any loss other than death. It insures everything apart from life. Travel Insurance A travel insurance compensates financial liabilities arising out of medical and non-medical emergencies during travel abroad or within the country Health Insurance Reimburse the insured for expenses incurred from illness or injury, or pay the care provider directly Property Insurance Protects the physical property and equipment of a business against loss from theft, fire or other perils with its coverage Auto Insurance Protects you against financial loss in the event of an accident or theft of your vehicle 4
  • 5. Life Insurance Life insurance is a contract that offers financial compensation in case of death Whole Life Policy It covers you for a lifetime, family member receives a certain sum of money after death of policy holder Pension Policy It is valid for a certain period, a lump sum amount will be paid to family member in the event of your death Endowment Policy This helps to build retirement fund. Policy holder can get a regular pension amount after retirement Money Back Policy Percentage of the sum assured will be paid periodically throughout the term. After the expiry of the term, balance amount as maturity. Sum assured in case of death Child Plan This ensures your child’s financial security. In the event of death of policy holder, child gets a lump-sum amount. A part of your premium goes towards your insurance cover. The remaining amount is invested in Debt and Equity. Lump sum amount in the event of your death Unit Linked Insurance
  • 6. Why do you need Insurance? Insurance is a way of managing risks. When you buy insurance, you transfer the cost of a potential loss to the insurance company in exchange for a fee, known as the premium. Insurance companies invest the funds securely, so it can grow, and pay out when there’s a claim
  • 8. OUR PROCESS 1 2 3 4 5 Data in Motion Data at Rest Data at Source Data in Use Data at Destruction Prescribed by IRDA
  • 9. Types of Data involved in Insurance Business Non Critical Data or Personal Information Critical Data or Sensitive Personal data Data Source
  • 10. Personal Data Any information that relates to a natural person either directly or indirectly and other information available to Insurance company which is capable of identifying such person • There are no specific rules that govern the processing of personal data according to Insurance regulators • If Personal data is processing for a specific purpose, adequate notice of the processing should be provided to the individual and data can be stored only as long as reasonably necessary to satisfy the purpose for which it is processed
  • 11. Sensitive Personal Data Sensitive personal data or information include information that is not freely available or accessible in the public domain • Customer Id and Passwords • financial information such as bank account or credit card or debit card or other payment instrument details • physical, physiological and mental health condition • sexual orientation • medical records and history • Insurance details of the customer like claim amount, Nomination
  • 12. Key rules on collection of Sensitive personal Data 1. it is necessary to obtain the consent of the provider of information prior to the collection and such consent should be in writing 2. sensitive personal data or information can only be collected where necessary for a lawful purpose that is connected with a function or activity of the Insurance company 3. the disclosure of sensitive personal data or information to any third party requires the prior permission of the customer. The third party that receives such sensitive personal data or information shall not disclose it further and must be based in a country offering the same levels of data protection as India. Key rules on handling of Sensitive personal Data 1. The Insurance company must comply with general requirements such as not keeping sensitive personal data or information for longer than is required and ensuring it is kept secure or applying reasonable security practices and procedures. 2. The stringent requirements with respect to the processing of sensitive personal data and information including requiring explicit consent, imposing additional conditions for cross-border transfers and requiring a copy to be stored in India. 3. The Insurance company is allowed to share information with government agencies mandated under the law to obtain information Collection and Processing of Sensitive Personal Data
  • 13. Data Controls and Analysis Organizations define and implement procedures to ensure the confidentiality, integrity, availability and consistency of all data in a more robust manner. Processing of personal data must comply with seven principles ● only personal data necessary for the purpose should be collected ● it should be for a specific purpose ● processing of personal data has to be fair and reasonable ● it should be lawful ● adequate notice of the processing should be provided to the individual ● personal data processed should be complete, accurate and not misleading ● personal data can be stored only as long as reasonably necessary to satisfy the purpose for which it is processed Surveyors and loss assessors are prohibited from using any confidential information to their personal advantage or to the advantage of a third party
  • 14. Data Storage  Insurers are required to maintain total confidentiality of policyholder information, unless it is legally necessary to disclose the same to statutory authorities.  A privacy policy is required even when no sensitive personal data or information is being stored and processed  Insurance companies must take a number of measures to ensure transparency and accountability, implementing appropriate security safeguards and implementing procedures and mechanisms to address grievance of data principals  Adopting ‘privacy by design’, maintaining transparency regarding its general practices on processing of personal data  Insurance companies are required to have its security practices and procedures certified and audited by an independent auditor who is approved by the central government at least once every year
  • 15. Data Transfer ● Sensitive personal data could be transferred outside India only with the express consent of the individual and in compliance with standard contractual clauses. ● Critical personal data could be transferred only to a person or entity providing emergency health services if such transfer is necessary for prompt action ● Transfer of critical personal data should be notified to the Authority within a prescribed time
  • 16. Data Protection Officer Appointment of Data Protection Officer Insurance company are required to designate a grievance officer Data protection officer has a number of responsibilities including providing information and advice to the data fiduciary, monitoring data processing activities, advising on data protection impact assessments, providing assistance to the Authority and acting as the point of contact for the data principals.
  • 17. Destruction of Data Sensitive Information need to be disposed safely are • Payroll • Personal customer information • Medical records and claims • Healthcare provider and payment reports • Income statements, Balance sheet • Accident claims • Tax filings and internal audits • Medicaid/ACA information • Development plans and forecast reports • Information breaches happen not just because of inferior firewalls, weak passwords, malicious hacks or cyber attacks but because of employee error, negligence or poor judgement • Insurance company need to ensure employees know how to identify, handle and securely dispose of confidential information whether that information is digital or in paper form.
  • 18. Use of data for Marketing • The biggest problem for any life insurance company is mis-selling of policies to the customers resulting in high lapsation of policies and high agent turnover • Personal information and data collected by insurance companies and intermediaries, can be utilized to personalize products, develop targeted marketing initiatives and effectively reduce fraudulent claims • adequate internal mechanisms for reviewing, monitoring and evaluating its controls, systems, procedures and safeguards so as to ensure (i) the integrity of the automatic data processing systems (ii) privacy of data is maintained at all times. These internal mechanisms are to be reviewed annually by specified persons
  • 19. Consequences ● Fine of up to INR 500,000 when there is disclosure of personal information in breach of a lawful contract or without consent ● Imprisonment of up to three years when there is disclosure of personal information in breach of a lawful contract or without consent ● Liable to pay damages as compensation to affected persons if they are negligent in implementing and maintaining reasonable security practices and procedures to protect sensitive personal data or information
  • 20. Use of Analytics in Insurance sector ● Efficient fraud detection reduces annual claims payouts ● Spot more fraud cases along with anticipating new type of frauds which might occur in future ● Reduced false positive rate, boosts employee productivity, minimizes loss adjustment expenses and avoids customer ire and legal interventions ● Predictive Analytics takes the big data collected by insurers and uses it to most accurately and precisely calculate ● Pricing and risk selection ● Claims triage, Emerging trends ● Pricing strategies, Promotional content ● Claims processing IoT insurance data will be used to improve, among many things: ● Risk assessment ● Marketing campaigns ● Claims processing ● Claims leakage ● Product pricing
  • 21. Officially, Ajith Singh died in a road accident 8km from his village in Haryana’s Rohtak district at 7am on April 1, 2018. It’s what his wife, Satwanti, who claimed to be present on the spot, reported at the Hisar Sardar police station. The unidentified driver was charged under Sections 279 (rash driving) and 304-A (death by negligence) of the Indian Penal Code . Five people known to the deceased identified his body at the mortuary, including his wife, older brother, and nephew. At least 150,000 people are killed in road accidents in India every year. Ajith happened to be just another one — an ordinary end to an ordinary life. Days before he was killed, Ajith had signed up for personal accident insurance policy with at least four companies, at an average premium of ₹5,000. An “accidental death” would entitle his nominee to at least ₹25 lakh from one. Sometime between 2017 and 2018, many insurance agencies operating in Haryana began to suspect a trend. Case Study
  • 22. Observations • During that period, Bharti AXA General Insurance received a stream of Personal Accidental Claims from Haryana. There was a strange commonality to them. • The nominee’s bank account was opened just one or two months prior to buying Bharti AXA General Insurance policies. The PAN (Permanent Account Number) card of nominees was also issued just a couple of months before • As per medical documents, the observations were that all insured died due to head injuries and they were brought dead to the hospital. While scrutinizing these cases, three common mobile numbers were found. • Similar concerns were coming up at Bajaj Allianz. The following points were noticed: • Executives such claims received by the company in 2017-18 “the deceased were insured for ₹10 lakh each, neither for a higher value, nor for a lower value; • Mysteriously, in all the four cases, the victim was riding pillion on a motorbike whose driver lost balance because of the sudden emergence of an animal in front of the vehicle • The road accidents killing their clients were being reported at the same police stations in Sonepat, Jhajjar, Hisar and Panipat.
  • 23. Observations • The Insurance Companies reached out to the families, neighbors, doctors and police officers in each of these cases. No one was willing to talk, but they picked up some information. • In 2018, he reported back to the insurance companies saying he had “concrete doubt” that these deaths weren’t caused by road accidents. • These farmers had died of cancer. On April 5, 2019, Bharti AXA filed a complaint with the director general of police in Panchkula, after a year of internal investigations, alleging that a gang of conmen had defrauded the company of crores of rupees. • On April 20, after two weeks of investigation, STF arrested the mastermind of the scam and his two close aides from Sonepat. • Everything about the scam sounds strangely unreal. The Haryana-based gang allegedly identified terminal cancer patients from rural, low-income backgrounds, got them to insure themselves with multiple companies by hiding their condition, waited for them to die, and then put their dead bodies through “accidents”.
  • 24. Cost to customers ● A growing number of frauds also calls for tighter controls and underwriting that leads to delays in policy issuance as well as claim settlements. ● Frauds can dent a customer’s confidence and act as a hindrance for the sector in its attempt to offer improved and simplified protection products. ● At times, certain facilities are denied given the high risk of frauds. There is unnecessary harassment caused to genuine policyholders, if their application is flagged as a potential fraud requiring additional due diligence. Effects of the Frauds Reputational damage to the insurer ● Fraudulent claims cause great reputational damage to the insurer and hence can lead to a higher rejection rate of claims too. The company’s ability to manage claims is questioned and customers often lose trust in the process. ● The fear of fraudulent claims has made insurers develop extensive underwriting methods that require investments across talent, time and technology. Investigation of claims is carried out for all claims above a certain threshold. ● This further drives up the cost of the cover to the whole group
  • 25. Most insurance companies try to eradicate possible frauds at the issuance stage itself as legal and compliance issues come up at the time of rejecting a claim. Also, claims repudiation brings with it, a reputational risk. Several companies in the industry have updated their underwriting process to help them detect more frauds. Some of the methods include: • Restrictions in geographies with a history of frauds: There may be a chance that if a resident of these areas, applies for a policy, conditions may be placed on the agent or the branch sourcing that policy. • Predictive modelling: Statistical methods such as predictive modelling are also being applied to the underwriting process. These are particularly helpful in eliminating the subjectivity when assessing a policy for potential fraud. Although given their efficiency, a significant amount of effort is put on additional due diligence and investigations on the basis of model results. • Repository of fraud claims within the insurance industry: The use of a common database and analytics tools such as credit scoring firm Measures can be taken
  • 26. RESOURCES ● https://www.irdai.gov.in/ADMINCMS/cms/frmGeneral_Layout.aspx?page=PageNo108&flag=1 ● https://www.internationallawoffice.com/Newsletters/Insurance/Portugal/Morais-Leito-Galvo-Teles-Soares-da- Silva-Associados/Legal-basis-for-processing-personal-health-data-for-insurance-purposes ● https://www.acko.com/articles/general-info/types-of-insurance/ ● https://www.cooperators.ca/en/Resources/protect-what-matters/why-do-you-need-insurance.aspx ● https://www.rms.com/blog/tag/exposure-data/ ● https://corporate.cyrilamarchandblogs.com/2019/05/data-protection-indian-insurance-sector-regulatory- framework-part-2/ ● https://www.linklaters.com/en/insights/data-protected/data-protected---india