This page contains a Flash digital edition of a book.
In Focus Risk


GDPR readiness: moving forward together


It is over a year since European Union rules on data protection came into force, but many companies are still lagging behind


Dr Mahmood Hussain Shah School of Strategy and Leadership, Coventry University


Insurance companies deal with large amounts of personal and sensitive data from different sources which is mainly linked to or belongs to their clients. In fact, data is key to companies operating in the insurance industry. Despite that the General Data Protection


Regulation (GDPR) was introduced in May 2018, insurance companies are still struggling with many issues associated with data privacy compliance. The high volume of data insurance


companies hold, along with its variety, velocity and veracity makes the act compliance difficult for these companies.


A double-edge sword of data The GDPR introduced both new types of opportunities as well as threats to the insurance industry. The emphasise on data privacy and


security led to an increasing demand of for cyber-insurance policies in Europe. Cyber insurance which covers the losses


relating to damage to, or loss of information from IT systems and networks is already well-established in some parts of the world such as the United States. However, it has been rapidly increasing


in Europe too after the introduction of the GDPR. In addition, like other industries, companies in this industry are more likely to satisfy their clients when their data is kept safe. On the other hand, the introduction of this act had a major effect on the way


38


Dr Nisreen Ameen School of Business and Management, Royal Holloway, University of London


companies in the insurance industry operate and handle sensitive data. Failure to comply with the GDPR can result in negative consequences for companies in the insurance industry as they can be subject to fines of up to €20m or 4% of the total annual global turnover (whichever is greater) and reputational risk. In addition, customers are empowered to


bring private claims against these companies when their data privacy is infringed.


GDPR readiness Despite of the fact that the GDPR was introduced last year, a recent study conducted by Consultancy UK in 2019 showed that 30% of European businesses still not GDPR compliant yet, despite that they agree that the act has led to a better management of customer data and made businesses feel safer from cybercrimes. Major insurance companies operating


in the UK declared that they are still not completely ready to handle all the GDPR requirements as it is a complex process. This can be associated with many factors


including data controllers issues, third parties handling different types of data, the complexity of the process of handling data, sharing data with other companies and competitors. In addition, consent management is an


issue as consent can no longer be implied, it must be freely given, specific, informed, unambiguous, clear affirmative, and no imbalance of power must exist.


www.CCRMagazine.com


Dr Ali Tarhini College of Economics & Political Science, Sultan Qaboos University


AI is used by insurance companies to detect fraud and enhance customer experience, but can also be a security risk as it extracts data, examines it, and passes it on to the insurer so data can leak at any stage


In addition, the introduction of new and


advanced technologies such as artificial intelligence (AI) can bring both benefits and challenges for these companies in terms of data privacy and security. AI is used by insurance companies to


detect fraud and enhance customer experience, but can also be a security risk as it extracts data, examines it, and passes it on to the insurer so data can leak at any stage. Furthermore, while insurance companies


in the UK are attempting to comply with the GDPR with all its challenges, the Brexit forms another challenge. After the UK leaves the European Union (EU), dealing with companies outside the


January 2020


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52