Insurers welcome introduction of GDPR

The Data Protection Act overhauls how businesses and other organisations process and handle customer data. The Act implements the EU General Data Protection Regulation (GDPR), which comes into force on 25 May.

Insurers process a wide range of information, both anonymised aggregated data and some relevant personal information, such as health data, to help assess risk, set prices and terms, and handle claims for products such as motor, health, travel and life insurance, as well as some more niche policies, such as enhanced annuities. Insurers also need to process certain criminal conviction data, for example for motor insurance asking customers if they have any unspent motoring convictions.

ABI assistant director and head of conduct regulation Raluca Boroianu-Omura said: “The insurance industry’s ability to process health and criminal conviction data is crucial for an effective insurance market that works in the best interests of individuals and businesses. The Act will ensure that the interests of insurance customers are protected by enabling insurers to process their data in usual way.”

Lloyd’s Market Association director of legal and compliance Kees van der Klugt, added:

“The GDPR raises the bar for data protection. The new Data Protection Act provisions will enhance the ability of insurers to offer a good choice of products and to assess and pay claims efficiently, whilst at the same time giving vital protection to consumers in respect of their personal data.”