The latest news from the Association of British Insurers:
The Data Protection Act, which received Royal Assent today, overhauls how businesses and other organisations process and handle customer data. The Act implements the EU General Data Protection Regulation (GDPR), which comes into force on 25 May.
Insurers process a wide range of information, both anonymised aggregated data and some personal information, such as health data, to help assess risk, set prices and terms, and handle claims for products such as motor, health, travel and life insurance, as well as some more niche policies, such as enhanced annuities. Insurers also need to process certain criminal conviction data, for example for motor insurance asking customers if they have any unspent motoring convictions.
“The insurance industry’s ability to process health and criminal conviction data is crucial for an effective insurance market that works in the best interests of individuals and businesses. The Act will ensure that the interests of insurance customers are protected by enabling insurers to process their data in usual way.”
Kees van der Klugt, director of legal & compliance at the Lloyd’s Market Association, said:
“The GDPR raises the bar for data protection. The new Data Protection Act provisions will enhance the ability of insurers to offer a good choice of products and to assess and pay claims efficiently, whilst at the same time giving vital protection to consumers in respect of their personal data.”