Insurance Europe has published an insight briefing that examines whether the General Data Protection Regulation (GDPR) has delivered on its aims of enhanced protection and greater harmonisation of data protection rules. It also asks if the GDPR is compatible with insurers’ need to innovate for the benefit consumers.
The European Commission is currently taking stock of stakeholders’ experiences of implementing the GDPR to prepare its report on the evaluation and review of the Regulation, due by May 2020. The briefing has been published ahead of a Commission event on the GDPR’s anniversary which takes place on 13 June.
The briefing highlights the positive effects that the introduction of new rights has had on consumers and how this helps insurers to build and maintain trustworthy relationships with consumers.
Importantly, the document notes that the GDPR has not fully achieved the level of harmonisation that was initially intended. While the GDPR has secured the same level of protection for consumers in all EU member states to a certain degree, it is not always applied uniformly across member states.
The briefing also highlights how — despite significant efforts to modernise privacy rules — the GDPR and the guidelines adopted by the European Data Protection Board (EDPB) introduce, in some instances, requirements that are at odds with fast-evolving technology and that may slow the pace of insurers’ digital innovation.
Looking ahead, it will be crucial for the Commission to ensure that the application of the GDPR and its guidelines allow insurers to continue operating cross border and guarantee the safe development and introduction of innovative products that can benefit consumers.