The General Data Protection Regulation (GDPR): Impact for Insurers

Regulation
欧州

要約

The GDPR was designed to protect and empower all EU citizens’ data privacy and to reshape the way organizations approach data privacy.

Celent has released a new report titled The General Data Protection Regulation (GDPR): Impact for Insurers. The report was written by Nicolas Michellod, a Senior Analyst with Celent’s Insurance practice.

The General Data Protection Regulation was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organizations across the region approach data privacy. The GDPR will come into force in May 2018.

For a majority of insurers, regulation — and more precisely consumer data protection regulation (interpretation, changes, and lack of clarity) — is the major concern when they use using consumer personal data that is publicly available on social networks or on other online data sources.

Insurers need to review their ability to comply with all GDPR main principles: fair data processing, data subjects’ consent, accountability, data security, personal data breach reporting, and compliance enforcement.

Celent recommends insurers use a five-step approach starting with the mobilization of relevant resources and then specific actions including the mapping of data processing activities, the integration of systems, allowing connectivity, and fostering data services.

“The territorial scope defined in the GDPR is vast, and we can wonder whether monitoring compliance of all companies subject to the regulation will be feasible,” commented Michellod.

“The GDPR principles have direct consequences on how insurers inform their customers on the use of their data and how they manipulate it,” he added.

セレントは、金融機関のビジネスおよびテクノロジー戦略策定に役立てていただけるよう、リサーチおよびアドバイザリーサービスを提供しています。金融業界の最新テクノロジートレンドおよびベストプラクティスに関するレポートを発行し、また、既存のビジネスプロセスの強化や新たなビジネス戦略の実践を検討する金融機関にコンサルティングサービスを提供しています。セレントのアナリストチームは、世界中の拠点から、グローバルな視点で戦略アドバイスや業界最新動向を提供する独自の体制を備えています。セレントは、マーシュ・アンド・マクレナン・カンパニー(MMC)傘下のオリバー・ワイマングループに属しています。

Media Contacts

North America
Francine Minadeo
francine.minadeo@oliverwyman.com
Tel: +1 212 345 6417

Europe (London)
Chris Williams
cwilliams@celent.com
Tel: +44 782 448 3336

Asia (Tokyo)
Yumi Nagaoka
ynagaoka@celent.com
Tel.: +81 3 3500 3023

目次

Executive Summary

1

 

Key Research Questions

1

Introduction

2

 

The Regulation Factor in Insurance

2

 

The Need for Data Protection Regulation

2

 

Objectives of this Report

3

Defining the General Data Protection Regulation

4

 

Defining the GDPR

4

 

Geographic Scope

4

 

Other Key Definitions

5

GDPR Main Principles

7

 

Fair Data Processing

7

 

Lawful Ground for Processing

7

 

Accountability

7

 

Data Security

7

 

Personal Data Breach Reporting

7

 

Enforcement

8

Impacts for Insurers

9

Recommendations

11

Leveraging Celent’s Expertise

13

 

Support for Financial Institutions

13

 

Support for Vendors

13

Related Celent Research

14

レポートダウンロード、個人情報にアクセスする場合はサインインしてください