InView Autumn/Winter 2015
Welcome to the second issue of InView where we focus on the highly topical and hugely important issues surrounding technology, including cyber risks.
Welcome to the second issue of InView where we focus on the highly topical and hugely important issues surrounding technology, including cyber risks.
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Issue 2 | <strong>Autumn</strong>/<strong>Winter</strong> <strong>2015</strong><br />
19<br />
Insurers handle ever greater quantities of personal data in their<br />
day-to-day operations – so it has never been more important to<br />
ensure they have watertight legal compliance systems. The age<br />
of Big Data is upon us.<br />
Effectively protecting personal data is critical to the success<br />
of insurers, self-insureds and intermediaries. As a major asset,<br />
personal data must be safeguarded and utilised properly, in<br />
accordance with strict legal requirements.<br />
The service launched in December 2014 illustrates how data<br />
protection issues can be successfully managed to deliver real<br />
and sustainable benefits for multiple stakeholders.<br />
The revolutionary government-backed scheme was launched by the<br />
Association of British Insurers’ (ABI), Motor Insurers’ Bureau (MIB)<br />
and Driver and Vehicle Licensing Agency (DVLA) to provide the motor<br />
insurance industry with secure access to accurate driving history<br />
information. All data will be routed through the MIB Hub which is<br />
expected to receive, and respond to, tens of millions of requests<br />
every day.<br />
The function of MyLicence – to provide insurers with access to<br />
electronic driving records – threw up a number of legally complex<br />
questions and Weightmans was asked to advise the MIB on data<br />
protection, IT and contractual issues during negotiations, and after<br />
the launch of the system.<br />
MyLicence is about data sharing, as opposed to data flow, which<br />
meant there were numerous legal issues for both the MIB and<br />
DVLA. One of the areas we were involved in related to advising on<br />
how information could be legally shared between the parties, while<br />
complying with the Data Protection Act 1998 (“DPA”).<br />
As a result of the successful resolution of these issues, MyLicence<br />
enables insurers to use the policyholder’s driving licence number<br />
to obtain data that helps to accurately assess risk and prevent fraud<br />
when dealing with new customers or policy renewals. This will<br />
benefit motor insurance providers and law-abiding motorists alike.<br />
The MyLicence initiative was launched in the context of the<br />
government’s commitment to upholding information rights in the<br />
public interest, as well as protecting the privacy of individuals in<br />
respect of their personal data. It also forms part of a series of digital<br />
services exemplar initiatives to remove red-tape and improve the<br />
government services available to the public.<br />
In an increasingly regulated environment, businesses in the<br />
insurance industry must be aware of their obligations under the<br />
DPA, the Privacy and Electronic Communications Regulations 2003<br />
and related legislation.<br />
This is because breaches of the DPA and the other data protection<br />
laws can lead to significant reputational and brand damage for<br />
defaulting organisations. In addition, the financial penalties that<br />
can be levied for breach of the DPA are becoming increasingly<br />
severe – as are a number of other possible negative consequences,<br />
such as major reputational damage.<br />
On top of this, the European Commission has issued new and<br />
extensive legislative proposals regarding the protection of personal<br />
data. These are considerably more detailed and far-reaching than the<br />
current regime. Consequently, they are likely to increase the data<br />
protection compliance obligations of all organisations that collect,<br />
hold and process personal data as part of their operations.<br />
The main data protection issues include: access to and use of<br />
personal data and sensitive personal data; data sharing; data<br />
subject access requests; employment related issues; international<br />
data transfers; notification and general data protection compliance;<br />
privacy policies and compliance with the fair processing’’; personal<br />
data security breaches and notification; privacy and electronic<br />
communication issues; electronic marketing; and rules around<br />
cookies and cookies policies.<br />
Data protection is increasingly central to the activities of business<br />
across the insurance industry. While it is essential to protect your<br />
interests against the risks of regulatory mismanagement, there<br />
are also substantial commercial benefits for forward-thinking<br />
businesses prepared to innovate and develop their approach to data<br />
management. Utilisation of this increasingly valuable asset should<br />
be at the forefront of all business plans within the insurance industry.<br />
Big data is the future, however compliance is key.<br />
The launch of the MyLicence service earlier this<br />
year illustrates how data protection issues can<br />
be successfully managed to deliver real and<br />
sustainable benefits for multiple stakeholders.
Change language