When it comes to GDPR insurance brokers have an important role to play, they are in a great position which allows them to help educate their clients on the regulations with useful information and practical tips which can easily be put into practice. Forward thinking insurance brokers should to be making clients aware of the implications of GDPR specifically regarding their awareness of the data they hold and how they can analyse the risk they face holding and processing the data.

There are six key themes brokers might want to focus on when deciding how they can help their clients are covered briefly here;

1. Data - What do we mean by data? The GDPR applies to ‘personal data’ which means information relating to an identifiable person i.e.name, location or IP address. The GDPR refers to sensitive personal data as “special categories of personal data” including genetic data, and biometric data where processed to uniquely identify an individual. The regulations also apply to automated data and manual records or filing. Who is responsible for data within the company?

2. Accountability - firstly, are you registered with the Information Commissioners Office (ICO)? If not, this needs to be addressed quickly. Secondly, why do you need to process the data and how and where are you storing the data? Is that information secure and are you sharing it with other companies or third parties?

3. Consent - Do you have a lawful and legal basis for collecting the data? i.e. consent, legitimate interest, contract. Can you demonstrate consent was given? If not, have you got a process for refreshing consent if they do not meet the GDPR standards?

4. Deletion - How will you respond to a request to delete the data? Have you got a clearly defined process for responding to a deletion request?

5. Portability- How will you respond to a request to produce the data to a client? Are all your staff trained and could they competently respond to request to produce a client’s data?

6. Data Breach - Do you know what advice you would give a client if they have suffered a data breach? Is everyone in the business trained?

It could be argued that brokers face a potential Professional Indemnity exposure if they are not offering clients assistance with their GDPR processes and compliance and by applying the same approach to their own compliance they could add real value in helping clients understand the impact of GDPR and help them unpick the legislation and apply it to their own businesses.

For a free copy of my GDPR checklist you subscribe here on the website.

Disclaimer This document is created from my own research and reading available at time of writing. I am not a GDPR expert and the information contained in this document should be used for guidance and should not replace your own due process, compliance regime or sign off process.

#Operations #GDPR #Consultant #Entrepreneurs #InsuranceBroker