Information Law in the Insurance Sector

The insurance sector is powered by the flow of data. At the core is information about individuals, particularly your customers and employees. Misuse of data and ignoring the rights of data subjects can cause significant damage, both in terms of financial loss and damage to your brand. With fines for data protection breaches set to rise to 4% of a company's annual worldwide turnover under the proposed General Data Protection Regulation, and the power of the FCA to fine regulated companies unlimited amounts for inadequate systems and controls, data protection has risen to the boardroom agenda.

The insurance sector may have been a slow starter to Big Data and new technologies, but we now see our clients purchasing technology and expertise, which is enabling them to incorporate new types of information from inside and outside an organisation in order to improve underwriting, claims handling and provide more bespoke cover and marketing to insured's and prospects. Data scientists are now a standard recruit amongst our insurance client base. We help our clients to harness the power of the data they hold whilst ensuring they are acting in accordance with legal and regulatory requirements, as well as maintaining customer trust.

Many of our insurer and broker clients are part of insurance groups operating and implementing data processing systems on a global basis. We recognise our clients need a cost effective, seamless solution for handling these global projects and pragmatic, commercial solutions to implement these systems in compliance with the plethora of data protection laws and requirements across the globe.

We are currently working with many of our insurance clients to assess the impact the General Data Protection Regulation will have on how data is used in their business, and are steering our clients on a two year implementation programme to overhaul their compliance programme, and implement the changes required to data processing activities as a result of the new law.

What we do

We provide a one stop solution for our clients' data protection advice needs, drawing on the experience and expertise of our regulatory, IT and insurance distribution colleagues. From drafting advice and opinions, conducting privacy impact assessments and audits, and advising on global data processing projects, to advising on data protection clauses in your contracts, our advice is focussed and takes into account the market practice and specific challenges of the insurance sector.

Queries range in size, from the very small, when all it takes is a quick call to us, to the major strategic projects, involving data protection advice being obtained and distilled on a global basis – we have experience of dealing with them all.

We are also the first choice law firm for insurers who indemnify data protection and cyber risks. We advise both insurers and policyholders who suffer data breach incidents. For further information on this please see our Cyber and Data Risk page.

We share our knowledge and expertise by producing a monthly data protection client alerter focussed on the legal and regulatory requirements of the insurance sector. To sign up please click here.

What we are known for

Our market-leading dedicated insurance sector data protection team deals with queries and projects for our unrivalled insurance client base on a daily basis. Our clients instruct us, knowing that our vast industry knowledge and awareness of market practice means we will provide a pragmatic solution in line with legal and regulatory requirements.

We are also instructed for our expertise in coordinating global data protection compliance projects. We have formulated a panel of handpicked data protection specialist law firms in jurisdictions across the world to provide our clients with a seamless global advice. This comprises of DAC Beachcroft offices across the world and a panel of bespoke best friend law firms.