Failure to streamline processes in time for the arrival of General Data Protection Regulation (GDPR) could leave insurers increasingly vulnerable to disruptors including Amazon – which looks to be dipping its toe into the industry.
With GDPR ushering in stronger rights for consumers, including the concept of collective enforcement of rights, the industry will need to ensure it is behaving transparently, says Neil Wilks, head of technology at tech specialist Auger.
“The new GDPR provides a potential avenue for a collective enforcement of rights against giants of industry and tech that would currently be prohibitive for individuals to pursue alone. This is great news for customers but less so for large insurers, who may have been able to lever their legal expertise in a typical David-versus-Goliath scenario,” Wilks said.
Insurers will need to regularly engage with their customers to make sure they have continued consent to process their data under the new regulations, he went on to say. Processes will need to be streamlined and transparent so that all parties comply with any request within a reasonable timescale.
But for an industry still wrestling with legacy systems, a simple request to delete a subject’s data could prove time-consuming and challenging, according to the tech head.
“This highlights an accepted lack of agility in the industry, which makes it ever more vulnerable to innovative disruptors who are not handicapped in this way – or perhaps, more worryingly, giants such as Amazon who are currently circling the industry.
“They already have the systems and processes in place to handle GDPR with the ease and lack of friction that have made their other services so successful.”
Wilks pointed out that while disruptors in North America, such as the much-talked about
Lemonade, are utilising technology and AI to automate claims and sometimes settle within minutes, it could prove trickier in Europe.
“European counterparts who are subject to GDPR may have no such joy,” he said. “Article 22 of GDPR places restrictions based on automated decision-making processes, which allow a subject to challenge and request that an automated decision be reviewed by a human.
“For a customer whose claim is declined, their trust in an insurer could be eroded the minute they learn their decision was made by an algorithm, and they could be lost altogether should the human then reverse the decision.”
Related stories:
Marine insurer North P&I Club takes on GDPR preparedness
GDPR approaches: but is the insurance industry prepared?