Dutch  |   English

GDPR in need for an effective digital strategy

Authored by: Washina Nizak- Associate Consultant, Business and Management Consultancy

By now GDPR is a well-known abbreviation within the insurance industry, typing this in Google shows about 5,640,000 results. This regulation will affect every organisation that processes EU residents’ personally identifiable information, no matter where it is based. The General Data Protection Regulation (GDPR), which will go into effect in May 2018, aims for more control of an immense data-driven economy. But this regulation is also a strong push for operational reform, by simplifying and de-cluttering the data landscape. Firms can become well-prepared in the midst of data protection regulation by leveraging innovative tools for their data compliance needs. While firms may worry about consequences associated with GDPR non-compliance, the regulation can be positively looked at as an opportunity for firms to improve their business pro-cesses.

The risks and impact
GDPR is regulating organisations across different departments, whether it is information securi-ty, HR, Vendor management, Marketing, or product development and accounting.

Currently, companies that gather immense amounts of data are free in what they do with this, resulting in a lack of data controls. Data is externally stored, and it is concerning multiple opera-tors (integrators, processors and sub-processors). There is risk for the actors regarding data leaks, which can be accidental (bugs), but also intentional (criminal hacking). There is a confusion of roles, for both the access and the use of the data. In a data-driven economy, outsourced data centers, employee monitoring, and client/human resources data is centralized at the headquar-ters, and cloud computing requires access to the data.

It is likely that an insurance company stores client information and insurance data for more than thirty years. Costs for storage and maintenance of this data are high, while a significant part of the data has little value. Issues may also arise when HR departments locally save data concerning confidential information about employees, medical information shared in internal communica-tion, or customer information that is analysed for marketing purposes. Employees using different personal and corporate services and devices makes it more complex to become compliant to strict data governance regulation. These are all examples of the risks that exist when data is not regulation and organizations are not aware of how they to treat their data.


Enter your details to download this article for free.

Voer de tekens in die op de afbeelding worden getoond.


Synechron, Inc. en / of zijn dochterondernemingen en groepsmaatschappijen nemen uw privacy serieus. Door uw informatie te verstrekken, meldt u zich aan om informatie te ontvangen over Synechron-services en gerelateerde marketing. Uw persoonlijke gegevens worden beschermd in overeenstemming met het Privacybeleid van Synechron. Door dit formulier in te vullen, geeft u Synechron uw toestemming zodat we u relevante informatie kunnen meedelen via e-mail, telefoon, uitnodigingen en andere digitale meldingen. Als u op enig moment uw toestemming wilt intrekken of uw profiel en voorkeuren wilt bijwerken, kunt u dit doen door hier te klikken of door rechtstreeks contact met ons op te nemen.