What is GDPR?
The General Data Protect Regulation (GDPR) aims to strengthen and unify data protection for all individuals residing within the European Union.
This regulation also concerns the export of data outside the EU, which means that any country – anywhere in the world – will need to comply if they process European data.
Businesses are required to initially comply with the GDPR, but also need to demonstrate continued compliance and be able to report on their data processing.
The GDPR came into effect on May 25th 2018. Non-compliance could result in fines of up to 4% of a company’s annual worldwide turnover or 20 million euros, whichever is higher.
The Information Commissioners Office (ICO) has stated that company Directors will be personally liable for failure to comply.
Principles of GDPR
Under article 5 of the General Data Protection Regulation, your business needs to demonstrate that your customer data is:
- Processed lawfully, fairly and in a transparent manner in relation to the data subject
- Collected for specified, explicit, legitimate and limited purposes
- Adequate, relevant and limited to what is necessary
- Accurate and, where necessary, kept up to date
- Retained only for as long as necessary
- Processed in an appropriate way so as to maintain security
How HUGHUB can help your business
HUGHUB is a customer-centric technology platform that places data at the heart of your business; resolving data siloes, unifying policy systems, tracking customers and their behaviour across multiple touchpoints and offering a consolidated view of the customer across all data sources.
HUGHUB insurance software vendors can help your business maintain compliance while achieving operational efficiency and delivering a better customer service.
A digital solution to drive your business.
HUGHUB. Your solution to GDPR compliance
HUGHUB Agent View provides your contact centre or branch advisor with a consolidated view of the customer and their product holdings as well as access to the full Single Customer View, which displays all previous customer interactions across multiple touchpoints.
Agent View enables you to demonstrate that the data you collect is processed and stored appropriately, as well as providing easy access to all of your customer data for GDPR compliance reporting.
The GDPR states that your customers must be able to review, amend, update, download and delete their data subject to statutory constraints.
HUGHUB’s ‘My Account’ ensures data accuracy and portability, allowing the customer to easily view all of the data held on them and request for downloads, amendments and updates to be made should their information change.
Under the GDPR, customer data should only be retained for as long as is necessary, or where it is a legal requirement. This requirement may vary by product, jurisdiction or changes in the law.
HUGHUB enables quote and policy data to be archived or purged based on a set of maintainable rules (including the relevant data retention period once a product has been cancelled or expired) or customer status.
In order to comply with the GDPR, you need to be able to identify what kind of data (personal or sensitive) your company collects and processes, as well as know what data should not be retained.
HUGHUB provides you with an administrative feature which classifies each data element as personal or sensitive and allows you to demonstrate appropriate governance over customer data. This ensures that only relevant data is collected for specified, explicit, legitimate and limited purposes.
Authorisation & control
The GDPR outlines that sensitive data must only be used for specified, explicit, legitimate and limited purposes.
When sensitive data is entered into HUGHUB’s rules-based engine, which drives communication and interaction with the customer, the action can require multi-tiered authorisation to verify the appropriate use of customer data. This ensures an additional level of precaution in the use of sensitive customer data.
The GDPR dictates that your customers must be provided with the ability to restrict or reject way in which their data is utilised.
Our Consent management feature enables your customers to tailor their transactional and marketing consent preferences, including product recommendations based on their profile, sharing of their data with other product providers and automated processing.
Privacy & statement messaging
As of May 25th 2018, you require explicit opt-in consent from your customers in order to collect, process and store their data.