GDPR for North American Insurers

Report Summary

GDPR for North American Insurers

Mitch Wein
Senior Principal

September 2018 - The European Union’s General Data Protection Regulation (GDPR) aims to allow individuals to exercise control over their data and stipulates rules for anonymizing and purging data upon request. Each EU member will create a national supervisory authority to enforce compliance. The law also applies to US firms that do business in the EU—and possibly to US firms that do business with EU citizens in the US. (The latter is subject to legal disagreement and will need to be tested in court.) US carriers must be aware of GDPR provisions and may need to take steps to comply. Further, the California Consumer Privacy Act of 2018 resembles GDPR, though the former is less stringent in some key areas.

This brief examines GDPR provisions and compliance concerns for North American Insurers. It also profiles a dozen vendors whose solutions address data governance and security.

How can we help?

If you have a question specific to your industry, speak with an expert.  Call us today to learn about the benefits of becoming a client.

Talk to an Expert

Receive email updates relevant to you.  Subscribe to entire practices or to selected topics within

Get Email Updates