California’s Data Privacy Law a Concern, Opportunity for Insurance Industry
This article has been posted with the permission of insurancejournal.com.
“The California privacy bill is a natural progression of GDPR,” said Jeff Brown, vice president of Imprezzio, a technology software company that serves the insurance industry. “We believe this measure was accelerated by (Facebook founder and CEO Mark) Zuckerberg’s Congressional testimony on the use of consumers data and the strong desire by consumers to understand and control their data – it is a social rights issue.”
Brown is advising companies that collect data in California or in Europe to consider creating a new position, which he calls a data protection officer, to help companies deal with the new law.
“Make sure this person has the expertise you need,” Brown advised. “They can help you redesign what consent and disclosure looks like for your customers. Consumers will need to check a box (or its equivalent) for every single use-case you have for their data. They need to be able to select those they agree with and decline those they don’t, and you need to be able to comply and track their preferences in your systems.
He also advises that companies consider what third-party providers are doing as well.
“Remember, if a third-party is not able to prove their GDPR compliance, the work they do for your EU data is illegal,” he said. “Audit your third-party providers and re-evaluate service level agreements.”