The GDPR consultation period will close today, with insurers at “various levels of preparedness”

The Information Commissioner’s Office (ICO) will close the GDPR consultation period today, with almost seven months to go until the GDPR passes into law on 25 May 2018.

The ICO guidelines will set out company and third party liabilities when receiving and using customer data belonging to European citizens.

All firms will be liable, with fines of up to €20m (£17.9m) or 4% of global turnover enforceable where data is misused.

Analytics and operations management company EXL’s head of UK Nigel Edwards says that he has seen insurance companies operating at “various levels of preparedness” where it comes to incoming GDPR regulation.

Edwards commented: “The end of the Information Commissioners consultation period is a key date as it puts the burden of action onto individual firms to become compliant.  Insurers, due to the global nature of the industry, have the challenge of managing data silos across geographical boundaries and thus have a responsibility to ensure that all data-processing parties are able to respond to the new rules that GDPR will introduce.”

Edwards identifies potential pitfalls for insurers in becoming too reliant on guidelines and shirking agility in facing up to regulatory burden.

Innovation may pose problems for insurance companies, suggests Edward, with new data-driven technologies such as telematics and geo-location raising more questions for companies in the context of the GDPR framework.

The Government’s proposed GDPR bill has previously drawn ire from Clyde & Co senior associate Isabel Ost, who said the bill would “severely impact insurers’ current business models.”