GDPR - Key challenges faced by the insurance industry | KPMG Ireland
Share with your friends
GDPR and the insurance industry




The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive.

This regulation imposes new obligations and stricter requirements on all organisations involved in the processing of personally identifiable data, emphasising transparency, security and accountability.


The primary objectives of the GDPR are to:

  • Institute citizens’ rights in controlling their personal data
  • Simplify the regulatory business environment by adopting a unified regulation across the EU


Failure to comply with the directive may result in:

  • Fines of up to €20,000,000 or 4% of total annual global turnover (whichever is greater)
  • Reputational risk
  • Individuals are also empowered to bring private claims against organisations where their data privacy has been infringed.