The General Data Protection Regulation (GDPR for short) is the biggest change in data protection laws for 20 years – and will affect businesses of all shapes and sizes.
Here’s an overview of what we’re doing at Aviva for Advisers to prepare – and what you need to know.
What is GDPR?
Put simply, it’s a new set of rules designed to give EU citizens greater protection where their data is concerned. Under the regulation they’ll have more control over how organisations use their data. It’s also intended to simplify regulations for businesses by putting a single, unifying the data regulation in place across the EU.
Under GDPR, organisations will have to make sure they have a lawful basis for collecting and using personal information and will be obliged to protect it from misuse. If they don't, they'll face penalties.
The rules apply to any business that collects, stores or processes the personal data of EU citizens, which means it will also affect many companies outside the EU.
What are Aviva doing about it?
As you’d expect, we’ve been running a large programme for some time, looking at every aspect of the regulation, to ensure we’re compliant.
We have a full understanding of our data estate and have documented all personal data. This means we can make sure it’s stored securely – and that it’s held for no longer than necessary. We’re also reviewing existing processes and creating new processes, where needed, to ensure that all data subject rights can be fulfilled. And we are working with our ‘data processors’ and ‘data controllers’ to ensure they are making the same preparations to comply by May 2018.
Finally, as you may already know, we’re updating the terms of business advisers signed up to when they register for Aviva for Advisers. These changes will ensure our terms are compliant with the new rules.
What do I need to know?
If you have an Aviva for Advisers account, we’ll email you in the coming weeks to let you know when our updated terms of business are live.
It’s important you’re aware that when you submit business with us on these new terms, you’ll be agreeing to be bound by them. This will happen automatically when you submit new business once the new terms are in force.
If you have any questions or concerns, please get in touch with your usual Aviva contact or email us at askGDPR@aviva.com