New data access bill has the power to ’drive efficiency and economic benefits’, says head of analytics, claims and underwriting
Lately, I have been receiving bogus calls from a housing repair firm, stating that I am eligible for a substantial claim.
When I asked how the caller got my number, they said that my details were on the firm’s centralised database – however, at no point have I signed up for this service.
This got me thinking about how firms share personal data with third parties – a timely consideration which coincided with new draft legislation from the UK government to liberalise the accessibility of data.
The Data (Use and Access) Bill (DUAB), which was introduced into the House of Lords on 23 October 2024, aims to revamp current laws on data protection and digital information post-Brexit.
The House of Lords explained that the bill ”seeks to enable data to be used and accessed to grow the economy, improve public services and make people’s lives easier”.
The Department for Science, Innovation and Technology added that the bill is estimated to ”bring an estimated £10bn boost to the UK economy across 10 years” through the use of ”new smart data powers and the National Underground Asset Register, [which] will drive economic growth across the UK by improving the way consumers, businesses and asset owners can safely share data to help workers and the public make more informed decisions”.
Smart data refers to the secure sharing of customer data with authorised third parties.
The DUAB – which removes the need to explain in writing why an individual’s personal data has been accessed or disclosed – is set to replace the Data Protection and Digital Information (DPDI) Bill. This failed to be enacted when parliament broke up for the general election in May 2024.
But what is the impact will the DUAB have on the insurance sector?
‘Good news’ for the UK
The DUAB’s second reading in the House of Lords occurred on 19 November 2024.
Matthew Geyman, managing director at information technology provider Intersys, told me that it is still “early days” in the DUAB’s legal journey.
For him, the legislation contains “sensible changes related to automated decision-making and so presents a lower probability of threatening the European Union’s (EU) adequacy decision relating to the UK’s data protection legislative framework”.
He continued: “This can only be good news for UK businesses and the insurance sector given the vast corpus of information available to it and the increasing importance of cross-border data transfers.
“At first glance, the DUAB appears to scale back some of the more contentious areas of the previous government’s DPDI.”
Insurer positives
There are “many positives for insurers” arising from the DUAB, according to Nutan Rajguru, head of analytics, claims and underwriting at data analytics firm Verisk.
For example, ”it’s welcome news that the government is introducing a standard around digital verification services. This could help insurers in the fight against fraud”, she explained.
Read: Briefing – Who’s afraid of open insurance?
Read: Richard Tomlinson – Tackling the big problems around data and insurance
Explore more regulation-related content here or discover other news stories here
Geyman agreed that the DUAB’s detail on digital verification services “appears to seek improvements in the certainty around individual online identity, [providing] the opposite of a ’free for all’ for big tech” firms.
For personal lines insurers, this could “more tightly verify the identity and personal history of an insured”, ultimately improving risk selection.
Vannessa Young, compliance, sustainability and advisory boards’ manager at trade association Biba, added that the DUAB includes changes to data subject access requests, so that controllers only need ”reasonable and proportionate efforts” to identify data.
“There is a fine balance to be had between firms’ ability to use personal data and data privacy rights. We will be following progress of this bill as it makes its way through parliament,” Young said.
Rajguru additionally flagged the DUAB’s expansion of the definition of “research”, which – moving forward – “allows for data to be used for commercial research purposes”.
Welcome changes?
Biba hopes that the DUAB and changes to data legislation ”will bring clarification around the permitted use of data”, Young said.
Rajguru added: ”There is, of course, the danger that increased use of online data will give rise to more cyber security attacks.
”The very welcome data changes, which can drive efficiency and economic benefits, must be implemented carefully with the proper investment in cyber security technologies.”
I personally believe that an update to data regulation has been long overdue and I am excited to see how the DUAB can benefit the industry.
No comments yet