Data privacy and cybersecurity are topics that continue to be of interest to many industry players. This is due to the increased implementation and management of global databases, outsourcing, litigation, internal investigation and crisis management concerns, all of which trigger a variety of privacy and security compliance issues.
Although much of the regulatory focus has been on data protection and privacy in the region, notorious cyber attacks on financial institutions have incentivized regulators to set standards on risk identification, assessment, mitigation and crisis management. At this stage, the regulatory landscape remains fragmented. Each country in Asia Pacific has prescribed requirements with local nuances. The practicality and level of enforcement differs from one country to another.
While the innovation of the insurance industry in embracing insurtech has harnessed new market opportunities and increased growth, it has also had an impact on internal core processes, which radically increase the risk of data security breaches. Utilization of social media platforms to enhance service offerings also adds to this risk. Controversies surrounding the wider range of non-traditional data and related analytics are anticipated to arise.
Our new Asia Pacific Guide to Data Protection and Cybersecurity for Insurers provides an overview of the regulatory environment comprising of risk management, data transfer, outsourcing requirements, data retention, data security, and data breach management across 11 jurisdictions in Asia Pacific. This guide can help not only multinational insurance companies in managing operations across the region, but also local insurers that are looking to expand their presence into neighboring countries.