Insurance EuropeInsurance Europe
Position Paper
Comments on the monitoring of codes of conduct under the GDPR

Codes of conduct will provide insurers with an important tool to ensure compliance with the General Data Protection Regulation (GDPR) provisions. They provide the possibility to address the specific features of the insurance sector and they could facilitate the understanding and, thus, the application of the GDPR. Several national insurance associations, therefore, already established codes of conduct before the entry into force of the GDPR or are reviewing their existing codes.

Drawing up a code of conduct is, however, a lengthy process that requires significant effort and resources, and close cooperation with supervisory authorities. The industry needs clarity on the preconditions for the approval and implementation of a code of conduct.

Therefore, Insurance Europe urges the European Data Protection Board (EDPB) to issue guidance to clarify as swiftly as possible that the approval and implementation of a code of conduct does not require the establishment of a monitoring body pursuant to Article 41 of the GDPR.

Published 12 July 2018
Related items
Data processing is key for insurers and consumers...
William Vidonja
William Vidonja
Head of conduct of business