May 17, 2020

Data Protection - Insurance Agents Sub-Agents and Consultants

We are delighted to participate with Tecvault Ltd in a webinar for Members of PSEAD and to discuss the impact of the EU General Data Protection Regulation (GDPR) in the insurance industry.

This presentation is offered on a complimentary basis only to Members of PSEAD, with the purpose of raising awareness as to the obligations and ways of compliance for insurance agents, sub-agents and consultants in relation to the GDPR.

The structure of the presentation will be straightforward, short and specific. It will provide stakeholders with the necessary knowledge to understand the status of their organisation in relation to the GDPR and what their next steps should be.

For instance, according to an announcement of the Cyprus Data Protection Commissioner, and pursuant to findings of an administrative audit concerning the insurance sector, the following matters require development and assessment:

  1. Inclusion in Data Registries of the information stipulated in section 30(1) of the GDPR;
  2. Review of the information included in the Data Protection Impact Assessment (DPIA), in order to also receive information for the rationale leading to the conclusions of the initial assessment;
  3. Amendment of existing Agreements with data processors, in order for, amongst other things, determine the security measures maintained by data processors proportionally to the risk involved in the processing and nature of data requiring protection;
  4. Review of existing security Policy for physical files, in order for, amongst other things, include matters such as management of security incidents, process of erasure or destruction of data, security of communication and consequences of non-authorised access of users;
  5. Review of Documents provided to the public (clients and potential clients) in order to comply with the Recommendations of the Office of the Commissioner for Data Protection;
  6. Establishment of procedures (a) informing data subjects of their rights which can be exercised and (b) process of exercising such rights; and
  7. Review of system security measures.

Assessment and Compliance

We understand that the extraordinary circumstances have affected us all on a personal and professional level. Nonetheless this will pass, and we must be prepared for the next day. Many members have already received in order to sign or have already signed the relevant data protection agreement with the corresponding insurance companies, whereby it is agreed to comply with the provisions of the GDPR and applicable national legislation, and to apply the appropriate technical and organisational measures for processing personal information. Therefore, it is necessary for the members to undertake the respective evaluation towards compliance with the GDPR and their commitments with insurance companies.

Participation and Communication

Having first in mind the safety of our colleagues and clients alike as well as the public at large, our team continues to provide exceptional services with client focus, in relation to assessment and implementation advice under the GDPR and applicable national legislation.

Do rest assured that we remain well-positioned to assist you from start to finish with your data protection and privacy compliance, during good and bad times.

If you are a member of PSEAD interested to participate in the webinar, please click the following link to complete your details in accordance with our Privacy Policy.

Click here to submit your details and participate in the webinar:  https://bit.ly/3bHhDxo



Our firm helps SMEs and large organisations in a wide range of sectors to comply with the GDPR and national legislation.

Our associates Tecvault Ltd focus on technology and cybersecurity aspects to cover all angles of the necessary exercises, in line with the rapid shifts in technological disruption.

  • Data Protection & Privacy
  • GDPR Assessment & Implementation
  • Privacy Policy
  • Data Privacy Impact Assessment
  • Data Protection Officer
  • Data Security and Privacy Management
  • Technology
  • Cybersecurity

Please do not hesitate to contact us if you require further information or support on such matters.Data Protection Law Firm of the Year in Cyprus: 2020 Global Law Experts 11th Annual Awards

Copyright © 2020 K. A. Kourtellos & Co LLC
K. A. Kourtellos & Co LLC is regulated by the Cyprus Bar Association
magnifiercrossmenuarrow-up linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram