Data protection rules will be adequately protected through the registry to be set up against frauds in the insurance sector according to the Italian data protection authority.
The Italian data protection authority issued a positive opinion on the draft decree setting up a registry collecting information from different databases including information on the installation and activation of the so called black box tracking devices.
Through the creation of such database, the IVASS, the Italian insurance supervisory body, will be able to identify indicators of potential “anomalies” (i.e. frauds) in case of accidents reported to insurance companies. If an accident goes beyond such indicators, this will be notified to insurance company in order to enable the entire industry to limit the risk of frauds.
Interestingly, the data controller of the data stored in the database will be IVASS itself that will set forth, among others, the modalities of processing of the data, the security measures to be implemented in order to prevent their loss and the term of storage of such data that will be of 5 years for the performance of investigations on accidents plus additional 5 years for criminal investigations and the exercise of the right of access by individuals.
This approval from the data protection autority is welcomed since this is one of the very few databases of such kind in Italy which might be quite useful to prevent frauds. And indeed for instance it would be quite useful to prevent payment frauds or gaming frauds which increase more and more with the development of technologies.
We will see whether other sectors will follow the insurance sector.