Page 162 - CFPA-SCR-Award in General Insurance W01_2018-19_Neat
P. 162
10/10 W01/March 2018 Award in General Insurance
Classification of complaints by type helps to produce a statistical analysis of the volume of complaints,
their frequency and their source. In this way, companies can identify organisational weaknesses and
take remedial action to reduce complains in the future.
Question 10.2
Discuss the essential stages involved in a customer complaints procedure.
D Data protection
Many countries have laws and regulations that control the obtaining, use and storage of information on
private individuals. Within the European Union, the EU Convention for the Protection of Individuals has
rules relating to personal information and how it is used. For example, it does not allow personal data to
be transferred to a country or territory outside the European Economic Area, unless that country or
territory ensures an adequate level of protection for the rights and freedoms of individuals in relation to
the processing of personal data. New legislation, the General Data Protection Regulation (GDPR), will
come into effect across the EU in May 2018. This seeks to simplify and address gaps in existing
legislation.
Activity
Are there rules and laws on how personal information is handled where you operate? What are these? How do they
affect the way you do your work?
Whether there is a specific law or not, the correct handling of customer data makes good business
sense. This also applies to confidential information about your customer’s business. Therefore, in this
section we will look at some general principles of good practice around the use of personal and other
confidential data.
Confidential information can be:
• Corporate data: this can include relevant details of customers, suppliers, products, payments made to
employees and financial information on the company itself; and
• Personal data: this relates to individuals (clients, prospective clients or employees) and may include
name, address, occupation, salary, insurance history, medical history, criminal record and details of
dependants and other more sensitive information on their ethnicity, sexuality or religious beliefs.
In some organisations, when new staff are recruited, they are required to sign a non-disclosure
agreement. This is because they may view or work on particular confidential information during their
employment. This agreement then becomes part of the contract of employment made between the two
parties. If the agreement is broken, the employee can be dismissed for gross misconduct.
Principles for data protection:
• Obtain the individual’s permission to use and store their data.
• Only process personal data lawfully and for lawful purposes.
• Make sure that it is accurate and up to date.
• Do not keep it for longer than is necessary.
• Do not obtain more information than you need for the purposes for which you require it.
• Keep the information secure, guarding against unauthorised or unlawful access or use.
• Keep the data safe from accidental loss, destruction or corruption.
Organisations which have global offices need to ensure the appropriate security measures are in place
to protect the rights and freedoms of data subjects.
10
Chapter
