GDPR and its influence on Insurance Companies in Montenegro

Deloitte and NBOCG organized Conference for insurers

Podgorica 24th September 2018

In Hotel “Centre wille” u Podgorica GDPR Conference has been held, organized by Deloitte and National Bureau of Montenegro insurers (NBOCG).

The representatives of Generali osiguranje, Wiener Stadtische životno osiguranje, Sava Osiguranje, GRAWE Osiguranje, Lovćen osiguranje, UNIQA Osiguranje, Swiss osiguranje, Supervisory Authority (ANO), NBOCG and Deloitte participated in this Conference.

GDPR (General Data Protection Regulation) EU regulative related to companies from non EU countries. All legal entities are obliged to comply with the regulative. The consequences for non-compliance may result in fines in the amount of 4% of the total global annual turnover of the Company or 20 million EUR, whichever is higher. The development of strategy and taking actions aiming to fulfil new demands; review and modify internal business processes and applications for the use of new system for protection of data and process.

Boris Šaban, executive manager of NBOCG stated that it is recommended to insurers in Montenegro to recognize how GDPR relates to them and to fulfil requests, especially considering that a new Personal Data Protection Law is being prepared and it will be in accordance with GDPR.

«The representatives of insures have learnt, during semidiurnal workshop, the possible implication for the business of insurers in Montenegro” – concludes Šaban.

Igor Denčić, a lawyer and specialist for GDPR, has given a presentation during the first part of the Conference. He informed representatives about general principles of new European Directive and afterward presented an overview of Montenegro regulative and GDPR specifically as regards to the insurance market. He stated that GDPR or General regulative for personal data protection standardizes and harmonizes personal data protection on the territory of EU. 

There are two data categories: personal data (everything that may identified a person) and special categories of personal data (religion, nationality, race, sexual orientation, syndicate memberships…). The territorial application of the Directive relates to all controllers and personal data handlers within EU, regardless where the handling is performed – in or outside EUR. The objectives of EU GDPR is to protect individuals and their personal data, that is, their handling as well as to regulate the freedom of movement of such data. Furthermore, this Directive protects the basic rights and freedom of individuals and specifically their rights to personal data protection and to guarantee free movement of personal data within EU” – Denčić also stated.

The second part of the workshop related to IT technologies and the role they will have in the implementation of new regulative. It has been stated also that to harmonize GDPR it is necessary to perform legal analysis, IT analysis and security analysis.