The OIC Secretary-General, Dr. Suthiphon Thaveechaiyagarn, stated that the EU’s General Data Protection Regulation or the GDPR has launched to regulate and protect the personal data of EU’s citizens, no matter where the data is generated. Effective from May 25, 2018, such law abides not only applying to EU countries but also impacting broadly to all sectors especially the financial and insurance sector in relating to EU citizens. It inevitably needs to conform to such law. For the similar regulations in Thailand, the law has been under the process of drafting the Personal Information Protection Act BE ..... which expects to publish and enforce soon. This will apply to Thai business entities which use customer personal information for their business have to comply with the requirements as mentioned in this drafted law and the EU General Data Protection Regulation or the GDPR.
The OIC secretary-general of the Office of Insurance Commission further identified that the insurance companies need to be aware and ready to encounter the changes efficiently. It is necessary for the OIC on the dissemination of knowledge, guidelines and important issues related to the drafted personal data protection law and the EU GDPR. Organized by OIC on October 8, 2018, and presided over the seminar of "Preparedness of insurance companies to meet the requirements under the (EU) General Data Protection Regulation (GDPR)", the seminar reminded the insurance companies of the awareness and preparedness to cope with change efficiently. Earlier time, the experts from Baker & Mackenzie Co., Ltd. has been sharing their knowledge and experience on the important provisions of the Personal Data Protection Act BE ...., and the importance of the EU’s General Data Protection Regulation or the GDPR that may affect the OIC insurance business. Later time the workshop provided details of the preparedness of insurance companies in dealing with drafted laws and regulations. More than 100 participants from the Thai General Insurance Association, Thai Life Assurance Association, and Life & Non-life insurance companies attended.
The workshop has created the awareness of personal information to the Thai insurance industry. The insured has to give written consent, based on the provisions of the Personal Data Protection Act BE ....., clause 19 and 27. This law would also cover the juniors aged under 10 years, whose consent required from the lawful guardian under clause 20(2). This includes the case that the customer or the insured person is a citizen of the European Union, although the insurance contract has with Thai insurance companies while living in Thailand. Moreover, any EU insured person returns to home country and claims for medical remedy from a Thai insurance company, it has to comply with EU GDPR on information secrecy.
"This Seminar on knowledge of General Data Protection Regulation (GDPR) and Draft of Personal Data Protection Act BE .... make the concerned parties of the OIC, the Thai General Insurance Association, Thai Life Assurance Association, and the life and non-life insurance companies who possess the personal information on hand, understand the relevant rules and responsibilities and not to violate the rules. It is also a good opportunity to enhance personal information control, security standards and the insured information management to make the Thai insurance industry consistent with the international law,” the Secretary-General said finally.