The Regulation on the Collection, Storage and Sharing of Insurance Data Entered into Force
The Regulation on the Collection, Storage and Sharing of Insurance Data (Regulation) entered into force through publication in the Official Gazette dated 18.10.2022 and numbered 31987.
Some of the important provisions introduced by the Regulation are summarized below:
- The Regulation sets out the procedures and principles regarding all kinds of processing performed on insurance data, such as obtaining, storing and using insurance data, as well as the procedures and principles regarding the sharing of such data. Data on insurance contracts, policyholders and insurance companies who are parties to the insurance contract, insured, beneficiaries and other third parties who directly or indirectly benefit from the insurance contract, and all data based on risk assessment, including unfair insurance practices, are insurance data.
- The Regulation defines insurance data and states that such data will be collected by the Insurance Information and Surveillance Center (Center) and kept in a general database. Institutions listed in the article 5 of the Regulation are obliged to provide insurance data requested by the Center. Furthermore, according to the Regulation, insurance, reinsurance and pension companies engaged in insurance activities are obliged to become a member of the Center and keep the general database up-to-date.
- The Regulation introduces various procedures and principles for the sharing of production data, damages data, unfair insurance practice data and arbitration system data as well as keeping them in an up-to-date database.
- In terms of sharing insurance data, general data sharing rules and procedures and rules concerning the sharing of data on unfair insurance practices, data sharing with insurance experts and data sharing with authorized users have also been determined.
- The Regulation sets out the main objectives for insurance data usage and clarifies the objectives for which the Center may use the data in its general database.
- According to their relevance, member organizations are insurance, reinsurance and pension companies with which the Center shares data. Specialized organizations are the Association of Insurance, Reinsurance and Pension Companies of Turkey and its subsidiaries, the Pension Monitoring Center, the Turkish Catastrophe Insurance Pool, the Agricultural Insurance Pool and institutions and organizations operating in the field of insurance and private pension.
- Various obligations of member organizations, specialized organizations and authorized users regarding data transfer to the Center and the scope of these obligations are stipulated by the Regulation. The obligation to give information is one of these obligations and the sanctions for non-compliance with this obligation are set out in detail in the Regulation.
- It is emphasized that in personal data processing activities carried out within the scope of the Regulation, it is obligatory to comply with the procedures and principles set out in the Personal Data Protection Law No. 6698 and the legislation put into force based on this Law.
All rights of this article are reserved. This article may not be used, reproduced, copied, published, distributed, or otherwise disseminated without quotation or Erdem & Erdem Law Firm's written consent. Any content created without citing the resource or Erdem & Erdem Law Firm’s written consent is regularly tracked, and legal action will be taken in case of violation.
Other Contents
With the decision of the Personal Data Protection Board (Board) dated 06.07.2023 and numbered 2023/1154, the “annual financial balance sheet total” adopted by the Board as an exception criteria to the obligation to register to the Data Controllers’ Registry has been increased from 25 million Turkish Liras to...
The decision by the Irish Data Protection Authority (Authority) dated 12.05.2023 on Meta Platforms Ireland Limited (Meta Ireland) (Decision) has been announced on 22.05.2023. Pursuant to the Decision, an administrative fine of 1.200.000.000 Euros was imposed on Meta Ireland...
On 05.08.2022, the Personal Data Protection Authority (“Authority”), published Guideline on Banking Sector Good Practices Regarding the Personal Data Protection (“Guideline”). The purpose of the Guideline is guiding data controller banks regarding the personal data processing activities carried out...
On 14.07.2022, the European Parliament Research Service published a briefing (“Briefing”) for the impact assessment (“IA”) of the regulation of the European Parliament and the European Council on harmonised rules on fair access to and use of data (“Data Act”), submitted on 23.02.2022...
The Regulation on Processing of Land Registry and Cadastre Data and Transactions Held in Electronic Environment regulating the procedure and principles regarding the process of the data in the Central Database of the General Directorate of Land Registry and the transactions held in electronic...
The Regulation on Process and Protection of Personal Data by the Social Security Institution (“Regulation”) entered into force through its publication in the Official Gazette dated 19.02.2022 and numbered 31755.
Regulation on Processing of Personal Data and Protection of Confidentiality in the Electronic Communications Sector was Published
The Personal Data Protection Board Ex-Officio Initiated An Investigation against WhatsApp
The Personal Data Protection Authority’s New Resolution
The Board’s Decision Regarding Registration Obligation of Commercial Enterprises Affiliated to Associations, Foundations and Unions to the VERBIS has been Published
The Personal Data Protection Board Announced Its Decision Regarding the WhatsApp Investigation Initiated Ex-Officio