Insurtech startups are springing up all over the place, and in a competitive business environment, many have to learn as they go. Luckily, international law firm Locke Lord LLP has offered its expertise in the areas of privacy and cybersecurity, in order to place burgeoning insurtechs on a more solid footing.
To give a general overview, Locke Lord LLP details that making privacy and cybersecurity part of a company’s competitive edge is the way to win favour in the market, especially considering that the industry for which insurtechs seek to develop and deliver solutions is ‘awash in requirements and restrictions related to the collection, use, sharing, and protection of data’. The company insists that, so long as an awareness of and sensitivity to these issues is displayed, an insurtech’s ability to attract interest will only improve.
To do this, the firm offers a few carefully considered pointers:
Know what data you collect and process. Having full visibility into your data collection and processing, the company explains, is key to staying in line with privacy and cybersecurity regulations.
Appreciate the rules of the road. Be aware that privacy and cybersecurity requirements are constantly changing and be sure to adapt to them. “You don’t need to be an expert in these requirements,” Locke Lord LLP says, “but you do need to be aware of them.”
Vet your vendors for privacy and cybersecurity. Ensure that third-party service providers are adhering to guidelines and abiding by applicable limitations on the use and sharing of data. And treat your cloud-based services as any other third-party service.
Anticipate due diligence requests. Customers want to be sure that you meet their demands for privacy and cybersecurity. Don’t give them a reason to doubt you; template requests and questionnaires for cybersecurity have been developed and published, and Locke Lord LLP suggests taking a look at those created by the ‘Big I’ association for independent insurance agents. Convey insight and familiarity with these requests and you’ll be sure to impress potential investors.
Finally, expect representations and warranties, and indemnities related to privacy and cybersecurity issues. Be prepared to respond to contractual provisions related to the privacy and cybersecurity requirements of insurtech customers embodied in representations, warranties and indemnities in your customer contracts. Make efforts to learn about what typical reps and warranties will look like to assure investors that you’ve done the legwork when it comes to privacy and cybersecurity.
So, there you have it, all excellent suggestions that will, no doubt, give insurtechs a running start to making headway in the market, while avoiding any nasty surprises. Be sure to make the most of these handy tips – failing to prepare is preparing to fail, after all.
Read Locke Lord LLP's original article here.