GDPR provides two issues for the insurance industry to face:

1. A Regulation issue. This is all about compliance and making sure that insurers are able to meet the requirements of the legislation. Not as easy as it sounds, this will have to include what organisations think it is now, what it will become as legislation matures, how case law and breaches set the direction of acceptable practices and the different application of this in different jurisdictions (this is only a minimum harmonisation directive). Those who get this wrong face extreme fines, being overwhelmed with GDPR requests and damage to brand value, potentially threatening their entire future. Delivering a hard coded, tickbox solution to this problem will be technological death.

2. A Revenue issue. GDPR gives insurance organisations a great opportunity to fundamentally change interactions and the relationship with their customers. Those who get it right stand to gain in brand value, long term customer loyalty and the ability to have customers self-certify the quality of the data held on them - a massively value set of characteristics. Delivering agile, rules based, case management solutions to this problem will give insurers every opportunity to not just meet regulation but exploit it.

GDPR has all the hallmarks of a watershed regulation which could separate the data winners from the data losers.