When it lost a backup tape in South Africa that contained volumes of data on policyholders, Zurich Insurance PLC, part of the Zurich Financial Services Ltd. group of companies, violated the UK Data Protection Act, according to the UK Information Commissioner’s Office (ICO). As a result, the ICO asked Stephen Lewis, the London branch manager of Zurich Insurance, to sign an agreement that ensures any future movement of backup tapes include appropriate security procedures, including the use of encryption.

Zurich Insurance has openly pledged to improve its information security. The back-up tape, which also contained personal details of 1,800 third-party insurance claimants from the UK, was lost by Zurich's South African sister company during what was described as a routine transfer to a data storage facility in South Africa in August 2008. A total of 51,000 British records were resident on the tape. Zurich's UK arm wasn't informed about the problem until a year later, according to reports.

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access