Sending policy documents securely
With a large number of insurance brokers closing their offices and working from home during the Coronavirus pandemic, many brokers have told us it is becoming increasingly difficult to post out insurance documents to their clients. Some brokers have naturally resorted to sending out documents via email instead. However, doing so introduces significant security risks and could expose a broker to disciplinary action under the GDPR (General Data Protection Regulation).
Sending policy documents via email is a security risk
Although email is undoubtedly quick and cost effective, it offers very little in the way of security. Sending a client's policy documents via email can be likened to writing the information on the back of a postcard and putting it into a postbox, to be read by every single person who handles it on its journey to its destination. This allows a series of risks in addition to the obvious threat that the message is accidentally sent to the wrong person.
For example, a cyber criminal might have gained access to your email account in a phishing scam. Simply by accessing your "Sent emails" folder, they would be able to steal personal details from all policy documents attached to previously sent emails.
What about encrypted email?
To avoid becoming redundant as new systems emerge, the GDPR doesn't recommend specific technologies but it does make multiple references to encryption, particularly in Article 32 "Security of processing". Encryption is the process of locking information so that only approved users can access it. Often this involves scrambling the data with complex mathematical transformations so that it can only be read using the correct password or other credentials.
Organisations that handle large volumes of sensitive data such as the NHS often use encrypted email. However, for the majority of insurance businesses encryption technology for email is both too costly and too unwieldy to implement. Additionally, some encryption systems rely on the sender and recipient having compatible systems for the encryption and decryption process, something which the majority of insurance customers simply won't have.
What's the solution?
A cloud-based solution such as The Broker Portal offers far more security than email when it comes to sending sensitive policy documents. Specifically developed in the UK by Stack for insurance brokers and IFAs, The Broker Portal provides an insurance broker's clients with safe web access to their policy documents through a secure log-in, negating the need for postage altogether. There's no software to install - all that's needed is an internet connection and a web browser.
Members of staff upload policy documents to an encrypted online folder and then send the recipient a link to securely download the documents via their own self-service account. Documents can be downloaded from The Broker Portal's vault via an encrypted internet connection at any time of the day or night, 365 days a year. When the information is no longer needed, it can be safely deleted.
In addition to encrypted uploads and downloads, The Broker Portal's vault system ensures that documents are also encrypted while they are stored in the cloud. This provides maximum security and peace of mind for both brokers and clients alike and ensures that brokers are able to meet their GDPR obligations.
To find out how The Broker Portal can help your business, please contact support@thebrokerportal.com or visit the website: https://thebrokerportal.com
About the author
Phil Peters
Phil is responsible for the design and architecture of our digital services here at Stack and will be your primary point of contact when you get in touch with us. With 18 years of marketing and technical experience in financial services including insurance, share registry and salary sacrifice schemes, Phil delivers proven, high performance solutions for your digital requirements.