Data Protection / Security - Insurance Sector
The Trust Challenge

Key obligations in brief

The Information Technology Act, 2000 (IT Act), along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) rules 2011, define the data protection regulations in India. If any entity collects or processes sensitive personal data pertaining to an individual, it must establish a privacy policy.

Further, the Insurance Regulatory Development Authority of India (or IRDAI) has come up with various regulatory provisions, relating to consumer data protection, which is applicable to Insurance companies in India, few of these key obligations are:


Total confidentiality, privacy, and security of policyholder information and claim data (“Know Your Data”).


Data storage in centers located & maintained in India (“Data Localization”).


Outsourcing of activities by Insurance companies: Policyholders' interests are to be protected, by following appropriate practices to mitigate the risk involved with outsourcing / third parties (“Third Party Data Sharing/Privacy Intelligence”).


Handing data subject requests (referred to as “DSR’s” - correction, updation, deletion, etc.,).

Ardent Privacy’s patented technology product “TurtleShield” is an ML and AI-powered enterprise software platform, that helps businesses discover, identify, inventory, map, minimize, and securely delete personal data. With TurtleShield, a business enterprise can turn a “Data Governance Program” into a “Profit Centre”.

The Trust Challenge





Outsourcing – Third-Party Administration (TPA ) Data Sharing.


Data Subject Rights fulfillment.

TurtleShield’s capabilities

This is achieved by a nimble and oil drilling-like approach to discovery: We create a global map of organizational data, which is subject to “data protection/privacy regulations”.

Globally data localization or sovereignty is becoming a standard regulatory requirement. We can create a global data inventory to facilitate a single pane of glass of personal or sensitive data based on geographies, enabling you to take necessary action proactively.

Often there are silos within entities or business and IT teams, and it is challenging to secure a holistic view of the data flow outside the organization and the data flow into the organization, especially when the data is shared with the third parties, like vendors, business partners and many more. We can create a data map, based on the data sharing, to facilitate you to take remedial actions, on the same.

Search capability in large datasets to fulfill data subject requests in totality and at a rapid speed. The assumption that data only exists in databases and nowhere else is often not a reality, as customer data exists in many sources. Using ML & AI we crawl across data sources and predict where PII can exist.

Problems Addresses

Featured News & Blogs

Be the first to catch our latest updates,
happenings and more.

Follow us