Book traversal links for Article (9)
Article (9)
IA-BOD-RES 18/2020 Issued on 27/4/20201- The company shall maintain the confidentiality of the Electronic Information obtained through the website, and shall not disclose this information to any other party except by judicial or security order. Accordingly, the company shall establish the necessary procedures and controls to maintain the confidentiality of information.
2- The Company and Related Professions shall ensure the security and integrity of the information provided through its website, through applying the measures and criteria determined by the competent authorities in the state, including storing data inside the State and in the cloud.
3- The commitments of the Company and Related Professions and persons responsible of such for maintaining the confidentiality of Electronic Information pursuant to this Regulation shall remain in force and indefinite.
4- The Company and Insurance-related Professions shall protect the confidentiality of personal data and shall not share it with third parties, except within the scope of the provisions specified in this resolution. Further, the Company and Insurance-related Professions shall not disturb customers when promoting products by SMS or frequent emails, unless with prior approval of the Customer for that.
5- establish different levels of supervision and control of the electronic insurance operations carried out through its website as follows:
A. Application of the minimum security measures and procedures to prevent the alteration of content of the fixed information displayed on the website by unauthorized individuals.
B. Taking security measures and procedures to protect the shared Electronic Information with customers or visitors of the website from alteration, theft or illegal usage.
C. Application of measures and procedures and provision of the latest technologies and programs to ensure the security of the payment transactions carried out through the company's website, by using payment systems that are adopted and licensed by the Central Bank of the United Arab Emirates for paying the amounts of issuing or renewing the insurance policy.
6- The department responsible for the website shall supervise the design, implementation, follow - up and update the security system of the Company’s website.
7- The Company and Insurance-Related Professions shall establish the necessary measures to deal with emergency cases or disasters. They shall also maintain backup copies of all data and Electronic Information displayed or obtained through their website and shall establish a clear mechanism for restoring the website systems in case of failure of one or more elements of the automated system of the website.
8- Insurance companies and Insurance-Related Professions shall take the necessary measures to prevent any viruses from accessing devices, networks, and databases through which the data of customers or visitors to the website may be leaked, whether such thing happened intentionally or unintentionally. They shall also take the necessary measures to not use any storage tools, disks, software, or networks containing viruses, whether such thing happened intentionally or unintentionally.