Global Insurance Company PII Inventory Case Study

This case study details the collaboration between a global insurance company and CIMCON to identify personally identifiable information (PII) within end-user controlled files to ensure compliance with the EU General Data Protection Regulation (GDPR). The company, which has over 17 million customers, sought assistance in scanning its 35 million shared files to locate PII, including sensitive data such as credit card numbers and tax IDs. CIMCON utilized its EUCInsight Discovery tool to perform an initial fast scan of selected folders, generating a report on the number and types of files present. Following this, detailed scans were conducted, resulting in the identification of 1,160 files containing PII. The findings enabled the insurance company to estimate the resources required for a comprehensive scan of all files, facilitating timely remedial actions to protect customer data and mitigate risks associated with GDPR compliance.