Guardians of data: TruMe Life’s continuous quest for data protection

Abstract

Over the past decade, Indonesia has witnessed a surge in data breaches, raising questions about its data-protection approach. Notable breaches include those in the health, energy, utility, e-commerce, and financial sectors. Recognising this precarious situation, the government passed Law No. 27 of 2022 on Personal Data Protection (UU PDP) in 2022, emphasising individual data rights and promoting accountability among data controllers. This case study describes the data governance, focussing on the Indonesian insurance firm, TruMe Life (pseudonymised), which adheres to international standards and Indonesia’s UU PDP. This case underscores the criticality of robust data governance in ensuring compliance and operational efficiency and bolstering customer trust in insurance, culminating in implications for research and industry practices.