Save up to $2000 with perks for the heart.
Save up to $2000 with perks for the heart.
Enjoy up to 30% off travel insurance! Limited time only.
Differences between a cardiac arrest and a heart attack.

Conducting our Business Responsibly

Safeguard long-term stakeholder value through embedding responsible business practices and strong governance
Menu:
Cybersecurity and Data Protection
Fair Dealing
Financial Crime Prevention
Governance and Culture

Cybersecurity and Data Protection

Upholding our Legacy in the Digital Age

The security of our customers’ information and interests is critical to Great Eastern’s reputation and legacy as a trustworthy company. Cyber breaches and data loss can disrupt our customers’ services or lead to identity theft and scams. Great Eastern could face regulatory sanctions as well as customer lawsuits. Longer-term market share loss may result from eroded reputation and trust. As a result, cybersecurity and data protection are central to our technological implementation and roadmap.’

Our Management Approach

We recognise the need for a dynamic approach to stay ahead of potential risks in an ever-changing landscape of cyber threats. Our cybersecurity programme is reviewed annually to ensure its relevance and effectiveness and it is guided by a comprehensive three-by-three strategy.

facets of protection
angels of defense

Our Commitment to Action

Governance policies and security standards align with the prevailing regulatory requirements. They establish safeguards and processes for identifying, preventing, detecting, responding to and recovering from security and data breaches in our IT environment. We also have in place a third-party risk management policy and process to manage and monitor the risk of data breaches in the third-party services we use. Security and risk assessments are performed on IT changes and implementation. The Personal Data Protection Policy and Acceptable Use Policy govern users who handle customer data and IT assets.

To supplement our defence, we subscribe to cyber threat intelligence, which alerts us to impending attacks. We conduct regular vulnerability scanning and bug bounty events to proactively eliminate security flaws in our systems and software. We also conduct cyber exercises and phishing tests to evaluate the effectiveness of our security controls. As evidence of our strong data protection, we have earned the Data Protection Trustmark (DPTM) and the Cross Border Privacy Rules (CBPR) certifications.

Harnessing AI Safety and Responsibly

In the rapidly evolving landscape of technological innovation, we are harnessing the power and potential of AI to propel our business. The Board approved the inaugural AI Model Governance Policy in 2023 to ensure that we build and use AI in a human-centric and socially responsible manner, as guided by our AI Model Ethic Statement:

Fairness: We strive to ensure fairness in our AI models, both in terms of data set and model output, to preclude prejudices and biases in respect of local regulations, guidelines and cultural norms.

Privacy and Data Protection: We respect privacy and handle personal data responsibly and securely, adhering to applicable data protection regulations and best practices.

Sustainable Future: We endeavour to develop and use AI that supports our commitment to achieving a sustainable future for our business, stakeholders and communities. We use only legally and ethically acquired data sets for our model development and training.

Governance and Accountability: Our governance structure includes robust Board and Management oversight to ensure compliance with regulations and ethical practices. We take responsibility for assessing the impact of our AI deployment and actively tracking and addressing any harmful consequences that may arise.

awards icon

Data Protection Trustmark (DPTM)

Cross Border Privacy Rules (CBPR)

For more information, please refer to our 2023 Sustainability Report