The Data Protection Commissioner's (DPC's) 2012 annual report was published recently and contains some interesting insurance sector information. According to the report, 400 insurance organisations appeared on the DPC's register during 2012. Notably, the DPC states that there was an 8% increase in the number of entities appearing on the register in 2012. The DPC attributes this increase partly to a "targeted awareness campaign…on the insurance sector". Insurance-related case studies cited in the report demonstrated that insurers (and, indeed, other entities controlling/processing personal data) should clearly specify (and keep up to date) the purpose for which the hold the personal data references in their entries in the DPC's register of data controllers/processors.