Articles Tagged with GDPR

Published on:

The stopwatch is running. Companies are scrambling to figure out how the EU’s General Data Protection Regulation (GDPR)—due to go into effect on May 25, 2018—will affect how they do business.iStock-638619558-300x200 Uncertainty and speculation abound; no one knows exactly how the law will be enforced, particularly with respect to companies domiciled outside the EU, with no EU footprint, who process and hold the personal data of EU residents. But while publications are awash with advice regarding compliance, few tackle the question whether your business is protected against loss in the event of a data breach or other unintentional failure to comply. We strongly suggest that your due diligence include a review of your insurance coverage for GDPR non-compliance, especially for fines, penalties and lawsuits (individual or class action). Qualified coverage counsel should assist in the review, but key areas of focus include:

Coverage for Costs of Compliance

Many costs that companies will incur to comply with GDPR simply will not be covered by any insurance. Insurance is designed to respond to fortuitous loss or liability, not ordinary costs of doing business. Thus, for example, coverage likely is unavailable for expenses to adopt and implement data security measures, maintain required records, respond to individuals’ requests to access or delete their data, or hire a Data Protection Officer.

Continue reading →

Published on:

One thing is for certain: cyberattacks have become the norm, not the exception. Not even the NSA is capable of completely warding off security breaches. Major banking and retail institutions, as welliStock-479801118-data-breach-300x200 as the government, are not surprisingly the most likely targets because of the amount of sensitive and private data they control. Still, other companies outside these sectors must heed the warnings and not become the next cyber victim. Protecting against cyber vulnerability is not merely a domestic issue. Rather, multinational companies are prime targets, and are currently undergoing institutional changes to navigate the EU General Data Protection Regulation (GDPR) that goes into effect May 2018.

Continue reading →