Marsh is reminding companies that the General Data Protection Regulation (GDPR) comes into force on 24 May 2016.
The new data protection law for Europe, which is being introduced more than four years since the first draft was published in January 2012, will significantly increase the extra-territorial scope and the size of fines that can be levied against an organisation in the event of a cyber breach.
To mark the launch, the insurance broking and risk advisory group is publishing its latest Adviser, entitled ‘New Data Protection Law in Europe’.
To accommodate the GDPR’s expanded privacy rights obligations for the processing of personal information, companies will need to:
• Provide greater transparency and notice about why individuals’ personal information is used or processed.
• Obtain proof of consent to such processing by “clear affirmative action” of individuals.
• Create ways to allow individuals to exercise their “right to be forgotten” and data portability.
• Conduct privacy impact assessments, appoint data protection officers, and develop local capabilities for responding to data breaches.
• Demonstrate compliance with the GDPR through documented controls and audits.
Marsh’s Adviser also highlights the insurance implications of the new regulation, including:
• The financial consequences of these heightened obligations are likely to see an upwards shift in the loss estimates attached to any data protection items in the company’s risk register, potentially breaching acceptable risk tolerances.
• This adjustment is likely to lead to a re-examination of the adequacy of insurance arrangements. Organisations should review the effectiveness of their coverage, the sufficiency of any applicable indemnity limits, as well as the availability of enhanced insurance protection if existing arrangements fall short of requirements.
Plans to lessen the kingdom state’s reliance on oil exports could prove too great a challenge for the government, suggests Fitch Ratings.
A study by relocation firm Movinga rates the Irish capital as the best alternative location to London in an index rating 15 cities.
A Lithuanian scammer was able to trick two US tech companies into wiring him tens of millions of dollars.
The software and IT services giant will leverage the technology across its cloud-based application and business networks and is teaming up with London-based fintech Everledger.