GDPR: How Will the New EU Data Protection Regulation Affect Your Business?

Posted by Brad Hering, Cyber Liability Practice on April 2, 2018 at 10:00 AM

With the enforcement date looming, now is the time for organizations to determine whether the EU’s new General Data Protection Regulation (GDPR) applies to their business, and to sort out steps to take in preparation of the law’s enforcement.  First thing’s first – do you need to worry about GDPR? Answer these questions to find out.

gdpr-1Here are a few fast facts about GDPR:

What is GDPR and when is it effective?

General Data Protection Regulation (GDPR) is the EU’s new regulation designed to govern the collection, storage, and usage of private information.  The regulation was created in 2016 and has an enforcement effective date of May 25, 2018.

What is the regulation’s intent?

In short, the regulation is intended to provide citizens of the EU with more control around their personal information. The law aims to unify privacy laws in the EU and sets strict standards for the collection and storage of private information, with unprecedented requirements surrounding consent, inventory accounting, demonstration of compliance, and notification of potential data breaches.  While governed by the EU, GDPR will apply to any organization that collects or processes data of EU citizens, regardless of where the business is located.

What are the ramifications of non-compliance?

Non-compliance could have crippling consequences. Penalties for non-compliant companies that experience breaches could be up to 20 million euros (about $24,000,000 USD), or 4% of the company’s global revenue – whichever of the two is larger.

Will insurance cover fines for non-compliance?

Some insurance companies will be willing to add language to affirmatively cover GDPR fines as a result of a breach to the extent legally insurable. Even broader coverage for expenses related to non-breach audits or investigations may be available from certain carriers for additional premium after providing additional underwriting information. Consult with your insurance broker to determine whether your cyber coverage is adequate. To find out more, visit our cyber liability page.

Additional Resources

Below are some useful resources that provide information about the regulation, its application, and how to ensure compliance.

Is Your Business Compliant? Here Are Some Steps to Take to Prepare for the Regulation

Clock Ticking, European Commission Launches GDPR Implementation Guidance Website

Deeper Dive: Security Incident Notification Under the New EU General Data Protection Regulation (GDPR)

Marsh & McLennan Agency’s cyber team specializes in protecting businesses from data security risks. To learn more about cyber liability or to get a complimentary policy review, click the button below.

Learn More

Topics: Breaking News, Property + Casualty, Cyber & Data Security, Technology

Subscribe to Email Updates

Top Posts

Follow Us