Select Page
Data Protection Insurance is more important than Ever

Data Protection Insurance is more important than Ever

The new General Data Protection Regulation (GDPR) comes into effect on 25th May 2018 and it makes it more important than ever before that your business is compliant. What’s more, having the right data protection insurance in place is crucial too.

Cyber losses and crime cost the UK economy billions every year and data has become a key asset that criminals are desperate to get hold of. Your businesses data is one of its most important and valuable assets, but it also high risk if uninsured. The new European legislation sets out rules for keeping data secure but it also comes with higher financial penalties if you do not comply. GDPR covers both data privacy and data control and security and the right insurance can protect your financially should there be issues with your levels of compliance.

What does Data Protection Insurance cover?

Data protection insurance is extremely specialised. It covers (or attempts to cover) the many potential consequences of data leak, breach and hacks. It is similar to cyber liability insurance except applies only to data and data protection breaches.

Data Protection Insurance may cover:

  • The cost of security damages due to the data breach
  • Ransom and extortion cover
  • The cost of fines and defence should you receive a penalty due to the breach

Each policy is unique and there may be specifics to your industry to take into consideration too. The main thing for most businesses to do is ensure they review that data protection protocol and strategies in line with the new European legislation.

Data Protection Insurance with Just Quote Me

Just Quote Me employ specialist insurance professionals who work with businesses of all background. We make it our businesses to have the latest information in all relevant business areas including regarding GDPR. Get in touch today to discuss your data protection insurance policy options with us.

GDPR: What You Need To Know about the New Data Protection Regulation

GDPR: What You Need To Know about the New Data Protection Regulation

General Data Protection Regulation or GDPR

The EU’s new General Data Protection Regulation or GDPR is an expansion and development of previous data protection law. At present the UK relies on the Data Protection Act 1998 but things have changed significantly since this time. The new legislation introduces harsher fines for non-compliance and data breaches, and it also gives people more rights to their personal data.

The GDPR is a way for the EU to make a simpler and clearer legal environment for businesses handling volumes of data. It will come fully into force from 25th May 2018. It is applicable to all EU member states, but the UK is also affected.

The UK actually passed its own data protection legislation in September 2017 and it implements the majority of the GDPR in the UK.

Does GDPR affect my Business?

All businesses that control and process data must abide by the GDPR legislation. Your business needs to have a data controller who states how and why personal data is used. Data controllers have full responsibility for ensuring all data processed is compliant with data protection law.

Almost every business will be impacted by GDPR. If your business is currently effected by the Data Protection Act, then the same will apply to the GDPR.

Personal data and sensitive personal data come under GDPR. It is relevant to the smallest start-ups and also the largest companies.

Accountability and Protection against Breaches

Companies affected by the GDPR will see themselves much more accountable for data breaches. Their handling of personal data and sensitive personal data has to be properly managed and stored. Companies may want to review their data protection policies. It may also be worthwhile considering data protection impact assessments and fully auditing record keeping within your business.

Data breaches are becoming increasingly common. Companies such as Equifax, T-Mobile and Yahoo experienced breaches within the last 12 months. Smaller companies also need to be vigilant. The GDPR states that “destruction, loss, alteration, unauthorised disclosure of, or access to” personal data must be reported to the country’s data protection regulator. In the UK we have the ICO and they require notification within 72 hours of an organisation finding out about a breach.

The ICO has prepared some information about the GDPR with more expected before the regulation comes into effect in May 2018. All professional business owners should ensure they have a good understanding and are prepared for the regulation before this tim