THE GENERAL DATA PROTECTION REGULATION (GDPR) PRIMER: What The Insurance Industry Needs To Know, And How To Overcome Cyber Risk Liability As A Result
The European Union has approved and adopted the most aggressive set of data privacy regulations since the onset of the personal computer, known as the General Data Protection Regulation (GDPR). These regulations, in effect May 25th, 2018, have vast and deep financial impacts, and potential penalties on businesses of all size and scope.
Who is impacted? American multi-nationals with a presence in Europe that transact, store, or serve as a conduit for covered privacy elements, any entity in the E.U., or foreign entity who transacts in the E.U. will be impacted.
Having a deeper understanding of what is covered under GDPR will assist cyber insurance underwriters in gauging existing policy risk (post-May 2018), as well as new cyber underwriting that occurs once fully implemented. This report addresses the more important aspects in such a manner that underwriters can take a more informed posture to underwriting new and/or existing cyber policies. Including what solutions are available to carriers and insureds to reduce the exposure GDPR will certainly present.
We highly recommend this paper to insurance underwriters and risk managers.