Data protection and cyber risk
Organisations which collect data will have to be aware of new regulations and increased liabilities and potential fines when reforms come into place next May 2018.
The General Data protection Regulation - according to Miller Insurance Services LLP - will establish one law across 28 European states.
Tom Quy an expert at the firm in this area says organisations ‘need to keep records of all personal data, be able to prove that consent was given, show where the data is going, what it is being used for and how it’s being protected.’
Miller insists that the GDPR also impacts data controllers outside the EU whose activities relate to the offering of goods or services to EU data subjects:
‘Many will need to appoint an EU representative and a Data Protection Officer in some scenarios. With GDPR increasing firm’s obligations and exposing them to much higher penalties in the event of a cyber breach, it is important that businesses reassess their exposures and if needed seek increased potection’ says Tom.
Miller acknowledges that Ransomware is now considered by businesses as a serious modern day threat and cyber insurance response is seen as a vital response in this.
GPDR will introduce fines of up to 4% of global turnover or 20 million Euros – whichever is higher – bringing EU legislation in line with the US.
For further information please click on this link where Tom explains more: http://www.miller-insurance.com/news-events-and-publications/News/Latest%20news/GDPR%20set%20to%20increase%20business%20exposures.aspx