May 2018 sees the introduction of the European Union General Data Protection Regulation (GDPR). In the UK this will be enforced by the Information Commissioner’s Office, who is acting as the regulator and is talking to the government at the moment about compliance issues.
The new regulation will give consumers better data protection and also enable them to access their information more easily. Businesses will need to be transparent about how they store and use customer information and will need to declare any cyber hacks or data breaches.
If they do suffer a breach they will be obliged to inform the regulator within 72 hours. Failure to do so could result in a fine of up to £17m or 4% of global turnover, whichever is greater. Breaches can include anything from emailing client information without their consent to ransomware attacks and data theft by hackers.
Under GDPR customers have a new “right to be forgotten”. Customers can request information on how their data is being used and, in certain circumstances, request that data about them is erased.
Make sure you have cyber insurance in place
While the concept of cyber insurance is no longer that new, take up by businesses has been slow. But with GDPR looming on the horizon and the potential threat of large fines in the event of a data breach, the value of cyber insurance is more evident than ever before.
The team at Arlington are well placed to assess the insurance needs of your business, including cyber risks, and will find the most appropriate cover to protect your systems and your customers’ data.
With Arlington you get the reassurance that if you do suffer a data breach you have someone to turn to. The team at Arlington would be there to support you by helping to manage, investigate and resolve a breach and the issues this causes, with their insurer partners.