GDPR cometh and it cometh for YOUR business!
Most business owners will have heard about GDPR but quite a few will have not an inkling of what it really means, especially with all of the other changes in regulations that they have to deal with just about every day. D-Day is 25th May 2018 and that is now seriously imminent.
As I have said before, insurance is an investment, not an expense. In the case of GDPR, the right insurance is not only an investment in peace of mind but may well save your business from a huge expense.
Q) What is GDPR anyway? A) EU General Data Protection Regulations. The regulations make your business much more responsible for the handling, processing and storage of personal data. I’m sure we all remember news items about laptops and files left on trains or in cafes. There will now be requirements to self-report any breach of the regulations – and, believe me, you do not want the regulatory body to find out from someone else – and there are powers to levy very heavy financial penalties and to place greater responsibility on senior members of staff. Some businesses might think that it doesn’t apply to them or “it’s just for banks and IFAs and the like.” If you hold ANY personal data – even a name and address – then GDPR applies to you and your business.
Directors of limited companies often believe that the limited liability aspect protects them from prosecution and/or civil suits. In fact, directors and officers (such as senior managers) can be held personally responsible for a wide range of issues, of which GDPR will be just one more. There is a type of insurance – Directors’ & Officers (D&O) – that can relieve the worry of having to defend a case using personal finances. If you have this cover in place, do check that it does not exclude data breaches or cyber issues. We are happy to check policies and advise on request.
“Silent” cyber exposures are about cyber-related incidents affecting insurance policies not specifically designed to cover cyber risks. An example might be a company manufacturing equipment which is computer-controlled. If the company was affected by malware and equipment was to fail, causing personal injury or property damage, there might be no cover under their liability insurance. Our recommendation would be a specialist cyber liability policy or a properly-worded cyber extension to an existing policy.
Obtaining the right cover to provide that all-important peace of mind is somewhat of a minefield in the complex world that we have created for ourselves. Speaking to the right people at Diamond Insurance Consultants is the answer.