Not another GDPR article!
So now we’ve all reviewed the data we collect, what we do with it, how we protect it and updated our privacy policy we can all relax can’t we? Perhaps not!
There is no doubt that the work that’s been forced upon us by the new GDPR legislation has been a good thing. It has made us pause and think for a moment about how our businesses operate and the risks we face from handling data incorrectly.
In addition to this we also need to consider the impact on the business of a loss of data, through an external hack, an employee releasing data, either intentionally or unintentionally, or through an outsourced providers error.
If this happens the impact could be significant as you will need to notify all of the affected data subjects, deal with their enquiries and the potential negative impact on the business. In addition to this the breach will have to be reported to the ICO and you will have to deal with the consequences of their potential investigation.
Whilst a robust risk management process around your IT setup and data security is essential, the reality is that no such process can be 100% effective, especially where people are involved.
The good news is that there are specific insurance policies available designed to cater for these risks, known as Cyber insurance policies.
Whilst these policies were particularly expensive when they were first introduced, the costs have thankfully reduced significantly in recent years as they become far more commonplace.
The intention of this cover is to provide protection for data held by you, whether that be for your business or whether you are holding third party information. The policies can cover the costs of restoring your data or the costs to your business of an interruption following a hack that brings down your network.
In addition, it also covers a number of third party costs, including writing to data subjects following a breach, defending your business from an investigation by the information commissioner and also the costs your data subjects may face following the breach. It will also provide you with access to a crisis management firm, who will help you minimise the impact to your business revenue.
The best advice is therefore to consult with your insurance broker to assess your risks and put in place the appropriate protections, including Cyber cover where appropriate.
If you would like to know more, please feel free to get in touch.
Sam Leeder ACII
Actus Insurance
samleeder@actusinsurance.co.uk
0114 2903624
07718 189476