Does Cyber Insurance Cover GDPR Data Breaches?
Caeva O'Callaghan | January 19th, 2021
A few years ago, businesses in Ireland needed to comply with new GDPR regulations. But will cyber insurance help protect your business against the cost of mitigating a GDPR data breach?
Yes. Data breach protection is the cornerstone of good cyber insurance, and as such is covered by any standard cyber insurance policy.
Data breaches are the name given to cyber attacks where the principal goal is to steal personal or sensitive data, such as addresses or credit card information. They are exceptionally damaging, and so you must protect yourself and your business against them at all costs.
In this article, we’ll cover the following topics:
- What is a GDPR breach?
- What does it mean when data is leaked?
- What are the costs incurred by a data breach?
The costs of a data breach may spread further and wider than you would expect. This is why it’s essential to have cyber insurance in place for your business.
What is a GDPR breach?
Europe’s GDPR (General Data Protection Regulation) law clearly defines what they mean by a personal data breach. In simple terms, it is a breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
As soon as you become aware of a personal data breach within your business, you must report it, “without undue delay” and, where feasible, no more than 72 hours later. You should notify the supervisory authority in accordance with Article 55 of the GDPR, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
According to the ICO (Information Commissioner’s Office), almost a third of the 500 reports of data breaches it receives each week are considered to be unnecessary or fail to meet the threshold of a GDPR personal data breach. This means there is some confusion as to what constitutes a true GDPR breach, as well as how to navigate the reporting process. But even if you’re not sure whether you’re dealing with a true data breach, it’s better to be safe than sorry.
What your cyber insurance will cover
Your cyber insurance will not cover anything you report to the ICO which is not considered a threat to the rights and freedoms of natural persons. However, what cyber insurance exists for is to cover all associated costs, legal and otherwise, of a data breach which results in risk or harm to people’s personal safety.
This is defined as physical, material or non-material damage such as loss of control over their personal data or limitation of their rights, discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality of personal data protected by professional secrecy or any other significant economic or social disadvantage.
Cyber insurance will cover your costs to notify customers, colleagues and others whose private data has been leaked. It may help cover the costs of upgrading your computer systems and hiring consultants, and other measures you may take to ensure it never happens again.
Large data breaches
In the event of a very serious data leak, crisis management costs will be covered by your cyber insurance policy.
If you have a significant customer base, you may need to set up a call centre to handle enquiries. This could be a very significant expense which could otherwise put your business under. Cyber insurance helps you put measures in place to put your customers’ minds at ease.
You may also call in a computer forensics team to locate the source of the breach and stop it, as well as assist in apprehending the criminals who are responsible. Whether you need this will be a matter for the authorities, and you will know if this is the case when you report the data breach to the ICO.
In any case, you should report personal data breaches as soon as possible, and rest assured that once you have cyber insurance your business will have protection. If you’re not sure what kind of cover you need, get in touch with our cyber insurance experts today and we can help you find the ideal policy. We look forward to working with you.
All Information in this post is accurate as of the date of publishing.