RegionsEEAEurope’s new data protection laws take effect today

Europe’s new data protection laws take effect today

Marsh has published an advisory leaflet on the General Data Protection Regulation (GDPR), which comes into force from May 24.

Marsh is reminding companies that the General Data Protection Regulation (GDPR) comes into force on 24 May 2016.

The new data protection law for Europe, which is being introduced more than four years since the first draft was published in January 2012, will significantly increase the extra-territorial scope and the size of fines that can be levied against an organisation in the event of a cyber breach.

To mark the launch, the insurance broking and risk advisory group is publishing its latest Adviser, entitled ‘New Data Protection Law in Europe’.

To accommodate the GDPR’s expanded privacy rights obligations for the processing of personal information, companies will need to:

• Provide greater transparency and notice about why individuals’ personal information is used or processed.
• Obtain proof of consent to such processing by “clear affirmative action” of individuals.
• Create ways to allow individuals to exercise their “right to be forgotten” and data portability.
• Conduct privacy impact assessments, appoint data protection officers, and develop local capabilities for responding to data breaches.
• Demonstrate compliance with the GDPR through documented controls and audits.

Marsh’s Adviser also highlights the insurance implications of the new regulation, including:

• The financial consequences of these heightened obligations are likely to see an upwards shift in the loss estimates attached to any data protection items in the company’s risk register, potentially breaching acceptable risk tolerances.
• This adjustment is likely to lead to a re-examination of the adequacy of insurance arrangements. Organisations should review the effectiveness of their coverage, the sufficiency of any applicable indemnity limits, as well as the availability of enhanced insurance protection if existing arrangements fall short of requirements.

Related Articles

“Destroy or democratise” – how Open Banking will impact connectivity

Banking “Destroy or democratise” – how Open Banking will impact connectivity

2m Victoria Beckett
Treasury TV: Yeng Butler compares US and European MMF reforms

Compliance Treasury TV: Yeng Butler compares US and European MMF reforms

2m Victoria Beckett
Money market reforms: Navigating LVNAV, CNAV and VNAV

EEA Money market reforms: Navigating LVNAV, CNAV and VNAV

3m Victoria Beckett
The Challenge of Building and Maintaining a Central Treasury Operation in a Decentralized Company

EEA The Challenge of Building and Maintaining a Central Treasury Operation in a Decentralized Company

3m BELLIN
The Treasury Challenge of a Post-Merger Integration

EEA The Treasury Challenge of a Post-Merger Integration

3m BELLIN
The Challenge of Integrating Worldwide Subsidiaries into one TMS

Baltics The Challenge of Integrating Worldwide Subsidiaries into one TMS

3m BELLIN
Q&A with BMG's treasury : BELLIN - We Love Treasury 2

EEA Q&A with BMG's treasury : BELLIN - We Love Treasury 2

3m BELLIN
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

3m Alex Kwiatkowski