Data Protection in the EU has been a hot topic lately, not only because of the discussions taking place to finalize the EU General Data Protection Regulation (EU GDPR), but also because of the on-going renegotiations of the EU-US Safe Harbor provisions, which the European Court of Justice recently ruled as being invalid. The Safe Harbor provisions were set up to enable business to transfer data to territories considered as not being able to provide the same safeguards to data protection as is available in the EU, and was specifically for US companies to be able to operate in the EU and transfer data back to the US.
The amendments to EU GDPR will be widespread but of particular relevance are the following:
• Expanded definition of Sensitive Data
• Obligation to provide adequate security
• Mandatory security breach disclosure
• Individuals’ right to compensation
• Class Actions will be permissible
The final scope of these regulations and Safe Harbor provisions are of course impossible to exist, but given the increasingly global nature of not only the modern business environment but especially data transmission, cloud storage, etc. and the worldwide (and virtually untraceable) location of criminals behind many thefts of private data, it is more important than ever that businesses have good practices in place and insurance protection to address the tasks and costs associated with a data breach.
Simkiss & Block has specialized expertise in this area and welcome the opportunity to work with your organization to arrange the protection you need. Contact us to get started.