Companies covered under the EU mandate can get policies for up to $10 million for fines, penalties, and other costs.
Cyber insurance provider Coalition has announced new policies explicitly designed to cover fines and costs stemming from violations of the EU’s General Data Protection Regulation (GDPR).
The policies are targeted primarily at small and midsize companies that handle data on or offer goods and services to EU residents. Policy limits range from $25,000 to $10 million, covering defense costs as well as fines and penalties resulting from GDPR violations, says Joshua Motta, CEO and founder of Coalition.
Unlike other data privacy laws, GDPR imposes penalties even when there is no actual data breach. In fact, since the regulation went into effect last May, EU regulators have taken action against numerous organizations for either failing to comply with their own policies or for not fully complying with GDPR requirements for privacy disclosures, data collection, processing, and use. One example is French data protection authority CNIL’s 50 million euros fine on Google last month for the company’s “lack of transparency, inadequate information, and lack of valid consent” when collecting data for ads personalization.
Historically, data breach insurance policies have been sufficient because fines and penalties under existing privacy laws have only been triggered in the event of a breach, Motta notes. “[With GDPR], companies can now be fined even if they’ve …
Author: Jai Vijayan Freelance writer