DLA Piper and Aon have launched a guide ‘The price of data security‘, ahead of the General Data Protection Regulation (GDPR), effective from 25 May 2018.
The guide reviews the insurability of GDPR fines across Europe, which can reach up to €20 million or, if higher, up to 4% of a group’s annual global turnover. It also looks at insurability of costs associated with GDPR non-compliance (e.g. litigation, investigation and compensation), as well as the insurability of non-GDPR regulatory fines.
Key findings include:
- GDPR fines were found to be insurable in only two of the countries reviewed – Finland and Norway;
- In 20 out of 30 reviewed jurisdictions GDPR fines would generally not be regarded as insurable, including the UK, France, Italy and Spain;
- In eight of the jurisdictions it is unclear whether GDPR fines would be insurable. In these jurisdictions specific details around individual cases, for example the conduct of the insured and whether the fine is classed as criminal, will need to be considered.