CNA Hardy’s Matt Sumpter offers an interesting perspective on GDPR:

There is no question that the forthcoming General Data Protection Regulation (GDPR) will bring with it big changes to organisations; enhancing existing data subject rights provided under the current EU Data Protection Directive as well as introducing new ones. But change is not necessarily a bad thing, and GDPR should be viewed as an opportunity rather than something to be feared.

Most organisations are already taking steps to prepare for the forthcoming legislation, however when examining the current commentary much of this preparation is seemingly focused only on the potential downsides rather than on leveraging the opportunity.

It is true that the focus on compliance around data collection and distribution that is at GDPR’s centre is being enforced by greater consequences than previously seen under the current Directive. However, the real intent of GDPR is not to generate fines but to create new behaviours around organisations approach to handling and processing personal data. In a world becoming more and more reliant on technology this should be viewed as a positive step forward.

An organisation’s ability to present evidence to regulators of its efforts to comply with GDPR will help reduce liability under Article 83 (General conditions for imposing administrative fines). Therefore it benefits an organisation to not just take measures to minimise potential consequences, but to embed an appropriate culture that embraces the principles of GDPR and enforce meaningful accompanying systems and controls.

There are six key principles governing the processing of personal data and implementing them should be a positive change for organisations. By better managing how data is used, organisations will be able to build greater trust and loyalty with their customers, which in turn should enhance their brand and the bottom line. Furthermore, this increase in trust and better management of the security of data will enable greater data sharing and better leveraging of Big Data, which will assist with product development and enhanced customer experience.

The six key principles are:

Lawfulness, fairness and transparency: the processing of personal data should follow regulation.

Purpose limitation: organisations should only collect personal data for specific, explicit and legitimate purposes.

Data minimisation: personal data should be adequate, relevant and limited to what is necessary for the purpose of processing.

Accuracy: personal data must be accurate and kept up-to-date, and corrected or deleted without delay when inaccurate.

Storage limitation: organisations must keep personal data in identifiable form only for as long as necessary to fulfil the purposes it was collected for.

Integrity and confidentiality: personal data must be secured by appropriate technical and organisational measures against unauthorised and unlawful processing, and against accidental loss, destruction or damage.

Organisations should think of GDPR in terms of the rights it grants their customers and the benefits that may flow from the trust that will build from it rather than just the potential threat it poses to them. By embracing GDPR’s principles, both organisations and customers alike have a lot to gain.

Credit:

Matt Sumpter, Underwriting Director for Technology and Cyber Risks

CNA Hardy

Click here for original link

 

Charity Protect has been developed for smaller or newly set-up charities, community interest companies social enterprises and not-for-profit organisations, that don’t carry out work abroad and have an annual income or turnover of up to £100,000.

The policy provides cover for public and products liability as well as various activities including fundraising events for up to 500 people, office and admin work and attendance of exhibitions, conferences and meetings to name a few. There are also other sections of cover which can be added if required, such as Legal Expenses, All Risks and Trustees and Directors indemnity.

Charity Protect Plus is their product for larger charities with an annual income or turnover of up to £1,500,000.

Like its sister product, this policy provides cover for public and products liability and a number of different activities including fundraising events for up to 1000 people, office and admin work and attendance of trade shows, seminars, the sales of second hand goods and other activities which benefit the charity. Again, there are additional sections that can be added to the policy including Professional Indemnity, Money and Employer’s Liability.

Call us on 01772 555585 for more information.

 

Cyber security has become a risk to all businesses

Today, virtually all businesses collect and store personal information about customers, employees and others. The frequency of data breaches – the theft, loss or mistaken release of private information, is on the rise. But data breaches aren’t just a big business problem; small and medium-sized businesses with fewer data security resources are particularly vulnerable.

Whilst data losses for small to medium-sized businesses may not make the headlines, the potential financial cost and reputational impact of a cyber incident can be crippling. Firms such as accountants and lawyers might be perceived to hold more sensitive data, but all businesses could be at risk from a cyber attack or data breach by hackers, viruses or errant employees. 74%* of small businesses having experienced a security breach.

In response to the growing demand for cyber insurance, NMU has added a computer, data and cyber policy to its suite of products. Specifically designed for small to medium-sized businesses, Computer Cyber Insurance offers broad coverage for cyber risks. Hardware (including portables) and data corruption cover provides protection for assets, whilst data breach expense, cyber crime, cyber liability and cyber event – loss of business income cover responds to cyber risks.

Policy benefits include:

  • Cover for the costs of dealing with data breaches and cyber liability claims
  • Cover for loss of business income from a cyber event
  • Cover that helps businesses deal with the impact of cyber crime
  • Cover for hardware and data corruption
  • Access to expert advice and support e.g. IT, legal, forensic and media relations when an incident occurs
  • Full claims support following an incident

Please get in touch with us 01772 555585 to discuss how this could affect your business and the protection available.

Over the past 15 months, policyholders have already seen an increase of 66% in the Insurance Premium Tax (IPT) they pay – this further increase to 12% in this regressive tax is outrageous and is a tax on protection which will hit everyone and especially those ‘just about managing’. We believe that this increase is contrary to the stated policy of HM Revenue and Customs “that IPT should make the required contribution to HM Government revenue while minimising the effect on the take up of insurance”. This increase comes at a time when both motor and home insurance premiums are rising and our fear is that many of those who most need it will avoid taking up insurance and be unable to afford the protection they need.