Originally published on PropertyCasualty360
At long last, the GDPR effective date is just around the corner. As companies continue to work towards compliance, many are realizing that despite their best efforts, the odds of achieving and perpetually remaining in 100% compliance are slim to none.
As with any massive compliance undertaking, mistakes and missteps related to GDPR requirements are inevitable, especially in a world where data volumes, connectivity, mobility, and risks continue to increase. Given this reality, companies should consider transfer of GDPR-associated risks through insurance.
It’s critical to note that finding the most comprehensive coverage for GDPR exposures requires careful analysis of available insurance policy options. That analysis should include a thorough review of the various mandates contained in the GDPR, as well as the company’s practices around protected data, its current insurance policy(ies), and the law governing interpretation of those policies. Importantly, even companies that currently have cyber insurance in place may not have optimal coverage for the wide variety of exposures under the GDPR.