Aon's Cyber Solutions and DLA Piper have published the 2nd Edition of ‘The Price of Data Security: A guide to the insurability of GDPR fines across Europe’

A 1st edition was issued before the General Data Protection Regulation (GDPR) came into effect in May 2018. As the insurability of GDPR fines is a dynamic and fluid matter, this 2nd edition sets out the latest findings with regard to the insurability of GDPR fines across Europe. The guide also looks at insurability of costs associated with GDPR non-compliance (e.g. litigation, investigation and compensation), as well as the insurability of non-GDPR regulatory fines.

GDPR fines can reach up to €20 million, or up to 4% of a group's annual worldwide turnover if higher. Two recent examples are: the UK Information Commissioner’s Office (ICO) issued a notice of intent to impose a fine of €204 million on an airline company, representing about 1.5% of the company’s global turnover. The ICO issued another notice of intent to impose a fine of €110 million on an international hotel chain, representing about 3% of the company’s global turnover.

Key features include:

  • GDPR enforcement actions: biggest cases per country in Europe
  • Insurability by country, including heat map
  • Case studies, lessons learned and common issues experienced by organisations
  • Practical ways to manage the potential impact of GDPR through risk governance, insurance review and incident response

We hope that you find this guide a valuable tool in understanding and managing the impact and implications of GDPR, while supporting you and your stakeholders in making informed decisions.

 
The price of data security

 

Aon UK Limited is authorised and regulated by the Financial Conduct Authority