Cyber Insurers and Insureds Must Prepare For New Privacy Regulations

Cyber Insurers and Insureds Must Prepare For New Privacy Regulations

August 6, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

First there was the European Union’s General Data Protection Regulation which has now been in effect for over a year. Then California passed its Consumer Protection Act to be effective January 1, 2020. Now New York has passed its own privacy act (the SHIELD Act) effective March 21, 2020 requiring companies to safeguard personal information and giving consumers the right to know who sees their personal information.

These new laws and their penalties for violations will affect many businesses with customers in those jurisdictions even if they do not have a physical presence there. Insurers must cover those regulations as part of “cyber” policies or endorsements. Businesses with limited cyber coverage which excludes regulatory fines and penalties need to upgrade their insurance. Insurers must not only protect the personal information they collect, but educate their customers about new privacy requirements.




About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.