The General Data Protection Regulation (GDPR) strengthens individual data protection to citizens of European Union member countries, and is set to take effect this May. However, GDPR also poses legal risk for insurance customers and businesses — even if they are headquartered in the U.S. or Canada.
GDPR "applies to company that has access to or is processing information" on citizens of EU nations, "regardless of where the organization is located," Terri Mason, CNA Canada's Assistant Vice President of Cyber and Professional Liability, tells Canadian Underwriter.
If a citizen of an EU member nation complains to his or her government about a data breach caused by a Canadian or U.S.-based company, the data protection authority in Europe can reach out to local privacy regulators to enforce the law, which carries fines the greater of 4 percent of annual revenue or 20 million euros.
Continue reading the full article published by Canadian Underwriter.
Vous quittez maintenant le site Web de CNA Canada. Nous ne sommes pas responsables du contenu ou de la disponibilité des sites liés.
Les politiques de sécurité et de confidentialité de ces sites peuvent différer des politiques de CNA. Veuillez lire attentivement les politiques de protection des renseignements personnels et de sécurité des tiers.
Si vous avez des questions ou des préoccupations concernant les produits et services proposés sur les sites Web tiers liés, veuillez contacter directement le tiers.