ABSTRACT
The General Data Protection Regulation (GDPR) imposes a wide range of compliance obligations on affected companies that are sure to create both initial and ongoing compliance challenges. The threat of potentially devasting fines and penalties raises the stakes for companies to manage both their compliance obligations and the risk that something will go wrong. As with other significant corporate risks, companies should consider transfer of GDPR risks through insurance. Coverage for the gamut of GDPR liabilities, including fines and penalties, will depend on the language of the policy at issue and the law applicable to the interpretation of the policy. Given today’s competitive cyber insurance market, insureds are well positioned to seek out and negotiate for broad coverage for GDPR exposures.
