My Basket0

Data breach: why should we care?

Thinkpiece 108

Publication date:

25 July 2014

Last updated:

22 September 2017

Author(s):

Policy and Public Affairs

Data breach is a phenomenon that every company holding customer or sensitive personal information will experience - simply put, it is not a question of 'if' but 'when.' - simply put, it is not a question of 'if' but 'when.' Paul Bantick from Beazley looks at the issues.

Data breaches take many forms and many cannot be planned for.

The potential insurance market for this business is massive - as demonstrated by the rapid growth of data breach insurance in the US.  New EU-wide data privacy legislation is due to be passed in the next year and will bring with it punitive measures for firms mishandling data. This will force companies to inform clients of any data breach - no matter how big or small. These regulations could to be a game changer in terms of insurance penetration.

There are a number of insurers moving into this market, but not all policies are alike.

There is confusion among clients as to what protection they have in existing policies - and they are looking to their brokers for advice.

The unfamiliar risks, the service concept within many policies, even non-standard language of the cover all put a premium on education.

Brokers need to understand the policies, clients need to know the facts, and insurers need to provide the services required to get a business back on its feet - and that is much more than just handing out a cheque when a valid claim occurs.

Pdf icon small  View the attached Thinkpiece »

This document is believed to be accurate but is not intended as a basis of knowledge upon which advice can be given. Neither the author (personal or corporate), the CII group, local institute or Society, or any of the officers or employees of those organisations accept any responsibility for any loss occasioned to any person acting or refraining from action as a result of the data or opinions included in this material. Opinions expressed are those of the author or authors and not necessarily those of the CII group, local institutes, or Societies.