Sweeping changes to data protection law including stronger enforcement powers and higher fines will come into force for every organisation in every country having operations in the European Union (EU) on 25 May, 2018 with the EU General Data Protection Regulation, or GDPR. In response, Aon plc (NYSE:AON), the leading global provider of risk management and human resource consulting and outsourcing, today announced the launch of Aon’s EU Data Protect, a newly created comprehensive risk management solution that helps organisations prepare for the GDPR and protects against some of the potential financial impacts of the regulation.
Aon’s EU Data Protect includes:
- GDPR Readiness Assessment: A tool to assist organisations identify, prioritise and remediate gaps in their compliance programme and understand and mitigate data protection risks in accordance with GDPR
- Cyber Impact Analysis: Sophisticated modelling of the financial impact from data breaches under GDPR and more broadly to provide a comprehensive understanding of the cyber exposures facing the business
- EU GDPR Insurance Endorsement: This acknowledges the GDPR in a qualifying Cyber Policy which includes fines and penalties where insurable by law and costs of defending regulatory action. This Endorsement also provides for some regulator required experts’ fees arising from certain loss events
- Incident and Claims Response: Access to specialist post-event advisory services, including incident response, digital forensics and claims handling capabilities to expedite remediation and claims settlement
“The GDPR represents a significant regulatory challenge facing firms that do business in the EU,” said Renette Pretorius, Cyber Practice Leader, Aon’s Global Broking Centre in London. “Its mission is to give citizens back the control of their personal data and equip regulators with sufficient enforcement powers to address the evolving digital landscape and tougher privacy challenges – a change heavily felt across many companies. All businesses operating in the EU, no matter where they are located, should prepare for the impact of this regulation.”
The regulation introduces stricter requirements on organisations processing personal data, a mandatory data breach notification regime and tougher enforcement powers for regulators including fines of up to 4% of annual worldwide turnover and strengthened audit and investigatory powers.
Andrea Garcia Beltran, EMEA Cyber Sales Leader, Aon’s Global Broking Centre in London added, “Organisations that do not identify and address compliance gaps in their marketing practices, data handling and data breach response protocols do so at their own peril. Business interruption losses are appropriately ‘front of mind’ for many EMEA organisations, but potential liability of up to 4% of an organisation’s turnover must be added in to the risk management thought process.”
Aon’s expertise in cyber risk management is deep and extensive. Most recently, Aon acquired Stroz Friedberg, a global leader in cyber security; and released Aon Cyber Enterprise Solution™, a property/casualty and Internet of Things insurance solution that offers comprehensive enterprise-wide coverage against cyber risk.