To date, much of the national cyber attention has been focused on information security and the efforts to protect an organization’s information. Increasingly, rapidly evolving legislation and regulations have thrust privacy concerns to the forefront. Privacy concerns relate specifically to the way an organization collects and uses personal information as well as how the individuals may have control over their own affected data. One of the most notable regulatory moves in the privacy arena is the enactment of the EU’s General Data Protection Regulation (GDPR). Additionally, many states have begun developing their own privacy-related legislation, including the California Consumer Privacy Act.
The collection of personal data is a critical factor in how many businesses target consumers, market products, and improve their services. As a result, the developing focus and emerging regulation over privacy issues will greatly impact the way companies conduct business. Among the questions arising from this national spotlight is whether or not a company or organization’s management can be held accountable for compliance with privacy-related requirements and regulations. These growing concerns may be among the most prominent directors and officers liability exposures for modern businesses and organizations.
There is still great uncertainty around the privacy and security landscape. Going forward, it will extremely important to monitor how the directors and officers and cyber liability insurance policies respond as this unfolds. You can read more about this topic with the article Privacy Rights, Liability Exposures, and Potential D&O Claims from The D&O Diary as well as the September 2018 report Data Privacy: The Current Legal Landscape from Troutman Sanders.
If you’d like to discuss your cyber liability and/or directors and officers liability coverages, please contact me directly.