I have been in discussion with Locktons recently, they are the PI insurers recommended by the ACCA, about the impact of GDPR claims: will they be covered by PI insurers?
The present opinion, is that if a claim is brought against a firm by a third party for failure to look after or handle their data, the PI policy should respond assuming the claim arises in consequence of the provision of professional business by the Insured.
The penalties for breaching the GDPR when it kicks in May 2018, are severe. Which prompts two further questions:
- What if the breach is a consequence of negligence, of ignoring the new regulations, and
- If PI does pick up the claim, what impact will this have in the longer term for PI premiums?
I am presently researching a support pack for UK practitioners, that sets out the systems you will need to have in place before next year. My studies thus far have convinced me that this is no lightweight change in legislation. Practitioners will need to take the changes seriously. I should have the support pack available from 1 September 2017.