GDPR has created a new position for companies that must comply with GDPR, the Data Protection Officer (“DPO”). It’s a big job, and many of the folks appointed to this position have questions about their own liability as well as how to protect themselves from potential liability. A typical request we are seeing from DPOs is that they be added as a named insured to a D&O policy. Unfortunately, adding a DPO to a D&O policy as a named insured may not provide a complete response. Indeed, in some situations it will be a useless move, if not actually a detrimental one. Cyber liability insurance policies can provide a much more useful solution—but only if your insurance broker has identified and addressed certain key issues. To help explain DPO liability exposure and ways to protect DPOs in a comprehensive way, I turned to my colleague Dan Burke, an expert in cyber liability insurance.
Check out the post we jointly authored, Cyber Insurance vs. D&O Insurance: New Data Protection Officer Requirements Under GDPR.