The cyber risk landscape is changing daily. As exposures evolve and new regulatory obligations come into play, cyber insurance has never been more important.

On November 01, mandatory breach notification regulations will come into force under the Personal Information Protection and Electronic Documents Act (PIPEDA), meaning that all Canadian companies will have to pay extra attention to safeguarding the personal data they collect and retain.

Under PIPEDA, “breach of security safeguards” is defined as either a loss, unauthorized access or disclosure of personal identifiable information resulting from a breach of a company’s systems. The act contains stringent notification guidelines and harsh penalties for firms that break the rules.

“While it may come as a surprise to many business people, PIPEDA is intended to promote Canadian business, not to be a regulatory and compliance trap,” said Lee Akazaki, partner at Gilbertson Davis LLP and speaker at Insurance Business Canada’s upcoming ‘Selling cyber insurance in 2018’ webinar.

Alongside a panel of cyber security experts, Akazaki will be detailing how brokers can navigate the complex cyber regulation landscape and will provide best-practice advice around evaluating and articulating cyber risks, including data breaches and coverage gaps to clients.

“The mandatory reporting and notification requirements that will come into place after November 01 will give corporate risk managers headaches. Perhaps the most at risk are those who least suspect their vulnerability to the new regulatory regime,” Akazaki told Insurance Business.

“Those who collect private information outside the internet economy, such as insurance medical providers, financial services sectors, law firms, and even wedding photographers – these are commercial sectors in which awareness of cyber risk is minimal and yet whose vulnerability is as high as any online business.”

Source: www.insurancebusinessmag.com