Hiscox comments on new EU data protection law and data loss alerts

Hiscox advises on having a resilient plan in place to deal with data breach

LONDON, UK, (25th January 2012): Following the announcement of the new proposed European data protection law, Matthew Norris, e-risk and privacy expert at specialist SME insurer Hiscox, comments:

“The data loss notification aspect of the new proposed law is part of a wider picture of increasing pressure on companies to be able to detect and respond to data breaches quickly. Some businesses have suffered high profile data losses in the past year and the speed and response in such cases is crucial in limiting the adverse effects of a breach.

“The proposed law directs that certain internet businesses need to contact regulators within 24 hours after an attack, and data subjects "as soon as reasonably feasible" but it can be challenging for a company to be able to report on a complicated data breach within that time. Realistically many breaches will still be in the process of being forensically investigated at this stage, making it all the more essential to have an incident response plan agreed and in place. This means the business will be able to respond with as much detail as possible in as short a period as possible. This is especially important to minimise damage to the brand and avoid potential penalties."

It is essential for businesses to have a resilient incident response plan to minimise the damage in the case of a data breach. In preparation for a breach such a plan would include:

  • Nominate an individual who is responsible for swiftly initiating contact with the forensic company in the case of a breach
  • Determine when it is appropriate to involve a lawyer, for example to maintain legal advice and litigation privilege if the forensic report reveals adverse facts
  • Nominate a forensic company to work with in the case of a breach
  • Agreement with the forensic company on the type of instructions and contract it requires to start work
  • Agreement of the hourly rates from the forensic company as part of the contract.


For further information please contact:

Hiscox Ltd

Johanna Boland 020 74486494 [email protected]

About Hiscox

Hiscox, the international specialist insurer, is headquartered in Bermuda and listed on the London Stock Exchange (LSE:HSX). There are three main underwriting parts of the Group - Hiscox London Market, Hiscox UK and Europe and Hiscox International. Hiscox London Market underwrites internationally traded business in the London Market - generally large or complex business which needs to be shared with other insurers or needs the international licences of Lloyd's. Hiscox UK and Hiscox Europe offer a range of specialist insurance for professionals and business customers, as well as high net worth individuals. Hiscox International includes operations in Bermuda, Guernsey and USA. Hiscox Insurance Company Limited, Hiscox Underwriting Limited, Hiscox Europe Underwriting Limited and Hiscox Syndicates Limited are authorised and regulated by the Financial Services Authority.

For further information, visit www.hiscox.com.

All press releases