December 5, 2018

New data privacy legislation in Brazil will drive demand for cyber insurance

Companies will be forced to make significant changes to ensure compliance.

In August 2018, Brazil published its new General Law on the Protection of Private Data, which will become effective at the beginning of 2020.

Similar to the provisions of the EU General Data Protection Regulation (GDPR), the legislation aims to increase privacy protection of personal data obtained by companies in the course of their business.

As with the GDPR, the new Brazilian legislation also requires companies to appoint Data Protection Officers and, in cases of a data privacy infractions, large fines of up to 2% of the turnover of the company subject to the breach (capped at a maximum of BRL50million) can be levied by a new public agency. Throughout 2019 companies operating in Brazil are expected to make substantial changes to their business with a view to being in full compliance with the new legislation.

In addition, the enactment of the new law will raise companies’ awareness of the importance of establishing an effective system against data privacy breaches and cyber-attacks in general. As a result, the Brazilian insurance market will continue to see an exponential increase in the demand for cyber cover in the coming year.

You can read the rest of our insurance predictions here.