This is one of those topics that we all know we need to be careful about, and there are small things we can do every day to avoid serious problems. With condominium insurance, we have the following rules:
On August 8, in Portugal, the GDPR was transposed into national law through Decree-Law No. 58/2019.
The decree-law establishes some specific rules for the insurance sector, such as:
- Application of the principle of proportionality: insurers may only process the personal data of policyholders when such processing is necessary to achieve a legitimate objective and when the benefits of the processing outweigh the risks to the rights and freedoms of policyholders.
- Health data processing (only applies to insurance provided by management companies): insurers may only process the health data of insured persons with their explicit consent or when processing is necessary for the performance of a health insurance contract.
Insurers are required to comply with the GDPR when processing policyholders' personal data, including:
- Obtaining consent: Insurers must obtain consent from policyholders for the processing of personal data, unless they can invoke an alternative legal basis.
- Limit processing: insurers may only process personal data for specific and/or limited purposes.
- Keeping data secure: Insurers must take measures to protect personal data from unauthorized access, loss, or destruction.
- Guaranteeing the rights of data subjects: Insured persons have the right to access, rectify, erase, transfer, restrict the processing of, and object to the processing of their personal data.
There are also companies that specialize in helping condominium administrations with the GDPR. In this area, we recommend BrightCompass.
João Simão
Privacy and Data Protection Consultant
(+351) 968 890 487
www.brightcompasscs.com
| CYBER RISK INSURANCE IS ESSENTIAL |
When a cyberattack occurs, confidential customer data may be stolen, which could lead to legal action for non-compliance with the GDPR.
Cyber risks are increasingly becoming a reality for companies in Portugal. A cyber attack can cause significant damage, including data loss and business interruption, jeopardizing the very survival of the company.
Cyber risk insurance is a way to protect companies against such damage. This insurance covers a variety of risks, such as data breaches, business interruption, damages and defense costs, civil liability, among others.
Cyber risk insurance is important to protect companies from exposure to these risks.
There are several companies that insure this risk, such as Tranquilidade, Fidelidade Ageas.
| CREATION OF THE SEISMIC FUND |
In October, a government order was published formally tasking the ASF with working with the relevant entities to develop the necessary measures for the creation of a system to cover the risk of seismic events.
According to the aforementioned order, "the national territory is significantly exposed to seismic risk and lacks adequate protection to cover this risk," which justifies "studying the appropriate conditions for covering potential losses resulting from seismic phenomena, given the severity and extent of the respective economic and social impacts.".
We will have news by April on this issue that is so important to all of us.