Ahmed Bin Abdulqader ـ nabd–alhadath
‘Middle East Data Protection Guide’ from Marsh and Clyde & Co examines rapidly evolving legal and regulatory landscape, including potential consequences of data breaches
With data breaches and cyberattacks on the rise globally, now is the time for organizations in the Middle East to make meaningful change that can protect their businesses from long-term consequences, according to a guide published this month by Marsh, a business of Marsh McLennan (NYSE: MMC) and the world’s leading insurance broker and risk advisor, with global law firm Clyde & Co.
With an increased push across the region to strengthen cyber protection and to align with international best practices, some regional jurisdictions are issuing new, standalone data protection laws for the first time, while others are updating existing laws to align with international standards.
Some recent regional developments include that the UAE, KSA, Oman, Jordan and Egypt have issued standalone personal data protection laws, which are at varying stages of implementation and practical application. Similarly, Qatar and Bahrain have updated their already existing laws to align with international best practice. Kuwait has also issued a new data protection regulation in addition to its existing laws and regulations that touch upon data protection.
“It is imperative that organizations keep abreast of rapidly evolving legislation that impacts how they collect, process, transfer, store, and use data,” says Simon Bell, Managing Director, Cyber Practice Leader, IMEA, Marsh. “With the increasing globalization of many organizations and the fact the impact of cyber incidents can often span several jurisdictions, notification obligations may be triggered in several countries at the same time. Our new guide provides a comprehensive overview of recent developments in the Middle East and the main incident-related notification obligations for data controllers and processors.”
Bell adds that the ‘Middle East Data Protection Guide’ includes a three-step action plan for companies getting to grips with the new legislation. In terms of the plan, companies need to establish a data protection framework, implement relevant controls, and educate their teams on a regular basis.
Oliva Darlington, Partner & Middle East Cyber Insurance Lead, Clyde & Co, added, “We are at a real turning point for data protection legislation in the region. Historically, the data protection laws across the GCC countries and the wider Middle East have been spread across a patchwork of legislation and there has been limited enforcement of those laws. The new and revised standalone data protection laws across the region provide prescriptive requirements for compliance and a clear framework for enforcement, which means that local organisations will have to move data protection compliance to the top of their list of priorities. Likewise, due to the extra-territorial effect of the laws, international businesses which operate in the region, will need to be on top of the changes to avoid being penalised by the local regulators.”
The guide is available here.
About Marsh
Marsh is the world’s leading insurance broker and risk advisor. With more than 45,000 colleagues advising clients in over 130 countries, Marsh serves commercial and individual clients with data-driven risk solutions and advisory services. Marsh is a business of Marsh McLennan (NYSE: MMC), the world’s leading professional services firm in the areas of risk, strategy and people. With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. For more information, visit marsh.com, and follow us on LinkedIn and X.
About Clyde & Co
Clyde & Co has been at the heart of global commerce for nearly a century, helping the insurance market navigate an ever-changing risk landscape. Our specialist teams, based across almost 70 offices and associated offices globally, with 6 offices in the Middle East, use their deep insurance sector knowledge and commercial understanding to advise on issues such as dispute resolution, multi-jurisdictional litigation, coverage issues, contentious regulatory proceedings, policy wording issues, product development, corporate and commercial services, and recoveries. From the smallest claim to the most complex risk, our in-depth, on-the-ground knowledge of the Middle East market is supported by a truly interconnected global approach. This combination of local insight and a global network allows us to offer rapid access to expertise across all key insurance business lines wherever our clients operate. Global Law Firm | Clyde & Co : Clyde & Co
