States begin adopting insurance cybersecurity requirements
Because of the multi-state nature of the insurance industry, major insurance licensees will likely adopt stringent cybersecurity compliance programs.
In October 2017, the NAIC adopted an Insurance Data Security Model Law that builds on existing data privacy and consumer breach notification obligations. The Model Law requires every insurance licensee in a state (unless they qualify for an exemption) to maintain a written cybersecurity policy and implement a risk-based cybersecurity program. The Model Law also requires a licensee to satisfy specific requirements related to:
This premium content is locked for
Insurance Coverage Law Center subscribers only.
Start a free trial to enjoy unlimited access to the single source of objective legal analysis, practical insights, and news for the insurance industry.
- Access the most current expert analysis and daily developments across jurisdictions
- Solve complex research issues with expert tools and intelligence
- Tap into insurance coverage expert guidance
Copyright © 2019 ALM Media Properties, LLC. All Rights Reserved.