Dissecting NAIC's Insurance Data Security Model Law

By Lawrence Hamilton, Jeffrey Taft, Matthew Bisanz and Evan Sippel-Feldman (November 28, 2017, 1:06 PM EST) -- On Oct. 24, 2017, the National Association of Insurance Commissioners adopted an Insurance Data Security Model Law.[1] The Model Law builds on existing data privacy and consumer breach notification obligations by requiring insurance licensees to comply with detailed requirements regarding maintaining an information security program and responding to and giving notification of cybersecurity events.

The Model Law is similar in many respects to the cybersecurity regulation that was issued earlier this year by the New York State Department of Financial Services (NYDFS).[2] However, the Model Law pertains solely to insurance licensees, and because it is only a model law, it will...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.

  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!


Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!