Dissecting NAIC's Insurance Data Security Model Law
By Lawrence Hamilton, Jeffrey Taft, Matthew Bisanz and Evan Sippel-FeldmanNovember 28, 2017, 1:06 PM EST
Law360, New York (November 28, 2017, 1:06 PM EST) -- On Oct. 24, 2017, the National Association of Insurance Commissioners adopted an Insurance Data Security Model Law. The Model Law builds on existing data privacy and consumer breach notification obligations by requiring insurance licensees to comply with detailed requirements regarding maintaining an information security program and responding to and giving notification of cybersecurity events.
The Model Law is similar in many respects to the cybersecurity regulation that was issued earlier this year by the New York State Department of Financial Services (NYDFS). However, the Model Law...