Vermont Governor Scott signed the Vermont Insurance Data Security Law (available here) (the “VIDSL”), becoming the 22nd state to adopt a cybersecurity statute based on the National Association of Insurance Commissioners...more
On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the DFS Regulation) took effect, requiring subject financial institutions (Covered Entities), including insurance companies, to,...more
On August 2, 2019, New Hampshire became the most recent of many states that adopted an Insurance Data Security Law (Senate Bill 194-FN) modeled after the National Association of Insurance Commissioners’ (NAIC) Insurance Data...more
To date, six states from Michigan to Alabama have adopted versions of the National Association of Insurance Commissioner’s model insurance data security law (the “NAIC model”). The NAIC model generally requires entities...more
On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the “DFS Regulation”) took effect, requiring subject financial institutions, including insurance companies, (“Covered Entities”)...more
Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please...more
The New York Department of Financial Services (NYDFS) blazed a cybersecurity trail with its 2017 regulation for the protection of information collected and processed in, and systems used in the operation of, the financial...more
As reported on Locke Lord’s InsureReinsure blog, the NAIC adopted a model law for the protection of the data and systems used by the insurance industry, and South Carolina became the first state to enact legislation based on...more
As reported, the NAIC adopted a model law for the protection of the data and systems used by the insurance industry, and South Carolina became the first state to enact legislation based on the NAIC model. In doing so,...more
The NAIC adopted an Insurance Data Security Model Law.
On May 3, 2018, the South Carolina Governor made South Carolina the first state in the nation to adopt a comprehensive cybersecurity statute for the insurance industry,...more
Following New York’s lead after the Department of Financial Services (the NYDFS) promulgated its Cybersecurity Regulation, in October 2017 the NAIC adopted its Insurance Data Security Model Law (the NAIC Model) to establish...more
The financial services industry has been dealing with requirements for cybersecurity since 1999, but 2017 brought new, significant, and proliferating obligations. The bar for the whole industry was clearly raised by the...more
New York’s cybersecurity regulation that went into effect in March has far reaching implications. The first transition date for implementation of several requirements of the state’s Department of Financial Services regulation...more
Based largely on the NY DFS Cybersecurity Regulation that became effective March 1, 2017, the NAIC has adopted a Model Cybersecurity Law that would, once adopted by the various states, establish significant requirements for...more
10/26/2017
/ Banking Sector ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Insurance Industry ,
NAIC ,
NYDFS ,
Popular ,
Risk Management
What seems like a long time ago now, in 2011 PricewaterhouseCoopers (PwC) warned that “there is no question that law firms are among the companies being targeted by cyber criminals.” Despite this, many law firms believed (or...more
Early this month, the NAIC Cybersecurity (EX) Task Force released a preliminary working and discussion draft of an Insurance Data Security Model Law. While praise worthy in its effort to provide uniformity for data security...more
On October 14, 2015, the NAIC’s Cybersecurity (EX) Task Force adopted a Cybersecurity Bill of Rights, an aspirational, well-intended document outlining the rights insurance consumers should (or could? or might? this point...more
Last week, an NAIC task force moved forward in recommending a cybersecurity “bill of rights” that insurance regulators could provide consumers, essentially creating an expectation of notice of a breach “never more than 60...more
The National Association of Insurance Commissioners (“NAIC”) is all over cybersecurity. On April 16, 2015, as a part of its aggressive work plan to help the insurance sector come up with an effective cybersecurity framework...more