In October 2017, the NAIC adopted its Insurance Data Security Model Law and released it to the states for legislative consideration. The purpose of the Model is to “establish standards for data security and standards for the investigation and notification to the Commissioner of a Cybersecurity Event applicable to Licensees.” In this alert, we briefly outline the requirements of the Model and provide an update on the status of the Model among the states and information on compliance effective dates. We will continue to monitor these issues.
Continue reading “Catching up on the NAIC Data Security Model Law”