Cybersecurity Law to Remain Priority for NAIC

Cybersecurity Law to Remain Priority for NAIC

The ALTA reports that the NAIC's Cybersecurity Task Force's efforts to draft a model Insurance Data Security Model Law appear to be slowing as we head into 2017. Earlier this fall, regulators established a drafting group of regulators and industry to work through issues. ALTA's senior counsel Steve Gottheim participates as a member of the Drafting Group.

Regulators reported the drafting group is working through six issues:

• uniformity and exclusivity of a state law for data security
• exclusions for HIPPA and Graham Leach Bliley Act coverage
• whether there is a need for a harm trigger
• definition of "personal information"
• small producer scalability
• how to approach third-party service provider oversight

ALTA's NAIC Liaison Committee has stayed heavily involved in the effort by submitting comment letters in March, June and September.