Forgot Password? | Print Page | Contact Us | Report Abuse | Sign In | Request to be a member
News & Press: Industry News

NAIC Adopts Model Data Security Law Although California Already Leads the Nation

Tuesday, October 17, 2017  
Share |

During its summer meeting in August, the National Association of Insurance Commissioners Cybersecurity Working Group and Innovation and Technology Task Force adopted the Insurance Data Security Model Law. Because California has been a leader in data security law, the CLTA does not expect that the NAIC model act will replace the current provisions in California law. The CLTA believes that it is necessary to track the NAIC model acts in the event legislation does get introduced in California.

The purpose of the model act is to establish standards for data security and for the investigation of and notification to a cybersecurity event. A licensee would be required to develop, implement, and maintain, based on the licensee’s risk assessment, a comprehensive written Information Security Program that contains administrative, technical, and physical safeguards for the protection of nonpublic information and the licensee’s information system. The model act defines “nonpublic information” and requires a company to designate an employee, affiliate, or outside vendor to perform a risk assessment to identify reasonably foreseeable internal or external threats that could result in unauthorized access and disclosure of nonpublic information.

California Land Title Association


1215 K Street #1816 Sacramento, CA 95814-3905
Email: mail@clta.org  |  Phone: 916-444-2647  |   Fax: 916-444-2851