The New York State Department of Financial Services (“DFS”) on September 13, 2016, proposed regulations, to be effective as of January 1, 2017, that would mandate cybersecurity standards for any entity authorized by DFS to operate in New York, including certain banks and insurance companies doing business in New York. The proposed “Cybersecurity Requirements

On August 17, 2016, the Cybersecurity Task Force (Task Force) of the National Association of Insurance Commissioners (NAIC) released for comment a revised draft of an Insurance Data Security Model Law (Model Law). This revised draft Model Law addresses comments received from regulators, industry participants and the public on the initial draft proposed by the

On March 2, 2016, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force proposed a comprehensive Model Law that is intended “to establish the exclusive standards for data security and investigation and notification of a breach of data security” for licensed insurance companies. The proposed Model Law would apply to all insurers, producers “and

The National Association of Insurance Commissioners’ (NAIC) Executive Committee and Plenary has approved the NAIC Roadmap for Cybersecurity Consumer Protections (the “Roadmap”), formerly the Cybersecurity Bill of Rights. The Roadmap “describes the protections the NAIC believes consumers are entitled to from insurance companies, agents and other businesses when they collect, maintain and use” personal information.