17 August 2017
The Cybersecurity Working Group and the Innovation and Technology Task Force of the National Association of Insurance Commissioners, at the NAIC Summer 2017 National Meeting in Philadelphia, approved the Insurance Data Security Model Law. This is a significant step in cybersecurity regulation. The Model Law closely parallels the comprehensive and first-in-the-nation New York Department of Financial Services Cybersecurity Requirements for Financial Services Companies regulation that took effect on March 1, 2017. The Model Law will now be considered by the NAIC Executive Committee and, if approved, will be presented to the Joint Meeting of the Executive Committee and Plenary for final approval.