The Connecticut Insurance Department issued a revised Notice to All Entities and Persons Licensed by the Connecticut Insurance Department concerning the Usage of Big Data and Avoidance of Discriminatory Practices (available here).  The Notice, issued April 20, 2022, reminds “all entities and persons licensed by the Department that the Department continues to expect such entities and persons to use technology and Big Data in full compliance with anti-discrimination laws and have completed the [annual] data certification….”

On December 7, 2021, the New York Department of Financial Services (“NY DFS”) released an industry letter providing guidance on Multi-Factor Authentication (“MFA”).   MFA, which requires users of information systems to provide an additional “factor,” often through a one-time code or push notification to their mobile device, in addition to their password when accessing information systems.

The New York Department of Financial Services (NYDFS) has now released a pair of alerts on the increase in cyberattacks on public facing insurance websites that provide instant quoting services to customers.  If you provide instant online quoting through your website, it is imperative that you review your system’s security and the methods you use to provide instant quotes.

Hartford Office Managing Partner Ted Augustinos authored an article for Best’s Review detailing privacy and cybersecurity issues that have arisen for insurers and producers as a result of employees working remotely due to the COVID-19 pandemic. For companies that likely have not previously had their entire workforce working remotely simultaneously, it is important to revisit risk assessments and evaluate technical and administrative safeguards, he explains.

Reminding NY DFS regulated entities that its Cybersecurity Regulation (23 NYCRR Part 500) requires ‎assessment of cybersecurity risk, and the reporting of certain cybersecurity events within 72 hours, ‎the DFS issued guidance specific to the current COVID-19 pandemic. The DFS guidance is appropriate ‎for any business, whether or not subject to the NY Regulation.‎

The long-awaited amendments to the California Consumer Privacy Act of 2018 (CCPA) have finally become law. On October 11, 2019—two days before the October 13 deadline—California Governor Gavin Newsom announced that he signed all of the California Legislature’s September 2019 amendments to the CCPA: AB-25, AB-874, AB-1146, AB-1355, and AB-1564.

Locke Lord LLP and Novarica will look at new regulatory developments in analytics, use of data, and data security that have the potential to affect insurer technology strategy. This webinar covers the potential effects of regulation on the use of analytics and AI in life insurance underwriting, how privacy requirements may affect insurer data governance and MDM strategies, and how third-party data security requirements may affect distribution technology strategies.

Locke Lord’s Regulatory and Transactional Insurance Practice Group has teamed with Novarica, a leading insurance industry technology research, advisory services and consulting firm, to address the impact of evolving insurance regulation on information technology systems of insurance and reinsurance companies. Atlanta Partner Brian Casey, Co-Leader of Locke Lord’s Regulatory and Transactional Insurance Practice Group, Hartford Office Managing Partner Ted Augustinos, member of the steering committee of the Firm’s Privacy and Cybersecurity Group, and Chicago Partner Ben Sykes co-authored the first installment of a quarterly report with Novarica on insurance technology strategy and regulatory compliance.