Connecticut Adopts Insurance Data Security Law
To date, six states from Michigan to Alabama have adopted versions of the National Association of Insurance Commissioner’s model insurance data security law (the “NAIC model”). The NAIC model generally requires entities licensed or authorized to operate under a state’s insurance laws to develop a cybersecurity program, investigate and report data breaches, and certify compliance with the law to the state’s insurance commissioner. Connecticut joined the growing list of states that have adopted a version of the NAIC model, buried in a budget bill, when Governor Ned Lamont signed Public Act 19-117 (the “Act”), on June 26, 2019, effective in relevant part on October 1, 2020.
Read More