Topic: Privacy/Data Security/Cyber Risk

Complimentary Webinar: Insurance IT Strategy and Regulatory Compliance: AI, CCPA and NY DFS

Locke Lord LLP and Novarica will look at new regulatory developments in analytics, use of data, and data security that have the potential to affect insurer technology strategy. This webinar covers the potential effects of regulation on the use of analytics and AI in life insurance underwriting, how privacy requirements may affect insurer data governance and MDM strategies, and how third-party data security requirements may affect distribution technology strategies.

Read More

New Hampshire Takes the NAIC Plunge

On August 2, 2019, New Hampshire became the most recent of many states that adopted an Insurance Data Security Law (Senate Bill 194-FN) modeled after the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law.  New Hampshire Governor Chris Sununu signed Senate Bill 194-FN (SB194) into law requiring insurance companies licensed in NH (“Licensees”) to implement information security programs, and to report cybersecurity events. 

Read More

Insurance Technology Strategy and Regulatory Compliance, Vol. 1

Locke Lord’s Regulatory and Transactional Insurance Practice Group has teamed with Novarica, a leading insurance industry technology research, advisory services and consulting firm, to address the impact of evolving insurance regulation on information technology systems of insurance and reinsurance companies. Atlanta Partner Brian Casey, Co-Leader of Locke Lord’s Regulatory and Transactional Insurance Practice Group, Hartford Office Managing Partner Ted Augustinos, member of the steering committee of the Firm’s Privacy and Cybersecurity Group, and Chicago Partner Ben Sykes co-authored the first installment of a quarterly report with Novarica on insurance technology strategy and regulatory compliance.

Read More

Connecticut Adopts Insurance Data Security Law

To date, six states from Michigan to Alabama have adopted versions of the National Association of Insurance Commissioner’s model insurance data security law (the “NAIC model”).  The NAIC model generally requires entities licensed or authorized to operate under a state’s insurance laws to develop a cybersecurity program, investigate and report data breaches, and certify compliance with the law to the state’s insurance commissioner.  Connecticut joined the growing list of states that have adopted a version of the NAIC model, buried in a budget bill, when Governor Ned Lamont signed Public Act 19-117 (the “Act”), on June 26, 2019, effective in relevant part on October 1, 2020.

Read More

New York Jumps on the Data Security Bandwagon

On June 17, the New York State Assembly passed the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD Act which will be enforced by the New York Attorney General. This SHIELD Act should not be confused with Marvel’s Strategic Homeland Intervention Enforcement and Logistics Division also called S.H.I.E.L.D. The SHIELD Act is awaiting the governor’s signature to become law.

Read More

Cybersecurity Update: NYDFS, NAIC, and What’s Going on in SC, OH, MI, and MS?

On March 1, 2017 the cybersecurity regulation of the New York Department of Financial ‎Services (the “DFS Regulation”) took effect, requiring subject financial institutions, including ‎insurance companies, (“Covered Entities”) to among other things adopt written information ‎security programs to address the protection of nonpublic information and information systems.

Read More

What Every InsurTech Should Know About Privacy and Cybersecurity

As an early stage or startup InsurTech, you’re highly focused on all the right things: identifying a ‎challenge for the insurance industry, developing an innovative technical solution, making it ‎practical and scalable, getting it funded, and implementing it. The industry for which InsurTech ‎seeks to develop and deliver solutions is awash, however, in requirements and restrictions related ‎to the collection, use, sharing, and protection of data.‎

Read More

FTC Proposes Amendments to Safeguards Rule to Track NY DFS Cybersecurity Regulation (and amendments to its Privacy Rule)

As we’ve been predicting, including here, the Cybersecurity Regulation adopted by the NY DFS for insurance, banking and other financial services continues to drive the conversation in the U.S.  The latest manifestation is the FTC proposal, announced March 5, 2019, to amend it Safeguards Rule adopted pursuant to the Gramm-Leach-Bliley Act of 1999 (GLBA) to require financial institutions to adopt certain safeguards to protect the nonpublic personal information of consumers.

Read More

InsurTech

Topics

Archives

Email the Editor

Click here to Email the Editor

Locke Lord LLP

For the latest information about our Firm visit lockelord.com