Topic: Privacy/Data Security/Cyber Risk

NAIC Privacy Protections Working Group’s Path Forward

Yesterday, the Privacy Protections (H) Working Group of the National Association of Insurance Commissioners (“NAIC”) held its first meeting since the Spring National Meeting in March. The working group seeks public comment on its path forward as it reconsiders its options for revising the NAIC’s existing privacy framework. Multiple options are being considered.

Read More

NAIC Cybersecurity Working Group Adds Cyber Coverage to its Focus

Over the last few years, the work of the Cybersecurity (H) Working Group of the National Association of Insurance Commissioners (“NAIC”) has focused on cybersecurity risk to insurance licensees such as insurance carriers, insurance intermediaries, and third-party service providers to insurance licensees. This year the working group’s work will consist of two parallel tracks: the traditional cybersecurity risk, and a new emphasis on cyber insurance coverage. In her discussion of proposed topics for the 2024 work plan, the Chair highlighted cyber coverage questions specific to ransomware, D&O, and whether or not cyber insurance products are providing the coverage that policyholders expect.

Read More

NAIC H Committee Pre-Fall National Meeting

This coming Friday the Big Data & Artificial Intelligence (H) Working Group, the Privacy ‎Protections (H) Working Group, and the Innovation, Cybersecurity, and Technology (H) ‎Committee will all meet as part of the Fall National Meeting of the National Association of ‎Insurance Commissioners (“NAIC”) in Orlando, Florida. Data use, data retention, and artificial ‎intelligence (“AI”) will be the big topics at the Fall National Meeting. Other H Committee ‎affiliated working groups will not be meeting at the Fall National Meeting; however, those ‎working groups met earlier over the fall and are moving their workstreams forward.‎

Read More

Colorado Proposes Guidance Bulletins for Life Algorithms & Predictive ‎Models Regulation

On November 20, 2023, the Division of Insurance of the Colorado Department of Regulatory Agencies (“DORA”), published for a 9 day public comment period two proposed bulletins which would provide clarifying guidance on the implementation of Colorado Insurance Regulation 10-1-1: Governance of Risk Management Framework Requirements for Life Insurer’s Use of External Consumer Data and Information Sources, Algorithms, and Predictive Models, which was adopted in September 2023 pursuant to SB21-169.

Read More

NAIC’s Work on Privacy Model Grinds On

The NAIC’s Privacy Protections (H) Working Group met over the weekend as part of the NAIC’s Summer National Meeting. The working group announced that later in the year it will seek an extension on its efforts to create a unified privacy model act (#674) which will likely push back final adoption into sometime next year. Multiple states have publicly announced that they will not support the current proposed Version 1.2, and at least one state referred to it as fundamentally flawed. The opposed states do not want to move forward with the current version. The Chair announced that the working group will continue to receive public comments while it digests comments previously received and continues the direct one-on-one outreach to companies and trades.

Read More




Email the Editor

Click here to Email the Editor

Locke Lord LLP

For the latest information about our Firm visit