X
    X
    X
    X

    NAIC Cybersecurity “Bill of Rights” Wrong to Many Insurers

    Publications

    Last week, an NAIC task force moved forward in recommending a cybersecurity “bill of rights” that insurance regulators could provide consumers, essentially creating an expectation of notice of a breach “never more than 60 days” after a breach, and the right to one year of free credit monitoring. Insurance industry groups have objected to the proposed bill of rights. Among other objections, there is a concern that the “bill of rights” may create obligations and standards not currently provided under, and potentially inconsistent with, applicable state breach notification, privacy, and security laws and regulations.

    The cybersecurity task force previously developed 12 principles for effective cybersecurity insurance regulatory guidance, as we reported here.

    The cybersecurity bill of rights recommended by the task force is subject to NAIC approval. We will continue to track its progress.

    Explore Additional Topics

    Disclaimer

    Please understand that your communications with Locke Lord LLP through this website do not constitute or create an attorney-client relationship with Locke Lord LLP. Any information you send to Locke Lord LLP through this website is on a non-confidential and non-privileged basis. Therefore, do not send or include any information in your email that you consider to be confidential or privileged.