X
    X
    X
    X

    NAIC Adopts Model Cybersecurity Law

    Publications

    Based largely on the NY DFS Cybersecurity Regulation that became effective March 1, 2017, the NAIC has adopted a Model Cybersecurity Law that would, once adopted by the various states, establish significant requirements for insurance industry licensees to adopt cybersecurity policies and procedures, to conduct risk assessments, to address the risk presented by third party service providers, and to implement various administrative and technical safeguards to protect certain data and systems.  A more detailed analysis will be forthcoming once the adopted model is published, but based on the most recent draft, the NAIC Model has fewer exemptions than the NY DFS regulation, and imposes fewer technical requirements.

    Explore Additional Topics

    Disclaimer

    Please understand that your communications with Locke Lord LLP through this website do not constitute or create an attorney-client relationship with Locke Lord LLP. Any information you send to Locke Lord LLP through this website is on a non-confidential and non-privileged basis. Therefore, do not send or include any information in your email that you consider to be confidential or privileged.