South Carolina becomes First State to enact Insurance Data Security Law based on NAIC Model
May 15, 2018

As we reported here, and further analyzed here in October 2017, the NAIC adopted an Insurance Data Security Model Law.

On May 3, 2018, the South Carolina Governor made South Carolina the first state in the nation to adopt a comprehensive cybersecurity statute for the insurance industry, by signing into law the South Carolina Insurance Data Security Act (H4655) based on the NAIC Model.  Effective January 1, 2019, Licensees of the South Carolina Department of Insurance must comply with the new requirements for protecting the confidentiality and security of information and systems, and reporting certain cybersecurity events, as described in our discussion of the NAIC Model linked above.

As defined by the new Act, “’Licensee’ means a person licensed, authorized to operate, or registered, or required to be licensed, authorized, or registered pursuant to the insurance laws of this State but does not include a purchasing group or a risk retention group chartered and licensed in a state other than this State or a licensee that is acting as an assuming insurer that is domiciled in another state or jurisdiction.”


Visit our Insurance & Reinsurance Blog for the latest news and developments.

Visit the blog