States around the U.S. have started to implement cybersecurity legislation for the insurance industry, Bloomberg Law reports. The bills have used a model law inspired by the New York Department of Financial Services’ cybersecurity regulation for financial services. South Carolina, Ohio and Michigan have enacted laws for insurers over the past year. New Hampshire, Connecticut and two other states have cybersecurity bills in their legislatures, while Gov. Phil Bryant, R-Miss., approved a measure on insurers earlier this month. The rules generally call for covered entities to have written information security programs, complete risk assessments and sustain incident response plans.
If you want to comment on this post, you need to login.