NAIC Cybersecurity Task Force Adopts Regulatory Principles

May 5, 2015

The Cybersecurity (EX) Task Force of the National Association of Insurance Commissioners (NAIC) recently adopted the Principles for Effective Cybersecurity Insurance Regulatory Guidance.

The guidance includes 12 principles intended to establish insurance regulatory guidance that promotes coordination and protects insurance consumers. The document identifies types of safeguards regulators expect insurers to have in place to protect consumers from cybersecurity breaches. The principles adopted direct insurers, producers, and other regulated entities to join forces in identifying risks and adopting practical solutions to protect information entrusted to them.

“Due to ever-increasing cybersecurity issues, it has become clear that it is vital for state insurance regulators to provide effective cybersecurity guidance regarding the protection of the insurance sector’s data security and infrastructure,” the guidance states. “The insurance industry looks to state insurance regulators to aid in the identification of uniform standards, to promote accountability across the entire insurance sector, and to provide access to essential information. State insurance regulators look to the insurance industry to join forces in identifying risks and offering practical solutions.”

Cybersecurity risks have become more significant as critical consumer financial and health information is increasingly stored in electronic form. Recent high-profile data breaches have led regulators to work toward strengthening insurer defenses against attacks.

“These principles will serve as the foundation for protection of sensitive consumer information held by insurers as well as insurance producers and guide regulators who oversee the insurance industry,” said Monica J. Lindeen, NAIC president and Montana commissioner of securities and insurance.

Don’t miss the May edition of TitleNews for more on cybersecurity.

Contact ALTA at 202-296-3671 or [email protected].