Skip to main content

Introduced Senate Bill (S)

DIGEST

Cybersecurity requirements for insurers. Requires an insurer to: (1) develop, maintain, and update an information security program for the purpose of protecting consumers' nonpublic information; (2) conduct a risk assessment of its information systems to aid in the development of an information security program; (3) notify the insurance commissioner if a cybersecurity event affecting the nonpublic information of 250 or more consumers occurs; and (4) develop an incident response plan to respond to cybersecurity events. Cybersecurity requirements for insurers. Requires an insurer to: (1) develop, maintain, and update an information security program for the purpose of protecting consumers' nonpublic information; (2) conduct a risk assessment of its information systems to aid in the development of an information security program; (3) notify the insurance commissioner if a cybersecurity event affecting the nonpublic information of 250 or more consumers occurs; and (4) develop an incident response plan to respond to cybersecurity events.