Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Cyber security input sought by NAIC

Reprints

The National Association of Insurance Commissions has released a draft of “Principles for Effective Cybersecurity Insurance Regulatory Guidance” for public comment.

“This document will help state insurance departments identify uniform standards, promote accountability, and provide access to essential information,” the Kansas City, Missouri-based NAIC said Thursday in a statement. “It also outlines the process for working with the insurance industry to identify risks and offer practical solutions.”

Insurance regulators have a “significant role and responsibility” regarding protecting consumers from cyber security risks, regarding insurers' efforts to protect sensitive customer health and financial information, and protecting sensitive information housed in insurance departments and at the NAIC, say three of the 18 principles listed in the draft.

Other principles listed include that effective cyber security guidance must be “risk-based and threat-informed” and that sensitive data should be encrypted.

The NAIC also issued a second draft document, an annual statement supplement for cyber security policies.

Comments on both drafts should be submitted to psimpson@naic.org by March 23.

Read Next