South Carolina Governor Signs Bill Enacting New NAIC Model Cybersecurity Law
South Carolina Governor Signs Bill Enacting New NAIC Model...
South Carolina Governor Signs Bill Enacting New NAIC Model Cybersecurity Law
South Carolina HB 4655 has been enacted and is effective January 1, 2019. South Carolina is the first state to enact the NAIC’s new Insurance Data Security Mode Law.
The bill requires that all non-exempt insurance licensees, not just South Carolina domestic carriers or producers, must develop, implement, and maintain a comprehensive written information security program that is based on a mandatory cybersecurity risk assessment. This makes the act applicable to any carrier that is licensed in South Carolina.
The program must contain administrative, technical, and physical safeguards for the protection of “nonpublic information” as defined in the law and the licensee's information system.