Insurance Regulators to Conduct Insurer Cybersecurity Verification Examinations In Conjunction with NAIC Task Force

Jul 28, 2015


The National Association of Insurance Commissioners’ (“NAIC”) announced today, July 28, 2015, that its Cybersecurity Task Force (“Task Force”) will be coordinating with state insurance regulators to conduct examinations of insurers for the purpose of verifying whether companies are taking appropriate steps to protect consumers’ sensitive data, including confidential personal information. 

The initiative comes as part of the NAIC’s increased efforts to tackle cybersecurity issues.  After adopting the Guiding Principles for Cybersecurity earlier this year, as well as developing new reporting requirements for insurers to better track cyber insurance policies issued in the marketplace, the NAIC is moving forward with the verification examinations, as well as the following additional initiatives:

  • The NAIC’s Cybersecurity Task Force released a Consumer Cybersecurity Bill of Rights draft this week for public comment.  The Bill of Rights is intended to set standards for helping consumers if their personal information is compromised.  The Task Force expects to adopt these standards within the next 30 days.
  • The NAIC is co-sponsoring a forum with the Center for Strategic and International Studies on September 10 in Washington, D.C. entitled “Cyber Risk Management and Insurance.”  Cyber experts, policymakers and business leaders will discuss cyber risks faced by American businesses and consumers, and how best to manage those risks. 

“Ramping up our efforts in this critical area will help state insurance departments better address both the threat and responses to cyber breaches,” said Monica J. Lindeen, NAIC President and Montana Insurance Commissioner.  “Understanding what regulators, consumers and companies can do to craft best practices will help minimize the impact on insurance consumers and the insurance industry in the long-term.”

“Since before the first major breach of an insurer, the NAIC has been at the forefront of cyber issues,” added Adam Hamm, North Dakota Insurance Commissioner and Cybersecurity Task Force Chair.  “We will continue our work at the NAIC to protect consumers and support efforts to improve cybersecurity in the insurance sector.”

To view the NAIC’s “Principles for Effective Cybersecurity:  Insurance Regulatory Guidance” adopted in April 2015, click here.



Should you have any questions or comments, please contact Colodny Fass.



Click here to follow Colodny Fass on Twitter (@ColodnyFassLaw)




To unsubscribe from this newsletter, please send an e-mail to