Delaware Gets Insurance Data Security Law
On July 31, Delaware Gov. John C. Carney, Jr., signed House Bill 174 into law. The Delaware Insurance Data Security Act is based on a National Association of Insurance Commissioners' model act, which establishes a comprehensive regulatory framework requiring those in the business of insurance who are licensed or should be licensed to do business in Delaware to implement information security programs, report instances of data breaches in a prescribed timely manner to the commissioner and consumers, and empowers the Department of Insurance to investigate violations of the act and levy penalties accordingly.
“When hardworking consumers entrust their personal information to their insurance companies, they have a reasonable expectation that their carriers will do everything they can to safeguard that information,” stated Delaware Insurance Commissioner TrinidadNavarro. “Over the past several years, we have seen time and again consumers’ information be compromised or stolen by hackers’ cyber threats to insurers. By codifying a regulatory standard that requires all insurance licensees in Delaware to implement information security programs and timely report data breaches to the department and consumers, HB 174 enhances Delaware’s consumer protection measures to hold companies accountable and give consumers the peace of mind that they deserve.”