See Credit Details Below
A significant legislative trend is on the horizon for FIs and insurers in 2020: a new breed of state privacy and cybersecurity laws. In the absence of federal intervention, a growing number of state legislatures are enacting laws and regulations modeling California’s Consumer Privacy Act for all businesses, and, in parallel, prescribing privacy and cybersecurity requirements directed at insurers.
The trend began with New York. The New York Department of Financial Services (NYDFS) Cybersecurity Requirements for Financial Services Companies (Part 500) was enacted in 2017, and took full effect on March 1, 2019. Initially, it stood as the first cybersecurity regulation broadly directed at financial services companies, including insurers. Shortly thereafter, however, and in anticipation of further legislative activity in this area, the insurance industry proposed a Data Security Model Law to help harmonize cybersecurity requirements for insurers. Eight states thus far have since adopted a version of the Model Security Law.
On March 21, 2020, New York’s “Stop Hacks and Improve Electronic Data” (SHIELD) Act goes into effect. That law has imposed strict cybersecurity requirements on all companies that handle private information, even if those companies are located elsewhere.
Please join Brian L. Hengesbaugh and Harry A. Valetk of Baker McKenzie, and Nubiaa Shabaka of AIG as they:
- Summarize upcoming cybersecurity requirements for FIs and insurers;
- Cover several cybersecurity measures set to go into effect later this year; and
- Help insurers and other companies stay ahead of the curve.
Program Level: Update
Intended Audience: Corporate, insurance and financial services attorneys and allied professionals involved in privacy and cybersecurity compliance
Advanced Preparation: None