30 July 2015IT & claims management analysis

NAIC introduces cyber risks initiative

The National Association of Insurance Commissioners (NAIC), the US standard-setting and regulatory support organisation, has introduced three new initiatives to help protect consumer information and educate the public about cyber risks.

The NAIC’s cybersecurity task force, which was set up last year, released a consumer cybersecurity bill of rights draft.

The bill is intended to set standards for helping consumers if their personal information is compromised and the task force expects to adopt these standards within the next 30 days.

The task force is also working with state insurance regulators to conduct examinations on insurance companies to verify they are protecting personal data effectively.

The NAIC is also co-sponsoring a forum with the Center for Strategic and International Studies to allow policymakers and business leaders to discuss cyber risks faced by US businesses and consumers and what steps can be taken to manage these risks.

The forum, ‘Cyber Risk Management and Insurance’, will take place in Washington DC on September 10, 2015.

The new initiatives follow the NAIC’s adoption of guiding principles for cybersecurity in the spring and its development of new reporting requirements for insurers to help them track cyber insurance policies issued in the marketplace more effectively.

Monica Lindeen, NAIC president and Montana insurance commissioner, said: "Ramping up our efforts in this critical area will help state insurance departments better address both the threat and responses to cyber breaches.

"Understanding what regulators, consumers and companies can do to craft best practices will help minimise the impact on insurance consumers and the insurance industry in the long-term."

Adam Hamm, North Dakota insurance commissioner and cybersecurity task force chair, said: "Since before the first major breach of an insurer, the NAIC has been at the forefront of cyber issues. We will continue our work at the NAIC to protect consumers and support efforts to improve cybersecurity in the insurance sector."