NAIC Insurance Data Security Model Law Update: Vermont Becomes 21st State

Locke Lord LLP
Contact

Vermont Governor Scott signed the Vermont Insurance Data Security Law (available here) (the “VIDSL”), becoming the 21st state to adopt a cybersecurity statute based on the National Association of Insurance Commissioners Insurance Data Security Model Law (NAIC Model 668).  Importantly for many licensees, the new Vermont statute, which will be effective January 1, 2023 (with some delayed compliance dates) codifies a drafters’ note of NAIC Model 668 (which has not been adopted in all state implementations) stating that compliance with the Cybersecurity Regulation of the New York Department of Financial Service, with a written certification of such compliance, is deemed to satisfy the requirements of the VIDSL.

There are some differences between the VIDSL and NAIC Model 668, the most important of which is the lack of a Vermont requirement to report certain cybersecurity events to the commissioner.  Instead, the VIDSL specifically provides that it “shall not be construed to change any aspect of the Security Breach Notice Act, 9 V.S.A. § 2435,” which requires entities regulated by the Department of Financial Regulation to provide notice of certain cybersecurity events to the Department, but without the 72 hour deadline of NAIC Model 668.

For those keeping track, NAIC Model 668 has been adopted in the following 21 states as of June 21, 2022:  AL, AK, CT, DE, HI, IA, KY, LA, ME, MD, MI, MN, MS, NH, ND, OH, SC, TN, VT, VA, and WI.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Locke Lord LLP | Attorney Advertising

Written by:

Locke Lord LLP
Contact
more
less

Locke Lord LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.