NAIC Passes Consumer Bill of Rights During Cybersecurity Awareness Month

The National Association of Insurance Commissioners (NAIC) has taken another step in advancing cybersecurity as one of the organization's key initiatives, coinciding with national cybersecurity awareness month. On Wednesday, the Cybersecurity (EX) Task Force adopted the Cybersecurity Bill of Rights, a project aimed at bolstering consumer protection.

“Consumers have a right to expect their personal, financial and health information entrusted to the insurance industry is secure,” said Adam Hamm, North Dakota Insurance Commissioner and NAIC Cybersecurity Task Force Chair. “They also deserve to know when a breach occurs so they can safeguard themselves against identity theft or other types of fraud. This Bill of Rights is designed to assist consumers when sensitive information is breached.”

The Cybersecurity Bill of Rights is intended to help update model laws considered by the Cybersecurity (EX) Task Force. including: Insurance Information and Privacy Protection Model Act, Privacy of Consumer Financial Health and Information Regulation, Standars for Safeguarding Consumer Information Model Regulation and Insurance Fraud Prevention Model Act. This is the first step in the review process and the document will now head to the NAIC Executive (EX) Committee/Plenary for full membership discussion and approval.

Proponents of the Cybersecurity Bill of Rights drafted a simple guide with consumer-friendly terms to tell policyholders what to expect if their personal information is compromised. The Cybersecurity Bill of Rights will be made available for state insurance departments to publish for local consumers. These rights may vary, depending on state law.

“Cybersecurity is one of the biggest challenges facing businesses today and this is one of our association's key priorities,” said Monica J. Lindeen, NAIC President and Montana Insurance Commissioner. “Our commitment to strengthening the NAIC's technical and information services infrastructure and our security environment is demonstrated in our current budget, as well as strategic planning for the next few years.”

The NAIC urges consumers to get smart about cybersecurity this month by reminding consumers to safeguard their personal data and review personal financial statements. Earlier this year, the NAIC created a Security Breach Response Headquarters to help consumers in the wake of a cybersecurity breach as part of the response to large cyber data breaches.

The NAIC's Principles for Effective Cybersecurity: Insurance Regulatory Guidance are available. Visit the FBI's website for more information on National Cybersecurity Awareness Month.