Act Releases Prototype Agency Information Security Plan

ALEXANDRIA, Va., Sept. 16 -- Independent Insurance Agents and Brokers of America issued the following news release:

The Independent Agents & Brokers of America's Agents Council for Technology (ACT) has released a prototype agency information security plan to assist agencies and brokers in creating their own written security plans to safeguard the private information of a agency's clients and employees, the agency's proprietary and confidential information, the physical security of the agency's premises and the integrity of electronic systems so that they function smoothly without interruption.

"Numerous state privacy and security breach notification laws, as well as several federal laws, require agents to have written security plans to protect their operations and the privacy of their clients' and employees' private information," says Steve Aronson, President of Aronson Insurance in Newton & Needham, Mass. and chair of the ACT Agency Security Best Practices Work Group that produced the security plan for ACT. "Not only could a breach of clients' private information devastate an agency's reputation; it is likely to result in the agency's having to undertake extremely time consuming and costly actions on behalf of the individuals whose private information may have been compromised."

"Having a sound written information security plan is an essential risk management tool for every independent agency," adds Jeff Yates, ACT executive director. "We wanted to provide agencies with a free tool they could customize to fit the size and complexity of their own operations."

ACT's prototype security plan covers the protection of private information in any form, whether it is voice, electronic or paper and involves much more than just the protection of the agency's systems. The plan also contains a series of "notes" designed to point out additional tips agents should keep in mind as they customize the plan, along with links to various laws that may apply and additional resources that are available.

"Putting a written security plan in place is only first step for the agency, however," adds Yates. "It is essential for the agency to then implement the plan by appointing an information security coordinator to over see it and then establishing the necessary procedures, workflows, training, monitoring, auditing and law and plan reviews to carry it out fully."

Agents and other industry participants can visit the ACT website to download the free prototype agency information security plan by clicking HERE or visiting www.independentagent/act. There is also an ACT article accompanying the plan on the website that contains more tips on how to implement a security plan and program effectively, along with additional security and privacy related resources.

Established in 1999 by the Independent Insurance Agents & Brokers of America (the Big "I"), ACT provides a candid, action-oriented forum for agent and industry associations, user groups, companies and vendors to address critical technology and workflow issues facing the independent agency system and provides agencies with reports and tools to assist them in making improvements in their businesses.

TNS hc11-JF78-100917-3008481 StaffFurigay