The NAIC made cybersecurity and consumer data protection the top priorities.
TENNESSEE, USA – Tennessee insurance consumers will get new protections for their personal, medical and financial information with the recently approved by the Tennessee General Assembly of the Insurance Data Security Act.
“I want to thank Governor Bill Lee and members of the General Assembly for the swift passage of this important legislation that represents an important step forward in helping Tennessee address cybersecurity threats to the insurance industry.” said TDCI Commissioner Carter Lawrence.
- Identify internal or external threats that may result in unauthorized access, transmission, disclosure, misuse, or destruction of consumers’ private information.
- Develop, implement, and maintain an information security program based on your individualized risk assessment with a designated employee responsible for the information security program.
- Investigate any cybersecurity breaches and notify the insurance commissioner of a cybersecurity event if the licensee is a domiciled insurer or if more than 250 Tennesseans are affected.
Led by the National Association of Insurance Commissioners (NAIC), the creation of a legislative model that formed the basis of Tennessee law was created with the input of national regulators after a succession of data breaches exposed the personal information of millions of Americans.
The NAIC made cybersecurity and consumer data protection the top priorities. The model legislation was the result of a two-year collaborative process that resulted in a model law that could be adopted by several states.
“The adoption of the Tennessee bill is critical for the commissioner and the department to have the tools to better protect sensitive information from Tennessee consumers,” said Deputy Insurance Commissioner Bill Huddleston.
In an effort to raise consumer awareness of cybersecurity, TDCI reminds consumers to familiarize themselves with the cybersecurity of the NAIC.