Get Full Government Meeting Transcripts, Videos, & Alerts Forever!
Senate committee hears bill to tighten cybersecurity reporting for insurers
Summary
The North Dakota Insurance Department urged the Industry and Business Committee to amend state insurance data‑security law to require broader reporting of cyber incidents affecting consumer data, shorten the reporting window and remove exemptions that limit the department—s ability to examine certain licensees.
The Senate Industry and Business Committee on Tuesday heard testimony on Senate Bill 2088, a department‑sponsored bill to amend the state—s insurance data security law to require broader reporting of cybersecurity events and give regulators more authority to examine incidents that may affect consumers.
The North Dakota Insurance Department told the committee the bill would remove a current exclusion that allowed licensees to avoid reporting incidents when nonpublic information was accessed but, the licensee says, returned or deleted; shorten the statutory reporting window; eliminate a materiality threshold some companies used to avoid reporting; and remove exemptions for certain small licensees and some HIPAA‑covered entities that previously could not be examined by the department after an incident.
The department—s division director of company licensing and examinations, Matt Fisher, said the state—s law was originally based on the National Association of Insurance Commissioners— (NAIC) 2016 model and that deviations made when the statute was first enacted have produced unintended consequences. Fisher said…
Already have an account? Log in
Subscribe to keep reading
Unlock the rest of this article — and every article on Citizen Portal.
- Unlimited articles
- AI-powered breakdowns of topics, speakers, decisions, and budgets
- Instant alerts when your location has a new meeting
- Follow topics and more locations
- 1,000 AI Insights / month, plus AI Chat
