Search Icon
Delaware’s Insurance Data Security Act: A Growing Trend of Data Privacy and Cyber Security Regulation of the Insurance Industry Banner Image

Cyber Security & Data Privacy

Riker Danzig LLP is one of New Jersey’s oldest and largest law firms. Utilizing its strengths in litigation,...

View Practice

Delaware’s Insurance Data Security Act: A Growing Trend of Data Privacy and Cyber Security Regulation of the Insurance Industry

August 7, 2019

On July
31, 2019, Delaware Governor John C. Carney, Jr. signed the Insurance Data
Security Act (“IDSA”) into law.  The IDSA establishes a comprehensive
regulatory framework requiring insurers licensed to do business in Delaware to:
i) implement information security programs and risk assessments; ii)
investigate whether a cyber security event or data breach occurred and whose
data may have been compromised; iii) notify the Delaware Insurance Commissioner
within three (3) business days of determining that a cyber security event or
data breach occurred; iv) notify all impacted consumers within sixty (60) days
of the determination that a cyber security event or data breach has occurred,
and data has been or may have been compromised; and v) offer one (1) year of
credit monitoring services to impacted customers.  Lastly, the IDSA grants
the Delaware Insurance Commissioner with the power to investigate any insurer
to determine whether it has engaged in conduct that might violate the IDSA, and
to take remedial action.

The
Delaware’s Insurance Data Security Act is based on the National
Association of Insurance Commissioners (“NAIC”) Model Law. Since NAIC’s
promulgation of the Model Law in October of 2017, several other states have
adopted similar laws and regulations including South Carolina, Michigan, Ohio,
and New York.  We expect this trend to continue and foresee states
continuing to adopt the NAIC Model Law.

Amidst the
rising incidence of cyberattacks and growing number of high profile data
breaches, regulators have stepped up their scrutiny of information security
programs.  As the trend continues, insurance companies should confirm that
their information security and data privacy programs are compliant. 

A copy of
Delaware’s IDSA can be found here.  If
you have any questions, please contact one of this Alert's authors: Michael P.
O'Mullan at momullan@riker.com, Labinot
Alexander Berlajolli at lberlajolli@riker.com
or Daniel J. Parziale at dparziale@riker.com,
or any other attorney in Riker Danzig’s Cyber Security & Data Privacy
practice.

Riker
Danzig's Cyber
Security & Data Privacy Partners:

Brian
E. O’Donnell
Michael P. O’Mullan
Maura C. Smith
Samuel
P. Moulthrop
Robert
J. Schoenberg
Lance
J. Kalik
Jason
D. Navarino
Anthony
J. Zarillo, Jr.

Read More

Our Team

Jason D. Navarino

Jason D. Navarino
Partner

View Bio >>
Brian E. O'Donnell

Brian E. O'Donnell
Partner

View Bio >>
Michael P. O'Mullan

Michael P. O'Mullan
Partner

View Bio >>
Maura C. Smith

Maura C. Smith
Partner

View Bio >>
Anthony J. Zarillo, Jr.

Anthony J. Zarillo, Jr.
Partner

View Bio >>
Samuel P. Moulthrop

Samuel P. Moulthrop
Of Counsel

View Bio >>
Robert J. Schoenberg

Robert J. Schoenberg
Of Counsel

View Bio >>
Labinot Alexander Berlajolli

Labinot Alexander Berlajolli
Associate

View Bio >>
View All

You May Also Be Interested In:

New Jersey Adopts Comprehensive Data Privacy Law Imposing New Obligations on Businesses
February 8, 2024
Cyber Security & Data Privacy

On January 16, 2024, New Jersey became the 13th state to adopt a comprehensive data privacy law...

Learn More >

SEC May Require Advisers and Funds to Draft Cybersecurity Policies and Disclose Incidents
February 11, 2022
Cyber Security & Data Privacy

Following the rise of cybercrime and on the coattails of the Federal Trade Commission (FTC), the Office...

Learn More >

Connecticut Amends Data Breach Notification Requirements and Enacts Cybersecurity “Safe Harbor”
August 3, 2021
Cyber Security & Data Privacy

On June 16 and July 6, 2021, Connecticut Gov. Ned Lamont signed into law two new cybersecurity...

Learn More >

Get Our Latest Insights

Subscribe