Bill is similar to model data security law adopted by NAIC
If you are a SC title agent, this bill will likely affect you if it passes!
The National Association of Insurance Commissioners (NAIC) adopted the Insurance Data Security Model Law, intending to promote rigorous cyber risk management practices, in October. And the South Carolina Department of Insurance (SCDOI) has introduced a similar bill in the South Carolina legislature. The South Carolina version, the South Carolina Insurance Data Security Act, is now in committee, and can be read here.
The model law creates data security standards for insurers and agents. The rules would apply to the real estate lawyers in South Carolina who are also title insurance agents. The rules require overseeing third-party providers, investigating data breaches and notifying consumers and regulators of data breaches.
Insurers and agents will be required to have a written information security program for protecting sensitive date. Incident response plans and data recovery plans will also be required. Compliance certifications to the DOI will be required annually.
One important exemption applies to licensees with ten or fewer employees. This exemption will benefit small South Carolina law firms. Cyber security insurance may become a hotter commodity in South Carolina if this law passes, but the law is not intended to create a private cause of action.
We will watch this legislation and keep everyone posted on how it proceeds through the legislative process in South Carolina.