After a year of high profile attacks, the cyber industry has much to learn about the methods hackers have been using to collect personal data, which includes information such as financial records and medical histories. According to the Office of Civil Rights, a sub-agency of Human and Health Services, as many as 112 million health records may have been illegally accessed last year. In an effort to combat the growing number of hacks, the National Association of Insurance Commissioners Cybersecurity Task Force proposed an Insurance Data Security Model Law on March 3 which will attempt to establish new standard cyber security, response and roles of the regulator.
While this is old news for many, a recent Insurance Networking article covers the important role of the insurance regulators when it comes to collecting and using data across the industry. “Because insurance is a data-driven industry, regulators must understand what data is being collected and for what purpose,” the NAIC said. “Today, regulators and companies have a need for data beyond what has been traditionally collected. But what regulators need is greater insight, not just more data.” The law will look to bring the cyber industry into a position to better combat hackers and cyber-attacks as they continue to evolve.