New Connecticut Data Security Law To Impact Insurance Agencies
A new Connecticut law will require many insurance agencies to implement cybersecurity programs. The requirements take effect in less than two months.The Insurance Data Security Law requires Connecticut licensees to develop, implement and maintain a comprehensive written information security program based on a risk assessment. The programs must include the administrative, technical and physical safeguards for protecting their information systems and the nonpublic information stored in them. The deadline for implementing the program is October 1, 2020. The program must be commensurate with:The size and complexity of the licensee The nature and scope of the licensee's activities, including, but not limited to, the licensee's use…