On May 1, South Carolina's legislature ratified the South Carolina Insurance Data Security Act, its version of the NAIC's Insurance Data Security Model Law. Next stop: the Governor's office.
If signed by Governor Henry McMaster, South Carolina will become the first state to adopt the NAIC Model Law.
South Carolina's law is substantially similar to the NAIC Model, and would take effect January 1, 2019. Licensees would have until July 1, 2019 to, among other things, implement an information security program and establish an incident response plan. By July 1, 2020, licensees would be expected to have a third-party service provider management system in place.
The South Carolina Insurance Data Security Act (H.B. 4655) is available at: http://www.scstatehouse.gov/sess122_2017-2018/bills/4655.htm.
The NAIC Insurance Data Security Model Law is available at: http://www.naic.org/store/free/MDL-668.pdf.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.