South Carolina Insurance Entities – Take Cyber Action Now

On May 3, 2018, South Carolina Governor McMaster signed into law the South Carolina Department of Insurance Data Security Act. The Act intends to protect personal information managed by insurance agencies, brokers, and carriers in South Carolina from cybersecurity threats. South Carolina is the first state to implement a comprehensive cybersecurity law covering the insurance industry following 2017’s NAIC Insurance Data Security Model Law.

The Insurance Data Security Act goes into effect on January 1, 2019, and requires all insurers, agents, and other licensed entities to develop a comprehensive written information security program within six months of the compliance date, July 1, 2019. The law implements rules for South Carolina insurance agencies, brokers, and carriers on how they manage and secure personal information. This law also applies to ANY insurance-related company writing business in South Carolina, even if they are no not physically located in South Carolina. Georgia and North Carolina businesses should take special notice.

The Act is highly detailed and requires for insurance-related entities to prepare for any cybersecurity threats in the future. Just a few examples of the requirements stated in the Insurance Data Security Act include:

  • Maintain an information security program based on ongoing risk assessment;
  • Perform risk assessment based on threats combined with likelihood and magnitude of harm;
  • Implement an information security program to mitigate risks identified;
  • Develop, implement and maintain a secure information security program;
  • Investigate any cybersecurity activities and notify the Department of Insurance of those activities within 72 hours;
  • Conduct annual testing of effectiveness and safeguards and report findings annually;
  • Develop a written Incident Response Plan; and
  • Provide adequate staff training and awareness on cybersecurity and how to mitigate risks.

Corsica Technologies recommends that all South Carolina insurers, agents, and other licensed entities impacted by the Insurance Data Security Act begin reviewing their existing information security programs to see how it aligns with the new law. If your organization does not have an information security program, now is the perfect time to develop one. Aside from complying with the new law, implementing best practices now will protect an organization from the increasing threat of cybercrime.

Corsica Technologies has analyzed the South Carolina Department of Insurance’s Insurance Data Security Act with our certified, and qualified professionals who are prepared to assist in any way necessary. We provide the components to help you manage and build the required security program or simply audit the program you currently have in place and provide next steps to complete the state requirements in-house.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

MDM vs. MAM: Which one is right for you? - Corsica Technologies

MDM vs. MAM: Which One Is Right For You?

How should you handle mobile devices that have access to company data and systems? This is a crucial question for today’s on-the-go, hybrid workforce. Maybe you give your team company-owned mobile devices. Or perhaps your employees find it more convenient

Read more
Managed Network Services - Everything You Need to Know - Corsica Technologies

Managed Network Services: Everything You Need To Know

For overworked IT teams, managed network services are a lifesaver. Rather than monitoring network logs, troubleshooting switches, and working overtime to mitigate vulnerabilities, you can engage a trusted partner to manage your network for you. But not all providers are

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.