Compare with different regulatory event:
On 8 April 2022, the Insurance Data Security Act (HB 474) was signed by the Kentucky Governor. The Bill introduces a data security framework for insurance carriers that requires them to conduct self-evaluations of their risk profile and how to mitigate it. Based on these reports, the insurance carriers need to develop their own in-house security strategy around their data collection and storage, including the training of employees and the creation of a specific response plan for possible cyber-incidents. Finally, the insurance carriers are obligated to create a reporting system to their board of directors around their vulnerabilities, their level of compliance with the data security law, and what decisions were taken around data risk mitigation. The Act will enter into force on 1 January 2023.
Original source