Compare with different regulatory event:
On 1 January 2023, the Insurance Data Security Act (HB 474) enters into force. The Act introduces a data security framework for insurance carriers that requires them to conduct self-evaluations of their risk profile and how to mitigate it. Based on these reports, the insurance carriers need to develop their own in-house security strategy around their data collection and storage, including the training of employees and the creation of a specific response plan for possible cyber-incidents. Finally, the insurance carriers are obligated to create a reporting system to their board of directors around their vulnerabilities, their level of compliance with the data security law, and what decisions were taken around data risk mitigation.
Original source