You are here:HomeNews CenterNews About PIA2016PIA Comments on NAIC Cyber Model at NCOIL Meeting

PIA Comments on NAIC Cyber Model at NCOIL Meeting

At its recent meeting in Portland, Oregon, the National Conference of Insurance Legislators' Financial Services and Investment Product Committee considered providing input on the National Association of Insurance Commissioners' Model Law on cybersecurity.
July 27, 2016

At its recent meeting in Portland, Oregon, the National Conference of Insurance Legislators (NCOIL)’s 
Financial Services and Investment Product Committee considered providing input on the National Association of Insurance Commissioners (NAIC)’s Model Law on cybersecurity. 

South Carolina Insurance Director Ray Farmer, the vice-chair of the NAIC’s Cybersecurity Task Force, announced that a new draft of the model is expected to be published before the August NAIC meeting in San Diego. Director Farmer expressed doubt that the Task Force would vote on the new draft at the August meeting. However, he expects that a telephone vote by the Task Force will occur before the winter NAIC meeting. He encouraged NCOIL members to withhold judgment on the NAIC model until the next draft is made public.

Interested parties, including Lauren Pachman from PIA, were given the opportunity to comment.  They echoed comments made at other industry meetings at which the NAIC model has been discussed, and generally suggested NCOIL refrain from drafting its own model until the next NAIC draft was available.  Several interested parties also expressed concern about the possibility of the NAIC cybersecurity model law becoming an accreditation standard.

During the NCOIL-NAIC Dialogue, State Sen. Steve Riggs (Kentucky) asked Director Farmer for more information about what prompted the NAIC to develop the cybersecurity model, given the extent to which this issue is addressed already in state law. Farmer explained that the NAIC model was intended to contain all the provisions NAIC regulators wanted to see in every state law and noted that, across existing state laws, there are numerous variations. Some state laws, he noted, are insufficiently robust. The NAIC model is designed to remedy that by strengthening state laws and encouraging uniformity.

During NCOIL’s Property & Casualty General Session, a representative from KPMG encouraged the development of uniform rules governing insurance of autonomous vehicles, so that vehicles that travel across state lines aren’t subject to multiple states’ liability laws and regulations.  Eventually, the KPMG representative opined, policies will be written to insure the autonomous-driving software instead of the vehicle’s driver, so that liability for losses will fall on products rather than drivers.

Filed under: