Edward J. McAndrew of Ballard Spahr LLP writes:
South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 14, 2018. The Act will become effective on January 1, 2019.
The South Carolina Act will require all insurers, agents and other licensed entities doing business in the state to establish a comprehensive, written information security program by July 1, 2019. The program must be “[c]ommensurate with the size and complexity of the licensee, the nature and scope of the licensee’s activities, including the use of third-party service providers, and the sensitivity of the nonpublic information” that the licensee uses, possesses, or controls.
Read more on National Law Review.