In reaction to the continued uptick in high profile data incidents, yesterday, Wisconsin Governor Evers signed into law Act 73, a law establishing cybersecurity requirements for the insurance industry’s protection of data collected. With a stroke of a pen, Wisconsin joins the growing number of states imposing cybersecurity regulations on insurance providers.

Insurance Commissioner Mark Afable explained that these new protections “will help protect personal data and keep Wisconsin Insurance companies secure.” This continued wave of cyber-hygiene requirements is no surprise. Years ago, the National Association of Insurance Commissioners (the NAIC) created its model rule in the hopes that all 50 states would have laws similar to Wisconsin Act 73 in place.

Wisconsin’s new law protects “nonpublic information” collected and processed by insurers. In order to comply, insurers are required to complete a risk assessment and utilize the results to tailor and create an information security program. Additionally, licensees must implement […]