Governor Proposes Data Security Rules for Insurance Companies

Where:

Minnesota

Why did the Governor propose 2020 legislation to add data security requirements for insurance companies?

“Minnesota Blue Cross Blue Shield allowed hundreds of thousands of serious cybersecurity vulnerabilities to collect on its computer systems over a period of years.”

What are announced pieces of the legislation?

• adopt national standards for data security at insurance companies
  • will follow Michigan and Ohio’s lead to adopt the model law was drafted in 2017 by the National Association of Insurance Commissioners 
• apply to all insurance companies, not just health care
• state Commerce Department would have investigative & enforcement powers

Star Tribune | New data-privacy law proposed for Minnesota insurers