Less than a year from now, insurers doing business in South Carolina will be required to have a “comprehensive information security program” that protects consumer data.
As of Jan. 1, 2019, insurers licensed in the state will be required to create and maintain data security standards based on an ongoing risk assessment, oversee third-party service providers, investigate breaches and notify regulators within 72 hours of a cyber event that affects more than 250 state residents.
