South Carolina

Implementation of New Cybersecurity Regulations in South Carolina

January 2019

Starting from January 1, 2019, South Carolina has enforced new cybersecurity rules specifically aimed at licensed insurance companies. As detailed in a blog post from Hunton Andrews Kurth's Privacy & Information Security Law Blog, these regulations introduce additional requirements in addition to the state's existing breach notification obligations. Under the new rules, companies are obligated to inform state insurance authorities within 72 hours after confirming any unauthorized access, disruption, or misuse of nonpublic information. Notably, South Carolina is the first state in the nation to adopt data security regulations based on the model proposed by the National Association of Insurance Commissioners.

New cybersecurity rules take effect in South Carolina

Learn More