State insurance regulators have developed a set of 12 principles that could shape their efforts to promote data security.
The National Association of Insurance Commissioners (NAIC) recently posted a copy of the document on its website.
The NAIC’s Cybersecurity Task Force exposed a draft of the document in March, a few weeks after Anthem Inc. (NYSE:ANTM) reported suffering an attack that could have affected the security of records on about 79 million people.
Commenters who reviewed the draft suggested that some proposed principles were too specific, and that others suggested that state regulators would try to play a role beyond their capabilities.