§ 8510. Severability clause.
§ 8510. Severability clause. If any provision of this chapter other than § 8507 of this title, or the application thereof to any person or circumstance, is held invalid, such determination shall not affect the provisions or applications of this chapter which can be given effect without the invalid provision or application, and to that […]
§ 8511. Effective date.
§ 8511. Effective date. The requirements of this chapter shall become effective on January 1, 2018. The first filing of the CGAD shall be in 2018. 81 Del. Laws, c. 119, § 1;
§ 8601. Short title.
§ 8601. Short title. This chapter is known and may be cited as the “Insurance Data Security Act.” 82 Del. Laws, c. 176, § 1;
§ 8602. Purpose and intent.
§ 8602. Purpose and intent. (a) Notwithstanding any other provision of law, this chapter establishes the exclusive state standards for data security and the investigation of, and notification to, the Commissioner and consumers when a cybersecurity event involving a licensee under this title occurs. (b) This chapter may not be construed to create or imply […]
§ 8603. Definitions.
§ 8603. Definitions. As used in this chapter: (1) “Authorized individual” means an individual to whom a licensee gave authorization to access and use nonpublic information that the licensee and the licensee’s information system holds. (2) “Commissioner” means the Insurance Commissioner of the State of Delaware. (3) “Consumer” means an individual, including an applicant, policyholder, […]
§ 8604. Information security program [For application of this section, see 82 Del. Laws, c. 176, § 2].
§ 8604. Information security program [For application of this section, see 82 Del. Laws, c. 176, § 2]. (a) Implementation of an information security program. — (1) A licensee shall develop, implement, and maintain a comprehensive, written information security program that is based on the licensee’s risk assessment and contains administrative, technical, and physical safeguards […]
§ 8412. Effective date.
§ 8412. Effective date. The requirements of this chapter shall become effective on January 1, 2015. The first filing of the ORSA summary report shall be in 2015 pursuant to § 8406 of this title. 79 Del. Laws, c. 422, § 1;
§ 8605. Investigation of a cybersecurity event.
§ 8605. Investigation of a cybersecurity event. (a) If a licensee learns that a cybersecurity event has or may have occurred, the licensee, or an outside vendor or service provider designated to act on behalf of the licensee, shall conduct a prompt investigation. (b) During an investigation under this section, the licensee, or an outside […]
§ 8501. Short title.
§ 8501. Short title. This chapter may be cited as the “Corporate Governance Annual Disclosure Act.” 81 Del. Laws, c. 119, § 1;
§ 8606. Notification of a cybersecurity event.
§ 8606. Notification of a cybersecurity event. (a) Notification to the Commissioner. — A licensee shall notify the Commissioner as promptly as possible but in no event later than 3 business days from the licensee’s determination that a cybersecurity event has occurred if either of the following criteria has been met: (1) The licensee is […]