§ 8602. Purpose and intent.
§ 8602. Purpose and intent. (a) Notwithstanding any other provision of law, this chapter establishes the exclusive state standards for data security and the investigation of, and notification to, the Commissioner and consumers when a cybersecurity event involving a licensee under this title occurs. (b) This chapter may not be construed to create or imply […]
§ 8603. Definitions.
§ 8603. Definitions. As used in this chapter: (1) “Authorized individual” means an individual to whom a licensee gave authorization to access and use nonpublic information that the licensee and the licensee’s information system holds. (2) “Commissioner” means the Insurance Commissioner of the State of Delaware. (3) “Consumer” means an individual, including an applicant, policyholder, […]
§ 8604. Information security program [For application of this section, see 82 Del. Laws, c. 176, § 2].
§ 8604. Information security program [For application of this section, see 82 Del. Laws, c. 176, § 2]. (a) Implementation of an information security program. — (1) A licensee shall develop, implement, and maintain a comprehensive, written information security program that is based on the licensee’s risk assessment and contains administrative, technical, and physical safeguards […]
§ 8412. Effective date.
§ 8412. Effective date. The requirements of this chapter shall become effective on January 1, 2015. The first filing of the ORSA summary report shall be in 2015 pursuant to § 8406 of this title. 79 Del. Laws, c. 422, § 1;
§ 8605. Investigation of a cybersecurity event.
§ 8605. Investigation of a cybersecurity event. (a) If a licensee learns that a cybersecurity event has or may have occurred, the licensee, or an outside vendor or service provider designated to act on behalf of the licensee, shall conduct a prompt investigation. (b) During an investigation under this section, the licensee, or an outside […]
§ 8501. Short title.
§ 8501. Short title. This chapter may be cited as the “Corporate Governance Annual Disclosure Act.” 81 Del. Laws, c. 119, § 1;
§ 8606. Notification of a cybersecurity event.
§ 8606. Notification of a cybersecurity event. (a) Notification to the Commissioner. — A licensee shall notify the Commissioner as promptly as possible but in no event later than 3 business days from the licensee’s determination that a cybersecurity event has occurred if either of the following criteria has been met: (1) The licensee is […]
§ 8502. Purpose and scope.
§ 8502. Purpose and scope. (a) The purpose of this chapter is to: (1) Provide the Commissioner a summary of an insurer or insurance group’s corporate governance structure, policies and practices to permit the Commissioner to gain and maintain an understanding of the insurer’s corporate governance framework. (2) Outline the requirements for completing a corporate […]
§ 8607. Power of Commissioner.
§ 8607. Power of Commissioner. (a) The Commissioner may examine and investigate the affairs of a licensee to determine whether the licensee has been or is engaged in any conduct in violation of this chapter. The Commissioner’s power under this section is in addition to the powers the Commissioner has under § 318 of this […]
§ 8503. Definitions.
§ 8503. Definitions. As used in this chapter, unless the context requires otherwise: (1) “Commissioner.” — The term “Commissioner” shall mean the Insurance Commissioner of this State. (2) “Corporate governance annual disclosure” or “CGAD.” — The term “corporate governance annual disclosure” or “CGAD” shall mean a confidential report filed by the insurer or insurance group […]