The Missouri Department of Commerce and Insurance published a memo reminding carriers about their obligation to report cybersecurity events.
State law requires any entity that owns or licenses personal information to notify affected consumers upon discovering a security breach. The law also defines what constitutes a breach and when notice must be filed with consumer reporting agencies and the state Attorney General’s office.
The department said in Bulletin 23-04 that it additionally requests insurers to notify it of any cybersecurity events as soon as practicable, but no more than 10 ...
Comments