§ 33-104. Cybersecurity event
West's Annotated Code of MarylandInsuranceEffective: October 1, 2022
Effective: October 1, 2022
MD Code, Insurance, § 33-104
§ 33-104. Cybersecurity event
(a) If a carrier learns that a cybersecurity event has or may have occurred, the carrier or an outside vendor or service provider designated to act on behalf of the carrier shall conduct a prompt investigation.
(b) During the investigation, the carrier or an outside vendor or service provider designated to act on behalf of the carrier, shall, at a minimum:
(c) If a carrier learns that a cybersecurity event has or may have occurred in a system maintained by a third-party service provider, the carrier shall complete the steps listed in subsection (b) of this section or confirm and document that the third-party service provider has completed those steps.
Credits
Added by Acts 2022, c. 231, § 1, eff. Oct. 1, 2022.
MD Code, Insurance, § 33-104, MD INSURANCE § 33-104
Current with legislation effective through June 1, 2023, from the 2023 Regular Session of the General Assembly. Some statute sections may be more current, see credits for details.
End of Document |