On May 3, 2018, Governor Henry McMaster signed into law the South Carolina Insurance Data Security Act (SCIDSA). The SC Insurance Data Security Act applies to insurance businesses licensed through the Department of Insurance. Those businesses who have 10 or more employees, agents, representatives, or independent contractors fall under the full requirements of this act. For official information on this act refer to the SC Department Insurance Cybersecurity page.
This act is wide-sweeping but mostly focuses on organizations. Individual agents and independent contractor are most likely safe from the hassles of full compliance. By working under a business that meets the size requirement, they can leave the heavy lifting to their parent company. Organizations, on the other hand, have many legal responsibilities. For more information concerning organizational responsibilities, please read our other blogs listed below or call us for a free consultation.
Organizations meeting HIPAA requirements are excluded from most of this law as well. Because HIPAA is more stringent than SCIDSA, the DOI requires just a compliance certificate. The department’s probable point of view is that if you meet HIPAA, you have met all the requirements of IDSA and more.
With that said, this act only pertains to licensee’s based in the State of South Carolina.
If you would like to speak with the South Carolina Department of Insurance directly about the act, call them at (803) 737-6160.
If you would like a free consultation on how the Act affects your business give Tandem Cyber Solutions a call at (843) 309-3058
For more information on SCIDSA check out some of our other popular blogs:
Co-founder + VP of Operations
Keith Small is a retired professional law enforcement officer. Having sharpened an inquisitive mindset over almost three decades in criminal investigations and police work, he is now focused on applying his craft to protecting businesses from cybercriminals. Focusing on analysis and forensics, he relentlessly pursues knowledge in current tactics and cyber-criminal behaviors.