Jun 5, 2019

State Legislature passes cyber security legislation in budget

The Connecticut Senate passed the 567-page budget plan Tuesday night after the Connecticut House of Representatives approved the same bill Monday.  The plan included the proposed insurance cyber security legislation based on the National Association of Insurance Commissioners’ model law. PIACT successfully appealed for the inclusion of an extended time frame for licensees with 10-19 employees to comply with the data security plan requirement. Licensees with more than 10, but fewer than 20 employees will remain exempt from the data security plan requirement through Sept. 30, 2021.  Licensees with 20 or more employees would need to have a data security plan in place by Oct. 1, 2020.  Under the legislation, all licensees with fewer than 10 employees would remain exempt from the data security program requirement, but still would need to comply with the cyber event security reporting requirements.

In addition to the insurance cyber security provisions, the budget expands the state’s sales tax as a way to avoid raising income or sales tax rates. The budget does not include tolls on interstates, but contains the “mansion tax” for high-value property sales and a tax, which will become a ban, on single-use plastic bags. Lamont participated in the drafting and negotiations over the extensive legislation, applauded its passage through the legislature and will likely sign it into law.  

The budget for the 2020-21 fiscal year will now go to Gov. Ned Lamont for signing.

To help PIACT members get ahead of potential cyber security requirements, PIA has partnered with TAG Solutions, which can help you conduct a cyber security risk plan and develop a cyber security program.