Insurers and their employees are liable for the loss of any clients' personally identifiable information. Photo: jannoon028/Shutterstock

Insurance agents and brokers are not exempt from following the new guidance the National Association of Insurance Commissioners (NAIC) recommended in April. They, as well as insurance companies and agents, can be held liable for the loss of prospect or client Protected Health Information (PHI) or personally identifiable information (PII), such as a person’s full name, date of birth, address, and Social Security numbers.

The Principles for Effective Cybersecurity: Insurance Regulatory Guidance looks to state insurance regulators “to ensure that personally identifiable consumer information held by insurers, producers and other regulated entities is protected from cybersecurity risks.” The guidance encourages insurers, agencies and producers to secure data and maintain security with nationally recognized efforts such as those embodied in the National Institute of Standards and Technology (NIST) framework.

Want to continue reading?
Become a Free
PropertyCasualty360 Digital Reader.


  • All news coverage, best practices, and in-depth analysis.
  • Educational webcasts, resources from industry leaders, and informative newsletters.
  • Other award-winning websites including and

Already have an account?


The British Legal Awards (BLA) 2023Event

Celebrating achievement, excellence, and innovation in the legal profession in the UK.

Get More Information


Join PropertyCasualty360

Don’t miss crucial news and insights you need to make informed decisions for your P&C insurance business. Join now!

  • Unlimited access to - your roadmap to thriving in a disrupted environment
  • Access to other award-winning ALM websites including, and
  • Exclusive discounts on PropertyCasualty360, National Underwriter, Claims and ALM events

Already have an account? Sign In Now
Join PropertyCasualty360

Copyright © 2023 ALM Global, LLC. All Rights Reserved.