‘Insurers & Producers in Virginia: Get Ready for New Data Security and Notification Requirements!’

By Christopher Moschella, CPA, CISA, Risk Advisory Services Senior Manager

‘Insurers & Producers in Virginia: Get Ready for New Data Security and Notification Requirements!’

What You Need to Know About The Insurance Data Security Act

It is our goal as Opportunity Advisors to go beyond traditional tax and accounting services and provide you with sound advice and planning opportunities to keep your business moving forward. With that in mind, we are sharing an article by Bobby Turnage, Jr., attorney with Sands Anderson. In this article, Bobby shares important information about a new data security law that will impact insurers and producers in Virginia. We hope you find this article informative and if you would like to learn more about cybersecurity preparedness for your business, please contact your Keiter representative or reach out to our Cybersecurity Team, Email | 804.747.0000.

Expanded data security and incident notification requirements

“Virginia has a new law, the Insurance Data Security Act (New Law), going into effect on July 1, 2020, which will expand the data security and incident notification requirements on insurers licensed in the Commonwealth. The New Law is similar to the National Association of Insurance Commissioners’ Insurance Data Security Model Law – with some important modifications…Insurers and producers operating in Virginia need to review their current programs, policies and procedures to ensure they are ready to comply with the New Law. An important step in implementing the robust InfoSec Program requirements under the New Law is to conduct a risk assessment to help an organization identify and understand existing threats, risks and vulnerabilities. While the New Law will create more statutory and regulatory requirements, the good news is that compliance can also serve to improve an organizations overall cybersecurity posture.”

Access the full article for an overview of the new law and its requirements.

Read More


Sands Anderson | Bobby N. Turnage, Jr.

Additional Cybersecurity Resources



Share this Insight:

About the Author

Christopher Moschella

Christopher Moschella, CPA, CISA, Risk Advisory Services Senior Manager

Chris is a Senior Manager in Keiter’s Risk Advisory Services. Chris has a strong combination of IT skills, which range from IT audit and internal control assessments, including general computer controls and application controls, to full stack web development. Most recently, Chris developed a Cybersecurity web application that assesses an organization’s resistance to social engineering attacks. Chris shares his cybersecurity insights on our blog.

More Insights from Christopher Moschella

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.


Contact Us