On June 8, Laura Rieben, deputy privacy officer of the Internal Audit and Compliance Department at Independence Blue Cross (Independence), presented informational testimony to the Insurance Committee of the Pennsylvania House of Representatives on House Bill 2499 – The Insurance Data Security Act. Kim Kockler, senior vice president of government affairs, introduced Rieben to Committee members and joined her to take questions.
House Bill 2499 would add new standards to the existing reporting requirements for insurers to maintain compliance with state security regulations. It would also require insurers to notify the Insurance Commissioner in the case of a cyber security event in addition to state and federal reporting already mandated.
“In addition to ongoing, regular audits by governmental entities, regulators, group customers, and other relevant third parties, Independence conducts a wide variety of proactive internal and third-party audits and reviews to ensure compliance with all applicable laws and contracts. We work aggressively to maintain security certifications to meet and exceed industry best practices,” Rieben explained during the meeting.
Rieben has dedicated her career to protecting the privacy and security of individuals’ information. Her role at Independence ensures the organization’s ongoing compliance with state, federal, and international laws. She oversees organization-wide privacy training content, incident response procedures, policy development, and data oversight initiatives. Her team also investigates and responds to data privacy and security incidents impacting members, groups, and vendors.
Later in the testimony, Rieben thanked the Committee for its work on the bill. “Independence appreciates the collaboration and feedback sought by the Insurance Department in advance of today’s informational meeting. We understand the intent for our state regulator to be sooner informed following a cyber event impacting insured individuals and families in the state,” she said.
The proposed bill is based on a National Association of Insurance Commissioners’ model law and supported by the Pennsylvania Insurance Department. House Bill 2499 must be reviewed and considered by the Insurance Committee before it can be sent to the full House of Representatives for a vote.*
*Update: On September 12, 2022, the Pennsylvania House Insurance Committee approved the bill.