MD | On September 30, 2022, the Maryland Insurance Administration issued Bulletin 22-13. It reminds all “carriers” of the cybersecurity event notification requirement taking effect on October 1, 2022.
The designation “carrier” includes the following:
- Authorized insurers
- Nonprofit health service plans
- Health maintenance organizations
- Dental plan organizations
- Managed general agents
- Third-party administrators
It does NOT include RPGs/RRGs chartered in a state other than Maryland or assuming insurers domiciled in other jurisdictions.
Click here to read the bulletin for additional information about notification requirements and procedures.