House Bill 474

Actions | Amendments
Last Action 04/08/22: signed by Governor (Acts Ch. 149)
Title AN ACT relating to insurance data security.
Bill Documents Current/Final
Introduced
Bill Request Number 1028
Sponsor M. Pollock
Summary of Original Version Create new sections of Subtitle 3 of KRS Chapter 304 to establish definitions; require licensees to conduct risk assessments; require licensees to develop an information security program, including an incident response plan; require licensees to investigate cybersecurity events and potential cybersecurity events; establish recordkeeping requirements relating to cybersecurity events; establish reporting requirements relating to cybersecurity events; require licensees to comply with KRS 365.732; provide exceptions for certain provisions; authorize the commissioner to examine and investigate licensees for potential violations and take action necessary to enforce relevant provisions; establish how and under what circumstances documents, materials, or other information may be used or disclosed; prohibit the commissioner or other persons acting on under the authority of the commissioner from testifying in a private civil action concerning confidential documents, materials, or other information; provide that a licensee may be penalized for violations in accordance with KRS 304.99-020; authorize the commissioner to promulgate administrative regulations pursuant to KRS 304.2-110; provide for severability; establish a timeframe for implementation of certain provisions; EFFECTIVE January 1, 2023.
Index Headings of Original Version Effective Dates, Delayed - Insurance, data security, requirements, January 1, 2023
Insurance - Data security, requirements
Information Technology - Insurance, data security, requirements
Jump to Proposed Amendments Senate Committee Substitute 1
Votes Vote History

Actions

Top | Amendments
02/10/22
  • introduced in House
  • to Committee on Committees (H)
02/15/22
  • to Banking & Insurance (H)
02/16/22
  • reported favorably, 1st reading, to Calendar
02/17/22
  • 2nd reading, to Rules
  • posted for passage in the Regular Orders of the Day for Friday, February 18, 2022
02/22/22
  • 3rd reading, passed 94-0
02/23/22
  • received in Senate
  • to Committee on Committees (S)
03/03/22
  • to Banking & Insurance (S)
03/15/22
  • reported favorably, 1st reading, to Consent Calendar with Committee Substitute (1)
03/16/22
  • 2nd reading, to Rules as a consent bill
03/17/22
  • posted for passage in the Consent Orders of the Day for Wednesday, March 23, 2022
03/23/22
  • passed over and retained in the Consent Orders of the Day
03/24/22
  • passed over and retained in the Consent Orders of the Day
03/25/22
  • passed over and retained in the Consent Orders of the Day
03/29/22
  • 3rd reading, passed 36-0 with Committee Substitute (1)
  • received in House
  • to Rules (H)
  • taken from Rules (H)
  • posted for passage for concurrence in Senate Committee Substitute (1)
03/30/22
  • House concurred in Senate Committee Substitute (1)
  • passed 94-0
  • enrolled, signed by Speaker of the House
  • enrolled, signed by President of the Senate
  • delivered to Governor
04/08/22
  • signed by Governor (Acts Ch. 149)

Proposed Amendments

Top | Actions
Amendment Senate Committee Substitute 1
Summary Retain original provisions except replace certain requirements for a licensee's board of directors with requirements for executive management; modify circumstances under which licensees are deemed to comply with the data security requirements; provide that financial institution licensees are deemed to comply with the data security requirements under certain circumstances; make technical amendments, effective January 1, 2023.
Index Headings Effective Dates, Delayed - Insurance, data security, requirements, January 1, 2023
Insurance - Data security, requirements
Information Technology - Insurance, data security, requirements
Banks and Financial Institutions - Insurance, data security, requirements

Last updated: 4/29/2022 2:39 PM (EDT)
To receive notice when the record is updated follow @LRCTweetBot.