Iowa Code
Chapter 507F - INSURANCE DATA SECURITY
Section 507F.5 - Third-party service provider arrangements.

507F.5 Third-party service provider arrangements.
1. A licensee shall exercise due diligence in the selection of third-party service providers, conduct oversight of all third-party service provider arrangements, and require all third-party service providers to implement appropriate administrative, technical, and physical measures to protect and secure the information systems and nonpublic information that are accessible to, or held by, the licensee’s third-party service providers.
2. Licensees shall comply with this section no later than January 1, 2024.
2021 Acts, ch 79, §5, 17
Section effective January 1, 2022; 2021 Acts, ch 79, §17
NEW section

<< Previous
Next >>

Structure Iowa Code

Iowa Code

Title XIII - COMMERCE

Chapter 507F - INSURANCE DATA SECURITY

Section 507F.1 - Title.

Section 507F.2 - Purpose and scope.

Section 507F.3 - Definitions.

Section 507F.4 - Information security program.

Section 507F.5 - Third-party service provider arrangements.

Section 507F.6 - Cybersecurity event — investigation.

Section 507F.7 - Cybersecurity event — notification and report to the commissioner.

Section 507F.8 - Cybersecurity event — notification to consumers.

Section 507F.9 - Cybersecurity event — third-party service providers.

Section 507F.10 - Cybersecurity event reinsurers.

Section 507F.11 - Cybersecurity event — producers of record.

Section 507F.12 - Confidentiality.

Section 507F.13 - Applicability.

Section 507F.14 - Penalties.

Section 507F.15 - Rules and enforcement.

Section 507F.16 - Severability.