Insurers' cyber security practices have been a major focus of regulators around the globe this year. In the U.S., the National Association of Insurance Commissioners has convened a task force, and released a customer bill of rights as well as guidance for carriers.

In China, the China Insurance Regulatory Commission issued Draft Insurance IT Rules that require, in part, that insurers doing business in the country purchase "secure and controllable" products, including domestic encryption technologies and local hardware and software.

But according to a Reuters report, that provision has drawn the ire of foreign business groups, including the American Council of Life Insurers, and Japan Electronics and Information Technology Industries Association, who sent a joint letter to the Commission at the end of last month.

The groups contend that "such provisions would run counter to global information security standards" by excluding foreign companies who provide cybersecurity software, Reuters reported.

"We urge CIRC to avoid the risks associated with exclusive reliance on localized solutions, prescriptive technologies and  restrictions on data flows," the lobby group said in the letter. "By excluding foreign technology that may be the most  secure, this approach is likely to result in less secure digitalized operations."

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access