Press Release

Third Party Risk Greatest Challenge in NAIC Insurance Data Security Law Compliance

CHICAGO (January 4, 2018) – A flash poll conducted by Baker Tilly Virchow Krause, LLP (Baker Tilly) indicates over half of insurance organizations believe overseeing third party service providers will be the greatest challenge presented by the National Association of Insurance Commissioner’s (NAIC) Insurance Data Security Law.

“Insurance organizations are struggling to meet the new law’s requirements. The challenge is not only the identification of key vendors, but also the ongoing management of the relationship to ensure the vendors have the controls and assurances in place to meet their company’s standards,” Christopher Tait, MBA, CISA, CFSA, CCSK, CCSFP, principal with Baker Tilly’s financial services risk and internal audit practice, said. “Insurers must not only do their due diligence when selecting the vendor, but they must determine and manage expectations of the provider for the duration of the relationship.”

“When managing third parties, a good starting point is to simply follow the money to identify the vendors that your company is paying,” Russ Sommers, CPA, CISA, senior manager with Baker Tilly’s financial services risk practice, said. “Once you get that list, you can further prioritize your efforts by identifying the vendors that handle nonpublic information or are critical to your organization’s key operations.”

Baker Tilly recently held an educational webinar, “Understanding the NAIC Insurance Data Security Law,” to assist insurance organizations in understanding the new cybersecurity regulation and what insurers must do in order to prepare for compliance.

The webinar presenters discussed:

  • The provisions in the Insurance Data Security Law
  • The similarities between the New York State Department of Financial Services’ (NYS DFS) cybersecurity regulation
  • The main areas that companies will need to evaluate while preparing for compliance

Presentation slides and a recording of the webinar are available at

About Baker Tilly US, LLP (

Baker Tilly US, LLP (Baker Tilly) is a leading advisory, tax and assurance firm whose specialized professionals guide clients through an ever-changing business world, helping them win now and anticipate tomorrow. Headquartered in Chicago, Baker Tilly, and its affiliated entities, have operations in North America, South America, Europe, Asia and Australia. Baker Tilly is an independent member of Baker Tilly International, a worldwide network of independent accounting and business advisory firms in 145 territories, with 34,700 professionals. The combined worldwide revenue of independent member firms is $3.6 billion. Visit or join the conversation on LinkedIn, Facebook and Twitter.