Skip Ribbon Commands
Skip to main content


RIMS Announces Formal Position on Newly Proposed Data Security and Breach Notification & Policyholder Protection Acts 5/26/2015


(NEW YORK) May 26, 2015 – Through the work of its External Affairs Committee, RIMS, the risk management society™, announced its support for two new bills that would ultimately establish a streamlined process for notifying affected parties of a data breach, as well as measures to protect an organization’s insurance investments.

“The Data Security and Breach Notification Act and the Policyholder Protection Act both, in different ways, can be legislative backstops that allow risk professionals to achieve their objectives more efficiently and with greater confidence,” said RIMS President Rick Roberts. “Reducing redundancies in the cyber breach reporting process as opposed to having to report them state-by-state will allow risk professionals to assess the situation faster and implement more effective response plans.”

Roberts continued, “Risk financing is a staple of any risk management strategy and even the slightest chance that an organization’s insurance investments might be lost due to a federal bailout or other financial discrepancies is not good for business. RIMS is pleased to see legislators address these critical issues and looks forward to lending its support to help successfully steer these bills through the approval process.”


Congress is considering legislation that would create a federal notification requirement following a cyber-breach. The Data Security and Breach Notification Act of 2015, sponsored by Sen. Nelson (S. 177) and Rep. Blackburn (HR 1770), would (a) pre-empt all state notification laws, (b) establish a timeframe for notification, (c) establish the content that notification would require, and (d) identify those individuals or third parties who must be notified.

RIMS Official Position of Support:  There are currently 47 different state data breach notification laws in place. This has proven onerous for commercial insurance buyers whose organizations operate in multiple states and must comply with several different laws whenever a cyber-breach is experienced. This federal legislation would expressly pre-empt those state laws and create one unified standard and procedure for breach notification. This increased efficiency and simplicity for RIMS’ membership is the reason that Society supports this proposal. 


Congress is considering legislation designed to protect the capital of insurance companies that are part of larger financial institutions. This legislation, sponsored by Sen. Vitter (S. 798) and Rep. Posey (H.R. 1478), would prevent federal regulators from transferring the assets of state-regulated insurance companies and their subsidiaries to rescue or support a failed or failing non-insurance financial affiliated firm.

RIMS Official Position of Support: One of the largest concerns for RIMS’ membership following the 2008 economic collapse was insurer solvency, particularly for those insurers that were affiliated with organizations that were bailed out by the federal government. This legislation would ensure that the premiums paid to the insurer for future coverage will be retained by that insurer and not ultimately used to bail out a non-insurance affiliate in the event of another economic downturn.  

For more information about RIMS legislative priorities, visit

# # #

About RIMS

As the preeminent organization dedicated to educating, engaging and advocating for the global risk community, RIMS, the risk management society™, is a not-for-profit organization representing more than 3,500 corporate, industrial, service, nonprofit, charitable and government entities throughout the world. RIMS has a membership of approximately 10,000 risk practitioners who are located in more than 60 countries. For more information about the Society’s world-leading risk management content, networking, professional development and certification opportunities, visit

​ ​​

For more information, contact:

Josh Salter, RIMS communications manager, (212) 655-6059 or



Access the most comprehensive directory of solution providers for risk professionals.


myCOI's suite of products provides you with the right solution to simplify the tracking process and minimize your risks of an uninsured claim and costly litigation...

RWH Myers

RWH Myers is committed to helping policyholders through business interruption and property damage claims, efficiently and accurately...


Navigant represents policyholders in the analysis of losses and preparation of complex insurance claims...