§ 500.550 Private cause of action not created; exclusive standards
§ 500.553 Definitions
§ 500.555 Comprehensive written information security program; requirements; duties of licensee and board of directors; third-party service provider; incident response plan; certification of compliance
§ 500.557 Occurrence of cybersecurity event; investigation; maintenance of records
§ 500.559 Notification of cybersecurity event involving nonpublic information; duty to update and supplement notifications to director; contents; application to third-party service provider; duties of ceding in
§ 500.561 Notice of cybersecurity event to residents of this state; conditions and requirements; duties of licensee; substitute notice; notification to certain consumer reporting agencies; exception; compliance
§ 500.563 Confidentiality; use of documents, materials, or other information; duties of director
§ 500.565 Exemption for certain licensees; timeline for implementation and compliance

Terms Used In Michigan Laws > Chapter 500 > Act 218 of 1956 > Chapter 5A - Data Security

  • Beneficiary: A person who is entitled to receive the benefits or proceeds of a will, trust, insurance policy, retirement plan, annuity, or other contract. Source: OCC
  • Bequest: Property gifted by will.
  • Consumer: means an individual, including, but not limited to, an applicant, a policyholder, an insured, a beneficiary, a claimant, and a certificate holder, who is a resident of this state and whose nonpublic information is in a licensee's possession, custody, or control. See Michigan Laws 500.553
  • Contract: A legal written agreement that becomes binding when signed.
  • Corporation: A legal entity owned by the holders of shares of stock that have been issued, and that can own, receive, and transfer property, and carry on business in its own name.
  • Cybersecurity event: means an event that results in unauthorized access to and acquisition of, or disruption or misuse of, an information system or nonpublic information stored on an information system. See Michigan Laws 500.553
  • Department: means the department of insurance and financial services. See Michigan Laws 500.102
  • Devise: To gift property by will.
  • Director: means , unless the context clearly implies a different meaning, the director of the department. See Michigan Laws 500.102
  • Discovery: Lawyers' examination, before trial, of facts and documents in possession of the opponents to help the lawyers prepare for trial.
  • Encrypted: means the transformation of data into a form that results in a low probability of assigning meaning without the use of a protective process or key. See Michigan Laws 500.553
  • Evidence: Information presented in testimony or in documents that is used to persuade the fact finder (judge or jury) to decide the case for one side or the other.
  • Ex officio: Literally, by virtue of one's office.
  • Fraud: Intentional deception resulting in injury to another.
  • Freedom of Information Act: A federal law that mandates that all the records created and kept by federal agencies in the executive branch of government must be open for public inspection and copying. The only exceptions are those records that fall into one of nine exempted categories listed in the statute. Source: OCC
  • Gift: A voluntary transfer or conveyance of property without consideration, or for less than full and adequate consideration based on fair market value.
  • hospitals: as used in this act shall include hospitals, sanatoria and other institutions operated for the purposes mentioned in section 2 of this act. See Michigan Laws 331.201
  • in writing: shall be construed to include printing, engraving, and lithographing; except that if the written signature of a person is required by law, the signature shall be the proper handwriting of the person or, if the person is unable to write, the person's proper mark, which may be, unless otherwise expressly prohibited by law, a clear and classifiable fingerprint of the person made with ink or another substance. See Michigan Laws 8.3q
  • Information security program: means the administrative, technical, and physical safeguards that a licensee uses to access, collect, distribute, process, protect, store, use, transmit, dispose of, or otherwise handle nonpublic information. See Michigan Laws 500.553
  • Information system: means a discrete set of electronic information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of electronic nonpublic information, as well as any specialized system such as an industrial or process controls system, a telephone switching and private branch exchange system, or an environmental control system. See Michigan Laws 500.553
  • Insurance producer: means that term as defined in section 1201. See Michigan Laws 500.116
  • Insurer: means an individual, corporation, association, partnership, reciprocal exchange, inter-insurer, Lloyds organization, fraternal benefit society, or other legal entity, engaged or attempting to engage in the business of making insurance or surety contracts. See Michigan Laws 500.106
  • Jurisdiction: (1) The legal authority of a court to hear and decide a case. Concurrent jurisdiction exists when two courts have simultaneous responsibility for the same case. (2) The geographic area over which the court has authority to decide cases.
  • Licensee: means a licensed insurer or producer, and other persons licensed or required to be licensed, authorized, or registered, or holding or required to hold a certificate of authority under this act. See Michigan Laws 500.553
  • Multi-factor authentication: means authentication through verification of at least 2 of the following types of authentication factors:
  (i) Knowledge factors, such as a password. See Michigan Laws 500.553
  • Nonpublic information: means electronic information that is not publicly available information and is any of the following:
    •   (i) Business-related information of a licensee, the tampering with which, or unauthorized disclosure, access, or use of which, would cause a material adverse impact to the business, operations, or security of the licensee. See Michigan Laws 500.553
  • Obligation: An order placed, contract awarded, service received, or similar transaction during a given period that will require payments during the same or a future period.
  • person: may extend and be applied to bodies politic and corporate, as well as to individuals. See Michigan Laws 8.3l
  • Public law: A public bill or joint resolution that has passed both chambers and been enacted into law. Public laws have general applicability nationwide.
  • Publicly available information: means any information that a licensee has a reasonable basis to believe is lawfully made available to the general public from federal, state, or local government records, by widely distributed media, or by disclosures to the general public that are required to be made by federal, state, or local law. See Michigan Laws 500.553
  • Risk assessment: means the risk assessment that each licensee is required to conduct under section 555(3). See Michigan Laws 500.553
  • state: when applied to the different parts of the United States, shall be construed to extend to and include the District of Columbia and the several territories belonging to the United States; and the words "United States" shall be construed to include the district and territories. See Michigan Laws 8.3o
  • Subpoena: A command to a witness to appear and give testimony.
  • Testify: Answer questions in court.
  • Third-party service provider: means a person that is not a licensee and that contracts with a licensee to maintain, process, or store, or otherwise is permitted access to nonpublic information, through its provision of services to the licensee. See Michigan Laws 500.553