B26-0427

Cybersecurity and Accountability Act of 2025

Chamber Passed·7/14/26
Tion Text

Cybersecurity and Accountability Act of 2025 mandates cybersecurity measures for insurers in D.C.

The Cybersecurity and Accountability Act of 2025 requires insurers licensed in the District of Columbia to implement comprehensive information security programs to protect nonpublic information. These programs must include administrative, technical, and physical safeguards. Insurers must also notify the Commissioner within three business days of any cybersecurity event that could harm consumers or the insurer's operations. The Commissioner has the authority to investigate cybersecurity events and enforce compliance.

Included in complete analysis

  • Overview
  • Core Provisions
  • Implementation
  • Impact
  • Legal Framework
  • Critical Issues

See what it does, who it affects, and the critical issues in plain language. Free, 30 seconds.

Where it stands

Last
Passed the Council · 12–0 · Jul 14
Current
The other chamber
Next
Floor vote

Sponsors

D
1
0
Democratic CaucusRepublican Caucus

Roll Call Votes

First Reading, CC

12 Yea

DDDIDDDDDDD

0 Nay

1 Absent

D

History

Jul 14

Council

First Reading, CC

Jul 8

Council

Committee Mark-up of B26-0427

Jun 15

Council

Public Hearing Held