Passed in 2018, the South Carolina Insurance Data Security Act established standards for data security and provides guidelines for how cyber security events should be reported.

The South Carolina Department of Insurance issued a form for businesses to report such events in accordance with requirements of the Act.

The form prompts companies to select from one of several different types of cyber security events (Data Theft by Employee / Contractor; Phishing; Computer and Equipment;

Hackers; Unauthorized Access; Improperly Released, Exposed, or Displayed; Improperly Disposed; Stolen Laptop)

... state the type of data that was compromised:

... and upload a copy of its privacy policy and

a report on the internal review it has conducted.