The web Browser you are currently using is unsupported, and some features of this site may not work as intended. Please update to a modern browser such as Chrome, Firefox or Edge to experience all features Michigan.gov has to offer.
Do I have to certify my information security program?
If you are an insurer who is domiciled in Michigan, then you must submit a written statement to the Department of Insurance and Financial Services certifying that your information security program is in compliance with the requirements of MCL 500.555 utilizing FIS 2360: Information Security Program Annual Certification. You are exempt from certifying your information security program if you meet any of the following conditions:
(A) You have fewer than twenty-five employees; independent contractors are included in this count.
(B) You are subject to and in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191.