As Tort Reform Takes Hold in Georgia, Will Other States Follow? Signed into law in April 2025 and effective immediately, Georgia Senate Bill 68 makes significant changes to Georgia’s civil litigation procedures. The reform carries a stated goal of stabilizing insurance costs for businesses and consumers. The reforms aimed at limiting excessive damages and frivolous litigation include: Ban on Anchoring. Precludes argument, testimony, or other references to a specific value or range of values of noneconomic harm, such as pain and suffering. The sole exception is statements made in closing arguments, if those statements have some connection to the facts proved by evidence. This measure applies to all civil cases, including pending cases, that seek damages for bodily injury or wrongful death. Ban on Phantom Damages. Abolishes the collateral source rule, allowing juries to consider amounts billed by insurance providers and discounts offered by or negotiated for insurers. This measure applies to causes of action that accrue after April 22, 2025. Bifurcation and Trifurcation. Defendants in cases to recover damages for bodily harm and wrongful death may now elect whether to bifurcate liability and compensatory damages proceedings within a trial. A third phase can be held for a determination of punitive damages. A court may strike this election in limited circumstances. 11 10 Tort Reform Other procedural changes, applicable immediately in all civil cases, include: Motion to Dismiss Stays Merit Discovery. Merits discovery is stayed until the resolution of a motion to dismiss. Voluntary Dismissal. Precludes the voluntary dismissal of claims without prejudice after the 60th day following the filing of an answer. Among other impacts, this new rule will limit plaintiffs’ ability to cherry-pick bellwether cases in mass tort litigation by dismissing less favorable cases. We are optimistic that these reforms will dampen nuclear verdicts and create less uncertainty for insurers (click here for more discussion). Eyes are now on other states for potential tort reforms. In Texas, Senate Bill 30— which includes codification of common-law limitations on noneconomic damages and additional disclosure requirements for the provision of and payment for medical services—could pass this legislative session. Oklahoma’s Senate Bill 1065 looks to cap noneconomic damages awards at $500,000. With success in Georgia and other bills rapidly moving through legislatures across the country, we may see a meaningful reduction to legal exposure in tort cases in the coming months and years. n Top 5 Cybersecurity and Privacy Updates for the Insurance Industry By: Kate Hanniford, Lance Taubin, and Kristen Bartolotta The global cybersecurity and privacy landscape continues to shift in response to rapid advancements in technology and expanded utility of personal data. Our Privacy, Cyber & Data Strategy Team outlines several trends and changes across jurisdictions that are particularly relevant to insurers. 1. Regulator Expectations. In recent years, U.S. state and federal regulators have increasingly emphasized, both through guidance and enforcement actions, more prescriptive and rigorous cybersecurity controls to account for the evolving cyber-threat landscape and technological advancements. Some of the new prescriptive cybersecurity requirements from regulators include implementing phishing-resistant multi-factor authentication (MFA); developing and maintaining a comprehensive, up-to-date asset and software inventory (including tracking any end-of-life (EOL) products); mandatory encryption (in transit and/or at rest) of personal information; and enhanced logging and monitoring measures. MFA, for example, is top of mind for regulators. The New York Department of Financial Services has consistently identified MFA as a critical control for all financial services companies, and in its recent industry letter reminded covered entities that MFA must be in place for “all Authorized Users attempting to access Covered Entities’Information Systems or NPI, including customers, employees, contractors, and [third-party service providers].”This means that MFA is required for customers and agents accessing the covered entity’s information systems or nonpublic information, and not just for employees and contractors. This requirement will take effect in November 2025. At the federal level, the Federal Trade Commission’s Office of Technology and Division of Privacy and Identity Protection highlighted and encouraged the adoption of phishing-resistant MFA. According to FTC staff, “requiring phishing-resistant multifactor authentication for employees, such as security keys instead of numeric codes or push notifications” can mitigate security risks. 2.Artificial Intelligence. Using artificial intelligence (AI) models and platforms enables the insurance industry to make faster and more informed decisions across business sectors, including fraud detection, claims processing, and underwriting. However, AI can introduce additional risks. In addition to the privacy risks associated with typical AI use, like any components of a system, AI systems must be safe and secured from cyberattacks. AI systems can present risks that are not otherwise present in traditional systems. According to a report by the National Institute of Standards and Technology (NIST), there is“potential for adversarial manipulation of training data, adversarial exploitation of model vulnerabilities to adversely affect the performance of the AI system, and even malicious manipulations, modifications or mere interaction with models to exfiltrate sensitive information about people represented in the data, about the model itself, or proprietary enterprise data.” As a result, AI systems are uniquely vulnerable to a variety of attacks, including poisoning, evasion, privacy, and abuse. AI systems’ unique vulnerabilities to attacks demand strong security measures at each stage of the AI life cycle, including strong cybersecurity architecture
RkJQdWJsaXNoZXIy MTc0OTA5