Privacy matters: congress continues to study ways to protect consumers' financial information. (Property/Casualty: Privacy Insight).Insurers will face continuing regulatory compliance challenges on the privacy front in coming months. Congress will be pondering how credit information should be used and what safeguards are needed in e-commerce to keep information private. These privacy compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). embody one primary goal: protection of consumers' personal financial information. The goal is rooted in the federal Gramm-Leach-Bliley Act The Gramm-Leach-Bliley Act, also known as the Gramm-Leach-Bliley Financial Services Modernization Act, Pub. L. No. 106-102, 113 Stat. 1338 (November 12, 1999), is an Act of the United States Congress which repealed the Glass-Steagall Act, opening up competition of 1999, which was supposed to make it easier for multifaceted mul·ti·fac·et·ed adj. Having many facets or aspects. See Synonyms at versatile. Adj. 1. multifaceted - having many aspects; "a many-sided subject"; "a multifaceted undertaking"; "multifarious interests"; "the multifarious companies to transact business within their organizations. But more than two years after the law's enactment, there is some disparity on how this works in the real world. As each state addressed the privacy issue under this law, state legislators and regulators added branches to the trunk of the privacy protection tree. However, the current network of privacy regulations leaves insurance company compliance officers and consumers wondering if the federal law is a mighty oak designed to protect them or a bramble bush Bram´ble bush` 1. (Bot.) The bramble, or a collection of brambles growing together. He jumped into a bramble bush And scratched out both his eyes. - Mother Goose. Noun 1. full of thorns on which they might get snagged. Among its provisions, Gramm-Leach-Bliley requires financial institutions to allow consumers to prevent the sharing of their personal information with other non-affiliated companies by "opting out" of such transactions. When Congress was enacting Gramm-Leach-Bliley, it recognized that insurance is primarily regulated by the states and required all states to enact privacy laws at least as restrictive as the federal provisions. Back in 1982, the National Association of Insurance Commissioners The National Association of Insurance Commissioners (NAIC) is an Internal Revenue Code Section 501(c)(3) non-profit organization which seeks to organize the regulatory and supervisory efforts of the various state insurance commissioners from around the United States. developed the Insurance Information and Privacy Protection Model Act. Fifteen states adopted the model, whose provisions are remarkably similar to Gramm-Leach-Bliley. The model required insurers doing business in those states to send a privacy notice every other year advising customers about the kinds of information collected, where it was obtained and who received the information. This statute further required the insurer to obtain authorization prior to disclosing the information outside of a marketing or business purpose. After the enactment of Gramm-Leach-Bliley, nearly two decades later, the NAIC NAIC See National Association of Investors Corporation (NAIC). adopted a second privacy model. Unfortunately this second updated privacy model further complicated the issue by including additional requirements not found in the federal law and that other financial institutions were not mandated to meet. Conflicts between the federal law and the NAIC model have resulted in a regulatory tree that is supposed to have two strong limbs off the same trunk, one for federally regulated financial institutions and one for insurance. Instead, most financial institutions have clear privacy compliance guidelines provided by Gramm-Leach-Bliley, while insurers are forced to deal with complications and confusion resulting from the application of the NAIC model by the states. How have the states reacted? Some amended the 1982 NAIC statute to include the federal requirements. Others crafted their privacy regulations to mirror the intentions of Gramm-Leach-Bliley. Many adopted the NAIC model regulation as written with workers' compensation workers' compensation, payment by employers for some part of the cost of injuries, or in some cases of occupational diseases, received by employees in the course of their work. or health provisions that go beyond requirements on the federal law Vermont and New Mexico New Mexico, state in the SW United States. At its northwestern corner are the so-called Four Corners, where Colorado, New Mexico, Arizona, and Utah meet at right angles; New Mexico is also bordered by Oklahoma (NE), Texas (E, S), and Mexico (S). adopted insurance privacy regulations that require an insurer to obtain an "opt-in" authorization from consumers prior to disclosing personal information to a non-affiliated financial institution. Again, privacy is on Congress' agenda because several provisions of the Fair Credit Reporting Act The Fair Credit Reporting Act (FCRA) is legislation embodied in title VI of the Consumer Credit Protection Act (15 U.S.C.A. § 1681 et seq. [1968]), which was enacted by Congress in 1970 to ensure that reporting activities relating to various consumer transactions are conducted in a are due to sunset in 2003. FCRA's impact could be significant depending on what Congress does. Currently, FCRA FCRA Fair Credit Reporting Act (US) FCRA Foreign Contribution Regulation Act FCRA Federal Credit Reform Act FCRA Florida Civil Rights Act FCRA Florida Court Reporters Association FCRA Fabric Care Research Association carries exemptions for financial institutions, including insurance companies, to acquire credit information. One proposal would eliminate that exemption since it has been deemed an invasion of privacy invasion of privacy n. the intrusion into the personal life of another, without just cause, which can give the person whose privacy has been invaded a right to bring a lawsuit for damages against the person or entity that intruded. by some in Congress. This could affect insurers' ability to use credit in rating and underwriting, a process that allows for objectivity and fairness in those areas. Another proposal would allow the exemption, but alter Gramin-Leach-Bliley to disallow To exclude; reject; deny the force or validity of. The term disallow is applied to such things as an insurance company's refusal to pay a claim. affiliate disclosure and to change opt-out to opt-in. This could cause expensive and timely problems for states and companies that have adopted privacy statutes and put notification processes in place. Finally, it's possible that some states will feel pressure in the next year to mirror what California and North Dakota North Dakota, state in the N central United States. It is bordered by Minnesota, across the Red River of the North (E), South Dakota (S), Montana (W), and the Canadian provinces of Saskatchewan and Manitoba (N). are considering--mandating that insurers offer consumers an "opt-in" rather than an "opt-out." If that scenario plays out, insurers will be forced to go back and re-do their notices to accommodate this change. Kathleen Jensen is insurance services counsel for the National Association of Independent Insurers. She can be reached at insight@bestreview.com. As so many different aspects of this issue unfold, it's very important that insurers know the basic history of the law and obtain clear information so they can determine where to focus their compliance efforts. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion