|
What's happening
with Privacy at the NAIC and in the States?
This page contains all the information
you’ll need to know what’s happening with privacy at the NAIC and in
the states: updates on NAIC and state privacy activity; links
to model laws and regulations; frequently-asked questions and
answers; links to other helpful sources of privacy information; and
more…
First,
some background:
 |
Beginning
in the early 1980s, NAIC members recognized the importance of
protecting the privacy of insurance consumers. With the
adoption of the Insurance Information and Privacy Protection
Model Act, the NAIC established an affirmative consent
(“opt-in”) standard for the disclosure of insurance consumers’
personal information, including financial and health.
Currently, 13 states have laws based on the 1982 Model
Act. The NAIC believes state laws based on this model
act are generally more protective of consumer privacy than the
privacy provisions of the Gramm-Leach-Bliley Act
(GLBA).
|
|
In 1998,
the NAIC turned its focus specifically to the privacy of
personal health information. The Health Information
Privacy Model Act was developed primarily to give guidance to
Congress and the U.S. Department of Health and Human Services,
which were considering health information privacy protections
under the Health Insurance Portability and Accountability Act
(HIPAA).
|
|
In
February 2000, the NAIC established the Privacy Issues Working
Group to give guidance to state insurance regulators in
response to the enactment of the Gramm-Leach-Bliley Act
(GLBA), which required the state regulators to promulgate
regulations enforcing the law’s new consumer privacy
provisions. On September 26, 2000, the Privacy of
Consumer Financial and Health Information Model Regulation was
adopted by the full NAIC membership without
opposition.
Click on the "Privacy Publications" button
at the left to find out how to order copies of the
Insurance Information and Privacy Protection Model
Act, the Health Information Privacy Model Act and
the Privacy of Consumer Financial and Health Information
Model Regulation.
|
|
The NAIC’s
Privacy Issues Working Group meets on a regular basis to give
guidance to the states and discuss implementation and
interpretation issues with respect to the 1982 Model Act and
the Model Regulation.
Click on the "Privacy
Issues Working Group" button at the left for more information
on the activities of the Privacy Issues Working Group and the
Privacy Notice Content Task Force. |
Current
Status in the States
One year after adoption of the NAIC model
privacy regulation, 44 states and the District of Columbia have laws
and/or regulations that meet GLBA’s privacy standards:
|
16
states have enacted regulations/laws based on the NAIC model
privacy regulation, which protects financial and health
information;
|
|
15
states have enacted laws/regulations based the NAIC model
privacy regulation’s notice and opt out provisions protecting
financial privacy (several of these states have health
protections in place or will enact them in the
future);
|
|
13
states have retained the NAIC’s 1982 model privacy act on
their books; and
|
|
7
states have privacy regulations pending, but have not taken
final action. |
Click here to
see color maps illustrating state action on privacy.
Click here to
access state privacy policies and regulations
Click here for a summary of state privacy
laws and regulations, including citations and status.
[ Word
| PDF
]
Click
here for a list of staff members in each state insurance department
who handle privacy issues.
|
