Under Iowa’s proposed regulation on consumer privacy, an insurer could be penalized for a single instance of failing to comply with its requirements, according to the National Association of Independent Insurers (NAII).
NAII Counsel Ann Weber, in a letter to the state Insurance Department, took exception to the provision under which a single contravention of the regulation could result in enforcement action and penalties, including forfeiture or revocation of an insurer’s license.
“Since there is no objective criteria in the proposed rules specifying what constitutes a comprehensive written information security program, and since the ‘required’ safeguards are also not specified,” Weber said, “it may be impossible for an insurer to determine what level of effort is required for compliance.
“While NAII agrees that a company should be allowed the flexibility to develop its comprehensive written information security program, as the proposed rule outlines, we object to the fact that a single infraction could result in penalties. A single contravention of the proposed regulation should not be actionable; there should be a finding of a consistent or intentional contravention of the rules for safeguarding customer information before action is taken against an insurer.”
Banks Still Face Legal Claims After $25 Billion Settlement
MF Global Judge to Examine Insurance Payments for Former Executives
Daredevil CEOs May Put Companies at Risk
California Independent Contractor Law May Be Liability for Agents, Brokers
North Carolina Continues Auto Regulation Debate As Rates Stay Same for 2012
Long-time California Lobbyist Looks to 2012 Legislation Affecting Insurance
Mine Safety Chief Seeks to End Complacency Over Safety
Virginia Court Grants Rehearing of Global Warming Claims Case
