NAII Supports Proposed Customer Privacy Rules In Illinois

The National Association of Independent Insurers indicated that it supports a proposed privacy rule being considered by the Illinois Department of Insurance, as it will “further safeguard the personal information of customers and provides insurers the ability to design security programs appropriate for the nature and scope of their activities.”

The NAII said that the proposed rule is designed to comply with the federal Gramm-Leach-Bliley Act and is patterned after the National Association of Insurance Commissioners model regulation on this issue.

“Gramm-Leach-Bliley requires insurers to develop a written program for safeguarding personal information and with the adoption of this rule, Illinois will be in compliance with this aspect of the Act. Illinois joins 11 other states that have proposed rules on this subject,” stated Laura Kotelman, counsel for NAII.

Kathleen Jensen, insurance services counsel for NAII noted that, “A positive feature of this rule is that it does not take a one-size-fits all approach. The rule allows each company to assess their operation and employ appropriate measures to safeguard personal information.”

The proposed regulations in Illinois would require companies to implement a comprehensive written information security program.
“The new rule covers the objectives of the program and examples of methods of development and implementation as well as the requirement to adjust the program appropriately,” said the NAII.

It gave the following as examples of how companies may comply with the rule:
• assess, manage and control risk
• oversee service provider arrangements
• monitor, evaluate and adjust the information security program as appropriate in light of any relevant changes in technology, sensitivity of customer information, internal or external threats and changes in business arrangements such as mergers and acquisitions.

Topics Illinois