Spring Cleaning on the NAIC Model Privacy Laws
Because there have been many technological developments since 2017, a regulator-only work group was formed to identify key issues across five subjects for comment, including:
- Types of data collection, sharing, and usage specific to insurers;
- How privacy risk affects insurance consumers;
- Gaps in federal and state law;
- Obligations insurers should have to consumers; and
- What rights consumers should have to control their personal information.
The regulator-only work group will consider Model 670 and Model 672 alongside proposed federal legislation, the European Union’s General Data Protection Regulation, the California Consumer Privacy Act, and the NAIC’s data security model law. It will also work closely with the NAIC’s Artificial Intelligence and Accelerated Underwriting working groups.
Insurers using consumer information should be aware that the inevitable revisions to Model 670 and Model 672 could require them to freshen up their policies and procedures.