Skip to Main Content
<< Back | Return to Main COMAR Search Page

26 records match your request.

FileAbstract
31.16.08.00.htm 31.16.08.00. Title 31 MARYLAND INSURANCE ADMINISTRATION Subtitle 16 MISCELLANEOUS Chapter 08 Privacy of Consumer Financial and Health Information Authority: Insurance Article, §2-109(d) Annotated Code of Maryland
31.16.08.01.htm 31.16.08.01. 01 Scope.. A. This chapter applies to all licensees of the Maryland Insurance Administration who possess nonpublic personal financial information or nonpublic personal health information about consumers.B. This chapter does not apply to information about persons who obtain products or services for business, commercial, or agricultural purposes.
31.16.08.02.htm 31.16.08.02. 02 Purpose.. This chapter:. A. Requires a licensee to provide notice to individuals about its privacy policies and practices;. B. Describes the conditions under which a licensee may disclose nonpublic personal health information and nonpublic personal financial information about individuals to affiliates and nonaffiliated third parties; andC. Provides methods for individuals to prevent a licensee from disclosing nonpublic personal financial information and nonpub
31.16.08.03.htm 31.16.08.03. 03 Definitions.. A. In this chapter, the following terms have the meanings indicated.. B. Terms Defined.. 1) "Affiliate" means a company that controls, is controlled by, or is under common control with another company.2) "Clear and conspicuous notice" means a notice that is:. a) Reasonably understandable; and. b) Designed to call attention to the nature and significance of the information in the notice.. 3) "Collect" means to obtain information that the licensee organizes or can
31.16.08.04.htm 31.16.08.04. 04 Exemption from Notice and Opt Out Requirements for Nonpublic Personal Financial Information.. A. A licensee is not subject to the notice and opt out requirements for nonpublic personal financial information of this chapter if:1) The licensee is an employee, agent, or other representative of another licensee;. 2) The other licensee otherwise complies with, and provides the notices required by, the provisions of this chapter; and3) The licensee does not disclose any nonpublic pe
31.16.08.05.htm 31.16.08.05. 05 Initial Privacy Notice for Financial Information to Consumers Required.. A. A licensee shall provide a clear and conspicuous notice that accurately reflects its privacy policies and practices for nonpublic financial information to:1) An individual who becomes the licensee's customer, not later than when the licensee establishes a customer relationship, except as provided in §E of this regulation; and2) A consumer, before the licensee discloses any nonpublic personal financi
31.16.08.06.htm 31.16.08.06. 06 Annual Privacy Notice for Financial Information to Customers Required.. A. In General.. 1) Except as provided in §B of this regulation, a licensee shall provide a clear and conspicuous notice to customers that accurately reflects its privacy policies and practices for nonpublic financial information at least once in each annual notice period during the continuation of the customer relationship.2) A licensee may define the annual notice period as:. a) A calendar year; or.
31.16.08.07.htm 31.16.08.07. 07 Information To Be Included in Privacy Notices for Financial Information.. A. Privacy notices required to be provided under Regulations .05, .06, and .09 of this chapter shall include the following information:1) The categories of nonpublic personal financial information that the licensee collects;. 2) The categories of nonpublic personal financial information that the licensee discloses;. 3) The categories of affiliates and nonaffiliated third parties to whom the
31.16.08.08.htm 31.16.08.08. 08 Form of Opt Out Notice to Consumers and Opt Out Methods.. A. Opt Out Notice Requirements.. 1) A licensee required to provide an opt out notice under Regulation .11A of this chapter shall provide a clear and conspicuous notice to each of the licensee's consumers that accurately explains the right to opt out under that regulation.2) A right to opt out notice required to be provided under §A(1) of this regulation shall state:. a) That the licensee discloses or reserves the rig
31.16.08.09.htm 31.16.08.09. 09 Revised Privacy Notices for Financial Information.. A. Except as otherwise authorized in this chapter, a licensee may not, directly or through an affiliate, disclose any nonpublic personal financial information about a consumer to a nonaffiliated third party other than as described in the initial notice that the licensee provided to that consumer under Regulation .05 of this chapter, unless:1) The licensee has provided to the consumer a clear and conspicuous revise
31.16.08.10.htm 31.16.08.10. 10 Delivery of Privacy Notices for Financial Information.. A. Manner of Delivery.. 1) A licensee required to provide a notice under this chapter shall provide any notice required by this chapter so that each consumer can reasonably be expected to receive actual notice in writing or, if the consumer agrees, electronically.2) A licensee may reasonably expect that a consumer will receive actual notice if the licensee:. a) Hand-delivers a printed copy of the notice to the consumer;.
31.16.08.11.htm 31.16.08.11. 11 Limits on Disclosure of Nonpublic Personal Financial Information to Nonaffiliated Third Parties.. A. Except as otherwise authorized in this chapter, a licensee may not, directly or through an affiliate, disclose nonpublic personal financial information about a consumer to a nonaffiliated third party unless:1) The licensee has provided to the consumer an initial notice as required under Regulation .05 of this chapter;2) The licensee has provided to the consumer an op
31.16.08.12.htm 31.16.08.12. 12 Limits on Redisclosure and Reuse of Nonpublic Personal Financial Information.. A. If a licensee receives nonpublic personal financial information from a nonaffiliated financial institution under an exception in Regulation .15 or .16 of this chapter, the licensee's disclosure and use of that information is limited as follows:1) The licensee may disclose the information to the affiliates of the financial institution from which the licensee received 2) The licensee may discl
31.16.08.13.htm 31.16.08.13. 13 Limits on Sharing Account Number Information for Marketing Purposes.. A. Scope. This regulation does not apply to the disclosure of a policy number, or similar form of access number or access code, that is in an encrypted form, as long as the licensee does not provide the recipient with a means to decode the number or code.B. Policy or Transaction Account Defined.. 1) In this regulation, the following term has the meaning indicated.. 2) Term Defined.. a) "Policy or transaction
31.16.08.14.htm 31.16.08.14. 14 Exception to Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information for Service Providers and Joint Marketing.A. In this regulation, "joint agreement" means a written contract pursuant to which a licensee and one or more financial institutions jointly offer, endorse, or sponsor a financial product or financial service.B. The opt out requirements in Regulations .08 and .11 of this chapter do not apply when a licensee provides nonpublic person
31.16.08.15.htm 31.16.08.15. 15 Exceptions to Notice and Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information for Processing and Servicing Transactions.A. The requirements for initial notice in Regulation .05A(2) of this chapter, the opt out in Regulations .08 and .11 of this chapter, and service providers and joint marketing in Regulation .14 of this chapter do not apply if the licensee discloses nonpublic personal financial information as necessary to effect, administer,
31.16.08.16.htm 31.16.08.16. 16 Other Exceptions to Notice and Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information.A. The requirements for initial notice to consumers in Regulation .05A(2) of this chapter, the opt out in Regulations .08 and .11 of this chapter, and service providers and joint marketing in Regulation .14 of this chapter do not apply when a licensee discloses nonpublic personal financial information:1) With the consent or at the direction of the con
31.16.08.17.htm 31.16.08.17. 17 When Authorization Required for Disclosure of Nonpublic Personal Health Information.. A. A licensee may not disclose nonpublic personal health information about a consumer or customer unless an authorization is obtained from the consumer or customer whose nonpublic personal health information is sought to be disclosed.B. This regulation does not prohibit, restrict, or require an authorization for the disclosure of nonpublic personal health information by a licensee
31.16.08.18.htm 31.16.08.18. 18 Authorizations for Disclosure of Health Information.. A. A valid authorization to disclose nonpublic personal health information pursuant to this regulation shall be in written or electronic form and shall contain all of the following:1) The identity of the consumer or customer who is the subject of the nonpublic personal health information;2) A general description of the types of nonpublic personal health information to be disclosed;. 3) General descriptions o
31.16.08.19.htm 31.16.08.19. 19 Authorization Request Delivery.. A. A request for authorization and an authorization form may be delivered to a consumer or a customer as part of an opt out notice pursuant to Regulation .10 of this chapter if the request and the authorization form are clear and conspicuous.B. An authorization form is not required to be delivered to the consumer or customer or included in any other notices unless the licensee intends to disclose protected health information pursuant to R
31.16.08.20.htm 31.16.08.20. 20 Relationship to Federal Rules.. Irrespective of whether a licensee is subject to the federal Health Insurance Portability and Accountability Act privacy rule as promulgated by the U.S. Department of Health and Human Services "Standards for the Privacy of Individually Identifiable Health Information" if a licensee complies with all requirements of the federal rule except for its effective date provision, the licensee is not subject to the provisions of Regulations .17―19 of this
31.16.08.21.htm 31.16.08.21. 21 Relationship to Maryland Laws.. This chapter does not preempt or supersede existing State law related to medical records, health information privacy, or insurance information privacy.
31.16.08.22.htm 31.16.08.22. 22 Protection of Fair Credit Reporting Act.. This chapter does not modify, limit, or supersede the operation of the federal Fair Credit Reporting Act, 15 U.S.C. §1681 et seq. and no inference shall be drawn on the basis of the provisions of this chapter regarding whether information is transaction or experience information under 15 U.S.C. §1681a.
31.16.08.23.htm 31.16.08.23. 23 Nondiscrimination.. A licensee may not unfairly discriminate against any consumer or customer because that consumer or customer:A. Has opted out from the disclosure of his or her nonpublic personal financial information pursuant to the provisions of this chapter; orB. Has not granted authorization for the disclosure of his or her nonpublic personal health information pursuant to the provisions of this chapter.
31.16.08.24.htm 31.16.08.24. 24 Effective Date.. A. By April 1, 2002, a licensee shall provide an initial notice, as required by Regulation .05 of this chapter, to consumers who are the licensee's customers on January 1, 2002.B. Until July 1, 2002, a contract that a licensee has entered into with a nonaffiliated third party to perform services for the licensee or functions on the licensee's behalf satisfies the provisions of Regulation .14B(2) of this chapter, even if the contract does not includ
31.16.08.9999.htm 31.16.08.9999. Administrative History Effective date: January 21, 2002 (29:1 Md. R. 26). Regulation .06 amended effective February 27, 2017 (44:4 Md. R. 256).
<< Back | Return to Main COMAR Search Page