A great many member agencies have sought help
in compliance with the GLBA privacy regulations that go into effect July 1,
2001, but it is impossible to create a "standard"
Privacy Policy Notice for all independent insurance agencies. This
is because different agencies have different business practices affecting the
sharing of nonpublic personal information about consumers and/or customers with
unaffiliated third parties – and it is those business practices that must be
disclosed in a Privacy Policy Notice.
With that caution in mind, your association
is making available to you a sample privacy notice, that can be used
as the foundation for your agency’s final document.
Maryland approved regulations with
respects to GLBA and privacy. They are shown in their entirety
below. Maryland HB 362 requires that Maryland
regulations be consistent with the NAIC model regulations. Agents do run
the risk that they may be required to send notices to comply with Maryland
regulations if they differ substantially.
The effective date for compliance in Maryland is April, 2002.
We
are also making available to you an information piece regarding
privacy requirements with questions and answers prepared by IIAM. These
documents include definitions of privacy terminology. They will answer many
general questions you may have on this complex subject. The following is the
information we are making available:
IIAM's
Overview of GLBA
FAQ's
about GLBA
Privacy
Notice & Disclosure (Sample)
Joint
Marketing Form (Sample)
Opt
out form (sample)
----IMPORTANT:
The sample forms are intended to address only the situation, likely to be
encountered in stand-alone agencies, that is, agencies operated as one entity or
multiple agencies operated under common ownership, but involving only insurance
agencies.
Any insurance
agency that is affiliated in any way with another financial institution, or
other business, should get special counsel regarding their privacy requirements
and notices, as these forms are not prepared for their use. Furthermore,
the information contained herein, and the forms suggested, are intended only to
address the privacy requirements of the Gramm-Leach-Bliley Act and do not
address other potential privacy concerns such as the FCRA, the Federal Crime Act
or HIPAA.