|
THE SENATE |
S.B. NO. |
2643 |
|
TWENTY-NINTH LEGISLATURE, 2018 |
S.D. 1 |
|
|
STATE OF HAWAII |
|
|
|
|
|
|
|
|
||
|
|
||
A BILL FOR AN ACT
RELATING TO INSURANCE.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF HAWAII:
SECTION 1. The legislature finds that Hawaii law requires insurers to send annual privacy notices to all individuals covered by a group policy rather than to just the group policyholder, which results in insurers spending an extraordinary amount of time sending notices to individuals in the State.
The purpose of this Act is to clarify the requirements for additional privacy notices that an insurer must send by:
(1) Permitting an insurer to send a privacy notice every five years, if the relationship between the insurer and a customer is renewed annually or less than annually and the insurer has not changed its policies and practices regarding disseminating customers' nonpublic personal financial information to nonaffiliated third parties;
(2) Requiring an insurer to provide an additional privacy notice upon renewal of a relationship between an insurer and a customer that lasts longer than a year; and
(3) Requiring an insurer that changes its policies and practices to send an additional notice to customers after the change to the policies and practices.
SECTION 2. Section 431:3A-202, Hawaii Revised Statutes, is amended to read as follows:
"[[]§431:3A-202[] Annual] Additional privacy notice
to customers required. (a) [A
licensee shall provide a clear and conspicuous notice to customers that
accurately reflects its privacy policies and practices not less than annually
during the continuation of the customer relationship. Annually means at least once in any period of
twelve consecutive months during which that relationship exists. A licensee may define the twelve consecutive
month period, but the licensee shall apply it to the customer on a consistent
basis.] For a customer relationship between a licensee and a customer
that is renewed annually or less than annually, a licensee may provide a clear
and conspicuous notice to customers that accurately reflects its privacy
policies and practices every five years, if the licensee:
(1) Has provided nonpublic personal financial
information to nonaffiliated third parties in accordance with section
431:3A-401, 431:3A-402, or 431:3A-403; and
(2) Has not changed its policies and practices
relating to the disclosure of nonpublic personal financial information from the
most recent notice sent to customers in accordance with this section or section
431:3A-201.
(b) For a
customer relationship between a licensee and a customer that lasts longer than
a year and is renewed, a licensee shall provide an additional clear and
conspicuous notice to the customer upon the renewal of the customer
relationship that accurately reflects the licensee's privacy policies and
practices.
(c) A
licensee that changes its policies and practices relating to the disclosure of
nonpublic personal financial information from the most recent notice sent to
customers in accordance with this section or section 431:3A-201 shall send an
additional clear and conspicuous notice to the customer after the change to the
policies and practices that accurately reflects the licensee's updated privacy
policies and practices.
[(b)] (d) A licensee shall not be required to provide
an [annual] additional notice under this section to a
former customer. A former customer is an
individual with whom a licensee no longer has a continuing relationship.
[(c)] (e) If a licensee is required under this section
to deliver an [annual] additional privacy notice, the licensee
shall deliver it according to section 431:3A-206."
SECTION 3. This Act does not affect rights and duties that matured, penalties that were incurred, and proceedings that were begun before its effective date.
SECTION 4. Statutory material to be repealed is bracketed and stricken. New statutory material is underscored.
SECTION 5. This Act shall take effect on July 1, 2050.
Report Title:
Insurance; Financial Information; Privacy Notice; Policies and Practices
Description:
Permits an insurer to send a privacy notice every five years, if the relationship between the insurer and a customer is renewed annually or less than annually and the insurer has not changed its policies and practices regarding disseminating customers' nonpublic personal financial information to nonaffiliated third parties. Requires an insurer to provide an additional privacy notice upon renewal of a relationship between an insurer and a customer that lasts longer than a year. Requires an insurer that changes its policies and practices to send an additional notice to customers after the change to the policies and practices. Effective 7/1/2050. (SD1)
The summary description
of legislation appearing on this page is for informational purposes only and is
not legislation or evidence of legislative intent.