NAII Says Iowa Privacy Regulations Would Penalize Single Infractions
Under Iowa’s proposed regulation on consumer privacy, an insurer could be penalized for a single instance of failing to comply with its requirements, according to the National Association of Independent Insurers (NAII).
NAII Counsel Ann Weber, in a letter to the state Insurance Department, took exception to the provision under which a single contravention of the regulation could result in enforcement action and penalties, including forfeiture or revocation of an insurer’s license.
“Since there is no objective criteria in the proposed rules specifying what constitutes a comprehensive written information security program, and since the ‘required’ safeguards are also not specified,” Weber said, “it may be impossible for an insurer to determine what level of effort is required for compliance.
“While NAII agrees that a company should be allowed the flexibility to develop its comprehensive written information security program, as the proposed rule outlines, we object to the fact that a single infraction could result in penalties. A single contravention of the proposed regulation should not be actionable; there should be a finding of a consistent or intentional contravention of the rules for safeguarding customer information before action is taken against an insurer.”
- Agency Customer Rep and Miami Businessman Killed in Separate Boat Accidents
- Thousands of Dumped Wind-Turbine Blades Prompt Crackdown in Texas
- Viewpoint: California’s Surplus Lines HO Market Driven by Access, Not Wildfire Risk
- Public Adjuster Accused of Swiping $600,000 in Hurricane Ian Insurance Payments