STATE OF NEW YORK
25 BEAVER STREET
NEW YORK, NEW YORK 10004
|Circular Letter No. 7 (2001)
February 20, 2001
|TO:||All Authorized Insurers, Fraternal Benefit Societies, and Health Maintenance Organizations (collectively "licensees")|
|RE:||Report Outlining Policies, Procedures and Controls to Comply with 11 NYCRR 420 (Regulation 169) Regarding Consumer Financial Information|
Section 308 of Insurance Law; Title V of the Gramm-Leach-Bliley Act (15 U.S.C. 6801, et seq.); Regulation 169 (11 NYCRR 420)
The purpose of this Circular Letter is to require Insurance Department licensees (as defined above) to submit a written report to the Department pursuant to Section 308 of the Insurance Law, no later than May 1, 2001, outlining the policies, procedures and controls that the licensee has in place as of April 15, 2001 or that the licensee intends to implement to comply with Regulation 169 (11 NYCRR 420) by the July 1, 2001 compliance date specified therein with respect to consumer financial information, in order to prevent the unauthorized disclosure of such financial information.
Regulation 169 (11 NYCRR 420), entitled "Privacy of Consumer Financial and Health Information", was promulgated by the Insurance Department with an effective date of November 13, 2000. Pursuant to Section 420.24 of Regulation 169, the compliance date for the regulation is July 1, 2001 with respect to consumer financial information, and December 31, 2001 with respect to health information. These dates were established to provide sufficient time for licensees to establish policies and systems to comply with the requirements of the Regulation.
The information obtained by the Department in response to this Circular Letter, by May 1, 2001, will assist the Department in assuring the preparedness of its licensees to comply with Regulation 169 by the specified compliance date of July 1, 2001 with respect to consumer financial information.
The report, in the form of the attached questionnaire (Attachment A), shall be prepared by the licensees senior officer who has responsibility for Regulation 169 compliance and submitted to the Department by e-mail. Additionally, a hard copy of the affirmation page, subscribed and affirmed by such senior officer, shall be submitted to the Department. The attached questionnaire is in Excel format and is available on the Department's web site at:
If you have any questions concerning the downloading of this file, please contact Vincent Mazzarella or Daniel Sheridan at the address listed below.
The report, in the case of life insurers and fraternal benefit societies, shall be submitted to Joanne Girard, Associate Insurance Examiner, Life Bureau, New York State Insurance Department, 25 Beaver Street, New York, NY 10004. Her e-mail address is firstname.lastname@example.org and her telephone number is (212) 480-5022.
In the case of property/casualty insurers, the report shall be submitted to Vincent Mazzarella, Senior Insurance Examiner, Property Bureau, New York State Insurance Department, 25 Beaver Street, New York, NY 10004. His e-mail address is email@example.com and his telephone number is (212) 480-5590.
In the case of accident and health insurers, Article 43 corporations, and health maintenance organizations, the report shall be submitted to Daniel Sheridan, Associate Insurance Examiner, Health Bureau, New York State Insurance Department, 25 Beaver Street, New York, NY 10004. His e-mail address is firstname.lastname@example.org and his telephone number is (212) 480-5211.
Questions as to this Circular Letter and the related submission should be directed to the individuals specified above.
Report File: Compliance With Privacy Provisions Questionnaire (Excel Format)
ReadMe File: Instructions for Completion of Report (Excel Format)