On June 5-6, 2023, the NAIC Privacy Protections (H) Working Group (“PPWG”) held an in-person interim meeting (“session”) to continue its work on drafting a new model privacy law, the Insurance Consumer Privacy Protection Model Law #674 (“Model Law”). Model Law #674 is intended to replace the current Models #670 and #672. The session was intended to be a drafting session focused on certain provisions of the current exposure draft not yet covered during the three preceding PPWG open drafting calls.
During the session, the working group covered third-party service providers, definitions of “insurance transactions” and “additional permitted transactions,” marketing (and joint-marketing agreements), consent to marketing (opt-in versus opt-out), and consumer privacy notices. The PPWG announced it intends to release a new exposure draft (version 1.0) of the Model Law by the end of June to address many of the comments the working group has received and discussed to date. There will be no 60-day comment period for this draft and instead, open calls to discuss drafting will restart once the new exposure draft is released.
Continue reading “NAIC Privacy Protections Working Group Meets to Discuss New Model Privacy Law”
The long anticipated amendments to the CCPA were passed by the California Legislature in early September and now await Governor Newsom’s signature. Some of the changes were “clean up” amendments to update cross references, standardize language, and generally address issues of drafting. What follows is a summary of the most significant and substantive amendments:
Continue reading “How We Spent Our Summer Vacation or Summary of CCPA Amendments”
Several large health insurance companies, including Aetna, Anthem, and Healthcare Service Corporation, have announced a collaboration with PNC Bank and IBM to utilize blockchain technology to “improve transparency and interoperability in the health care industry” and “address a range of industry challenges, including promoting efficient claims and payment processing, to enable secure and frictionless healthcare information exchanges, and to maintain current and accurate provider directories.”
Continue reading “Another Big Blockchain Initiative Announced in Health Care Insurance Industry”
Policy holders alleging that computer fraud provisions of their insurance policies extended to fraud that stemmed from an intercepted email and a spoofing attack notched wins before two separate appellate courts recently. The first involves Travelers Casualty and Surety of America and American Tooling Center Inc., and the second involves Chubb Ltd. and Medidata Solutions Inc.
Continue reading “Sixth and Second Circuits Rule In Favor of Insurance Policy Holders in Computer Fraud Provisions Cases”
On Wednesday, September 6, the DC Circuit Court of Appeals granted an unopposed motion to stay its decision that reversed a district court order dismissing a potential class action arising from a 2014 data breach Chantal Attias et al. v. CareFirst Inc. et al., case number 16-7108. The order stays the mandate until December 7, 2017.
Last month, a three-judge panel on the United States Court of Appeals for the District of Columbia unanimously reversed a district court order dismissing a potential class action arising from a 2014 data breach, Chantal Attias et al. v. CareFirst Inc. et al., case number 16-7108. In reversing that order, the court permitted a health insurance company’s customers to proceed against that carrier, CareFirst, which serves one million customers in the District of Columbia, Maryland and Virginia.
Continue reading “DC Circuit Deepens Circuit Split on Data Breach Class Standing”