Can I ensure that my company is compliant with expanding privacy protections in Florida? What are the requirements?

Requirements for Ensuring Compliance with Expanding Privacy Protections in Florida

To ensure that your company is compliant with expanding privacy protections in Florida, you must comply with the privacy protection requirements set forth in rules 69O-128.005, 69O-128.006, 69O-128.007, 69O-128.008, 69O-128.009, 69O-128.014, 69O-128.015, and 69O-128.016 of the Florida Administrative Code. These rules require you to provide clear and conspicuous initial, annual, and revised privacy notices to your customers and consumers, and to implement policies and practices to protect the confidentiality and security of nonpublic personal financial information.

Exceptions to Notice and Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information

There are some exceptions to the notice and opt-out requirements for disclosure of nonpublic personal financial information. These exceptions include:

• With the consent or at the direction of the consumer, provided that the consumer has not revoked the consent or direction.
• To protect the confidentiality or security of a licensee’s records pertaining to the consumer, service, product, or transaction.
• To protect against or prevent actual or potential fraud or unauthorized transactions.
• For required institutional risk control or for resolving consumer disputes or inquiries.
• To persons holding a legal or beneficial interest relating to the consumer.
• To persons acting in a fiduciary or representative capacity on behalf of the consumer.
• To provide information to insurance rate advisory organizations, guaranty funds or agencies, agencies that are rating a licensee, persons that are assessing the licensee’s compliance with industry standards, and the licensee’s attorneys, accountants, and auditors.
• To comply with federal, state, or local laws, rules, and other applicable legal requirements.
• To comply with a properly authorized civil, criminal, or regulatory investigation, or subpoena or summons by federal, state, or local authorities.
• To respond to judicial process or government regulatory authorities having jurisdiction over a licensee for examination, compliance, or other purposes as authorized by law.
• For purposes related to the replacement of a group benefit plan, a group health plan, a group welfare plan, or a workers’ compensation plan.
• Pursuant to the provisions of chapter 631, F.S., the Office is required to collect on reinsurance policies, pay claims, transfer policies to other insurers, and engage in similar activities with respect to insurers which are in receivership. In connection with the performance of its statutory obligations, the Office often must disclose insureds’ non-public personal information to third parties. The disclosure of such information by the Office is considered to be required by law, and Office is therefore not subject to the requirements of this rule in connection with the disclosure of personal financial information incident to the performance of activities under chapter 631, F.S.

Steps to Ensure Compliance

To ensure compliance with these expanding privacy protections in Florida, you should:

1. Review the requirements set forth in the above-mentioned rules and ensure that your privacy policies and practices accurately reflect these requirements.
2. Provide clear and conspicuous initial, annual, and revised privacy notices to your customers and consumers that accurately reflect your privacy policies and practices.
3. Implement policies and practices to protect the confidentiality and security of nonpublic personal financial information, and describe these policies and practices in your privacy notices.
4. Provide opt-out notices to your customers and consumers, and honor their opt-out requests.
5. Train your employees on your privacy policies and practices, and ensure that they understand their responsibilities for protecting the confidentiality and security of nonpublic personal financial information.
6. Regularly review and update your privacy policies and practices to ensure that they remain accurate and up-to-date.

For more information on the requirements for ensuring compliance with expanding privacy protections in Florida, please refer to the context documents ^[1.2], ^[2.1], ^[1.3], and ^[1.4].

Source(s):

• [1.2] Other Exceptions to Notice and Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information
• [2.1] Other Exceptions to Notice and Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information
• [1.3] Revised Privacy Notices
• [1.4] Initial Privacy Notice to Consumers Required

Jurisdiction

Florida

• Privacy