Ask Reggi Your Question Now

Reggi is the free generative AI assistance for regulatory compliance
Ask a Question

Can I ensure that my company is compliant with expanding privacy protections in Louisiana? What are the requirements?

Requirements for Compliance with Expanding Privacy Protections in Louisiana

Louisiana has implemented privacy protections for consumers through the Louisiana Administrative Code (LAAC) Part XIII Chapter 99. To ensure compliance with these regulations, companies must follow the requirements outlined in the LAAC.

Initial Privacy Notice

A licensee must provide a clear and conspicuous notice that accurately reflects its privacy policies and practices to customers and consumers not later than when the licensee establishes a customer relationship, except as provided in Subsection E of Section 9911 [1.2].

Annual Privacy Notice

A licensee must provide a clear and conspicuous notice to customers that accurately reflects its privacy policies and practices not less than annually during the continuation of the customer relationship [1.3]. The notice must include the categories of nonpublic personal financial information that the licensee collects, discloses, and the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information [1.4].

Revised Privacy Notice

A licensee shall not disclose any nonpublic personal financial information about a consumer to a nonaffiliated third party other than as described in the initial notice that the licensee provided to that consumer under §9911, unless the licensee has provided to the consumer a clear and conspicuous revised notice that accurately describes its policies and practices [1.1].

Information to be Included in Privacy Notices

The initial, annual, and revised privacy notices that a licensee provides shall include each of the following items of information, in addition to any other information the licensee wishes to provide, that applies to the licensee and to the consumers to whom the licensee sends its privacy notice [1.4]:

  • The categories of nonpublic personal financial information that the licensee collects
  • The categories of nonpublic personal financial information that the licensee discloses
  • The categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information
  • The categories of nonpublic personal financial information about the licensee’s former customers that the licensee discloses and the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information about the licensee’s former customers
  • An explanation of the consumer’s right to opt-out of the disclosure of nonpublic personal financial information to nonaffiliated third parties
  • The licensee’s policies and practices with respect to protecting the confidentiality and security of nonpublic personal information

Delivery of Privacy Notices

When a licensee is required to deliver a privacy notice, the licensee shall deliver it according to §9921 [1.1][1.3][1.4].

Exceptions to Notice and Opt Out Requirements

Exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information for processing and servicing transactions are provided in §9931 [1.6].

Protection of Existing Requirements

Nothing in the LAAC Part XIII Chapter 99 shall be construed to modify, limit or supersede the operation of the federal Fair Credit Reporting Act or of Louisiana Revised Statutes Sections 22:1474, 23:1200.3 or 22:3063 [1.5].

Conclusion

To ensure compliance with expanding privacy protections in Louisiana, companies must provide initial, annual, and revised privacy notices that accurately reflect their privacy policies and practices. The notices must include specific categories of nonpublic personal financial information and the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information. The licensee must also explain the consumer’s right to opt-out of the disclosure of nonpublic personal financial information to nonaffiliated third parties and describe their policies and practices with respect to protecting the confidentiality and security of nonpublic personal information. Exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information for processing and servicing transactions are provided in §9931.

Source(s):
Jurisdiction

Louisiana