Can I use third-party customer service tools that collect personal information in Mississippi? What are the requirements?

Using Third-Party Customer Service Tools in Mississippi

If you are planning to use third-party customer service tools that collect personal information in Mississippi, you must comply with the state’s cybersecurity and data breach notification laws.

Under Mississippi Code Annotated § 83-5-811, licensees are required to notify the Mississippi Department of Insurance within three business days of a cybersecurity event involving nonpublic information that is in the possession of a licensee and meets certain criteria. The licensee must provide as much information as possible about the event, including the date of the event, how the information was exposed, how the event was discovered, and the number of consumers affected. Licensees must also comply with Section 75-24-29 and provide a copy of the notice sent to consumers under that statute to the commissioner when required to notify the commissioner under § 83-5-811(1).

If you plan to use third-party customer service tools that collect personal information, you must ensure that you have appropriate cybersecurity measures in place to protect that information. Additionally, you must comply with the state’s data breach notification laws.

Conclusion

To summarize, if you plan to use third-party customer service tools that collect personal information in Mississippi, you must comply with the state’s cybersecurity and data breach notification laws. You must notify the Mississippi Department of Insurance within three business days of a cybersecurity event involving nonpublic information that meets certain criteria and provide as much information as possible about the event. Additionally, you must ensure that you have appropriate cybersecurity measures in place to protect that information.

Jurisdiction

Mississippi

• Privacy