GAO Says States Privacy Standard Lags
By Steven Brostoff, Washington Editor
NU Online News Service, May 22, 4:02 p.m. EST, Washington?State insurance authorities lag behind most of the federal regulators in establishing standards safeguarding consumer privacy under the Gramm-Leach-Bliley Act, according to the General Accounting Office.
A new GAO report said while most states have adopted regulations or enacted legislation based on a model developed by the National Association of Insurance Commissioners, there is no guaranty all states will consistently implement the regulation.
Each state, GAO said, must independently take action to implement the regulation. During this period, GAO said, the security and confidentiality of insurance customer information and records may not be subject to a consistent level of legal protection.
By contrast, GAO said, except for the Federal Trade Commission, all the federal agencies charged with implementing GLB's privacy requirements have already issued their final standards.
GAO also noted that there is considerable variation in the privacy standards adopted by the states. Although most have adopted the NAIC model developed in 2000, GAO said, several states have retained versions of an earlier model, developed in 1982, which they believe provides greater protections than the 2000 model.
In addition, GAO said, some states have modified or retained existing provisions of their laws and regulations that also provide consumers with greater protections than those required by GLB.
GAO noted that in response to a draft of its report, the Kansas City, Mo.-based NAIC said that states have worked hard to meet the privacy requirements of GLB and have accomplished a great deal.
According to NAIC, GAO said, this activity has occurred with respect to a controversial and politically-charged issue. Moreover, unlike federal agencies with direct authority from Congress, state regulators had to look for authority from their individual state legislatures, NAIC said.
Nonetheless, NAIC told GAO, every state except Alaska has privacy protections in place that meet or exceed the standards established by GLB.
One industry group, the Washington-based American Insurance Association, said the GAO report shows the need for greater uniformity among the states.
The number of states that have refused to follow the NAIC's 2000 model law results in inconsistent state privacy regulation for insurers, said Stephen Zielezienski, assistant general counsel with AIA.
"This patchwork of state regulation puts insurers at a competitive disadvantage with financial services entities regulated by the federal government," he said.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.