More Information about AIANC Membership at www.AllianceInsuranceAgentsNC.com
STREET WISE Alliance of Insurance Agents of NC
Are you breaking the law when you buy or sell an insurance agency? Where’s Your Privacy Policy? In This Edition ARE YOU BREAKING THE LAW WHEN YOU BUY OR SELL AN INSURANCE AGENCY? ....................................... 1
WHERE’S YOUR PRIVACY POLICY? . 1 CYBER LIABILITY, YOUR AGENCY & YOUR CLIENTS ............................... 6
Last weekend, as I was updating the content of my “How to Evaluate, Buy & Sell a ‘Mom & Pop’ Insurance Agency” Ethics CE, I stumbled over a potential roadblock in the “Buy / Sell” scenario.
A COMMODITY VS. A RELATIONSHIP 8
Did you know that our insurance companies have Privacy Policies? Ever read one?
ACQUIRING AND KEEPING GOOD PRODUCERS ................................ 11
Have you created such a notice for your agency?
HOW TO EVALUATE, BUY & SELL A ‘MOM & POP’ INSURANCE AGENCY ................................................... 13
The Gramm-Leach-Bliley Act (GLBA) imposes privacy obligations on every insurance agency:
AFFORDABLE CARE ACT 2015 ..... 13
http://www.ncdoi.com/
AIANC’s STREET WISE
Privacy Notice Disclosure Requirement. Every insurance agency must provide all customers with an initial and annual notice that describes the manner in which their nonpublic information is collected, maintained and disseminated.
Are you breaking the law when you buy or sell an insurance agency? Since the prospective buyer was not a party to the original application for insurance, does the owner have the right to sell the personal information without getting permission from each policyholder? Would that be considered a Data Breach under the current regulations? Insurance agencies are at risk of having a data breach on multiple fronts — negligence, a rogue employee, stolen equipment, or a network security failure. If the proper insurance protection is not secured before a data breach occurs, the future of the business could be in jeopardy due to extensive recovery and reimbursement costs as well as damage to its reputation.
Opt Out Notification Requirement. Before sharing nonpublic personal information about a consumer with a nonaffiliated third party for a nonexempted purpose, the consumer must be notified of the right to prohibit the sharing of such information for such a purpose (an “opt out”).
Core Cyber™ provides organizations the expert assistance and financial relief needed to confront a data breach head on.
Page 1
July 2014
Continued on page 2