626.9651 Privacy.—The department and commission must each adopt rules consistent with other provisions of the Florida Insurance Code to govern the use of a consumer’s nonpublic personal financial and health information. These rules must be based on, consistent with, and not more restrictive than the Privacy of Consumer Financial and Health Information Regulation, adopted September 26, 2000, by the National Association of Insurance Commissioners; however, the rules must permit the use and disclosure of nonpublic personal health information for scientific, medical, or public policy research, in accordance with federal law. In addition, these rules must be consistent with, and not more restrictive than, the standards contained in Title V of the Gramm-Leach-Bliley Act of 1999, Pub. L. No. 106-102, as amended in Title LXXV of the Fixing America’s Surface Transportation (FAST) Act, Pub. L. No. 114-94. If the office determines that a health insurer or health maintenance organization is in compliance with, or is actively undertaking compliance with, the consumer privacy protection rules adopted by the United States Department of Health and Human Services, in conformance with the Health Insurance Portability and Affordability Act, that health insurer or health maintenance organization is in compliance with this section.
History.—s. 25, ch. 2001-142; s. 12, ch. 2001-222; s. 143, ch. 2001-277; s. 1040, ch. 2003-261; s. 5, ch. 2018-131.