77(R) SB 712 Introduced version

SRC-CTC S.B. 712 77(R)   BILL ANALYSIS


Senate Research Center   S.B. 712
77R6075 MXM-DBy: Sibley
Business & Commerce
3/2/2001
As Filed


DIGEST AND PURPOSE 

In 1999, Congress enacted the Gramm-Leach-Bliley Act (GLBA), in part to
require state insurance authorities to adopt requirements on privacy and
disclosure of nonpublic personal financial information applicable to the
insurance industry.  Since states have to adopt privacy requirements for
insurance companies, the National Association of Insurance Commissioners
(NAIC) developed and adopted a model privacy regulation in an effort to aid
states in adopting consistent privacy requirements for insurance companies.
As proposed, S.B. 712 requires insurers and other entities regulated by the
Texas Department of Insurance to comply with requirements of GLBA and
requires the commissioner of insurance to adopt rules consistent with the
federal requirements, based on the NAIC privacy model for GLBA. 

RULEMAKING AUTHORITY

Rulemaking authority is expressly granted to the commissioner of insurance
in SECTION 1 (Article 28A.51) of this bill. 

SECTION BY SECTION ANALYSIS

SECTION 1.  Amends Title 1, Insurance Code, by adding Chapter 28A, as
follows: 

CHAPTER 28A.  PRIVACY
SUBCHAPTER A.  GENERAL PROVISIONS

Art. 28A.01.  DEFINITIONS.  Defines "affiliate," "authorization," "covered
entity," and "nonaffiliated third party." 

Art. 28A.02.  COMPLIANCE WITH FEDERAL LAW REQUIRED.  Requires a covered
entity to comply with 15 U.S.C. Sections 6802 and 6803, as amended, in the
same manner as a financial institution under those sections.  Requires an
entity that is a nonaffiliated third party in relation to a covered entity
to comply with 15 U.S.C. Section 6802(c), as amended. 

Art. 28A.03.  EXCEPTION.  Provides that Article 28A.02(a) of this code does
not apply to a covered entity to the extent that the entity is acting
solely as an insurance agent for another covered entity. 

Art. 28A.04.  HEALTH INFORMATION.  Provides that this law does not affect
the authority of the Texas Department of Insurance (department) or another
state agency to adopt stricter rules governing the treatment of health
information by a covered entity, if another law gives the department or
agency that authority, including any laws or rules of this state related to
the privacy of individually identifiable health information under the
federal Health Insurance Portability and Accountability Act of 1996 (42
U.S.C. Section 1320d et seq.), as amended. 

 [Reserves Articles 28A.05-28A.50 for expansion.]

 SUBCHAPTER B.  DEPARTMENT POWERS AND DUTIES

Art. 28A.51.  RULE-MAKING AUTHORITY.  Requires the commissioner of
insurance (commissioner) to adopt rules to implement this chapter.
Requires the commissioner to adopt any other rules necessary to carry out
15 U.S.C. Chapter 94I (15 U.S.C. Section 6801 et seq., as amended) to make
this state eligible to override federal regulations, as described by 15
U.S.C. Section 6805(c), as amended.  Requires the commissioner to attempt
to keep state privacy requirements consistent with federal regulations
adopted under 15 U.S.C. Section 6801 et seq., as amended. 

Art. 28A.52.  STANDARDS.  Requires the department to implement standards as
required by 15 U.S.C. Section 6805(b), as amended. 

 [Reserves Articles 28A.53-28A.100 for expansion.]

SUBCHAPTER C.  ENFORCEMENT

Art. 28A.101.  ENFORCEMENT OF FEDERAL LAW.  Requires the department to
enforce 15 U.S.C. Section 6801-6805, as amended, to the extent required by
15 U.S.C. Section 6805. 

Art. 28A.102.  INJUNCTIVE RELIEF; CIVIL PENALTY.  Authorizes the attorney
general to institute an action for injunctive relief or declaratory relief
to restrain a violation of this chapter.  Authorizes the attorney general,
in addition to the injunctive relief provided by this article, to institute
an action for civil penalties against a covered entity or a nonaffiliated
third party for a violation of this chapter.  Prohibits a civil penalty
assessed under this article from exceeding $3,000 for each violation.
Authorizes the court in which an action under this article is pending, if
it finds that the violations have occurred with a frequency as to
constitute a pattern or practice, to assess a civil penalty not to exceed
$250,000.  Authorizes the attorney general, if the attorney general
substantially prevails in an action for injunctive relief or a civil
penalty under this article, to recover reasonable attorney's fees, costs
and expenses incurred obtaining the relief or penalty, including court
costs and witness fees. 

SECTION 2.  Requires the commissioner to adopt rules as required by Article
28A.51, Insurance Code, as added by this Act, not later than 30 days after
the effective date of this Act.  Authorizes the commissioner to adopt these
initial rules on an emergency basis. 

SECTION 3.  Effective date: upon passage or September 1, 2001.