Utah Admin. Code R590-216-2 - Purpose and Scope
Current through Bulletin 2021-24, December 15, 2021
The following state regulations pages link to this page.
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
(1) This rule establishes standards applicable to the department's licensees to assist them in developing and implementing administrative, technical and physical safeguards to protect the security, confidentiality and integrity of customer information, pursuant to Sections 501, 505(b), and 507 of the Gramm-Leach-Bliley Act, codified at 15 U.S.C. 6801, 6805(b) and 6807.
(2) Section 501(a) provides that it is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers' nonpublic personal information. Section 501(b) requires the state insurance regulatory authorities to establish appropriate standards relating to administrative, technical and physical safeguards:
(a) to ensure the security and confidentiality of customer records and information;
(b) to protect against any anticipated threats or hazards to the security or integrity of such records; and
(c) to protect against unauthorized access to or use of records or information that could result in substantial harm or inconvenience to a customer.
(3) Under Section 505(b)(2) state insurance regulatory authorities are to implement the standards prescribed under Section 501(b) by rule with respect to persons engaged in providing insurance.
(4) Section 507 provides, among other things, that a state rule may afford persons greater privacy protections than those provided by Subtitle A of Title V of the Gramm-Leach-Bliley Act. This rule requires that the safeguards established pursuant to the rule shall apply to nonpublic personal information, including nonpublic personal financial information and nonpublic personal health information that licensees of the department obtain from their customers.