Pennsylvania Code
Pennsylvania Code & Bulletin
COMMONWEALTH OF PENNSYLVANIA

• No statutes or acts will be found at this website.

The Pennsylvania Code website reflects the Pennsylvania Code changes effective through 54 Pa.B. 488 (January 27, 2024).

Pennsylvania Code



Subchapter E. ADDITIONAL PROVISIONS


Sec.


146a.41.    Effect on other laws.
146a.42.    Nondiscrimination.
146a.43.    Violation.
146a.44.    Effective date.

§ 146a.41. Effect on other laws.

 (a)  Protection of Fair Credit Reporting Act. This chapter will not be construed to modify, limit or supersede the operation of the Federal Fair Credit Reporting Act (15 U.S.C.A. § §  1681—1681u), and no inference may be drawn on the basis of the provisions of this chapter regarding whether information is transaction or experience information under section 603 of that act (15 U.S.C.A. §  1681a).

 (b)  Protection of section 648 of the act (40 P. S. §  288) (relating to customer privacy). This chapter does not modify, limit or supercede the operation of section 648 of the act.

§ 146a.42. Nondiscrimination.

 A licensee may not unfairly discriminate against any consumer or customer because that consumer or customer has opted out from the disclosure of nonpublic personal financial information under this chapter.

§ 146a.43. Violation.

 Violations of this chapter are deemed and defined by the Commissioner to be an unfair method of competition and an unfair or deceptive act or practice and shall be subject to any applicable penalties or remedies contained in the Unfair Insurance Practices Act (40 P. S. § §  1171.1—1171.15).

§ 146a.44. Effective date.

 (a)  Effective date. This chapter is effective July 1, 2001.

 (b)  Notice requirements.

   (1)  Consumers who are the licensee’s customers on the effective date. By July 1, 2001, a licensee shall provide an initial notice, as required by §  146a.11 (relating to initial privacy notice to consumers required), to consumers who are the licensee’s customers on July 1, 2001.

   (2)  Example. A licensee provides an initial notice to consumers who are its customers on July 1, 2001, if, by that date, the licensee has established a system for providing an initial notice to all new customers and has mailed the initial notice to all the licensee’s existing customers.

 (c)  Two-year grandfathering of service agreements. Until July 1, 2002, a contract that a licensee has entered into with a nonaffiliated third party to perform services for the licensee or functions on the licensee’s behalf satisfies the provisions of §  146a.31(a)(1)(ii) (relating to exception to opt out requirements for disclosure of nonpublic personal financial information for service providers and joint marketing), even if the contract does not include a requirement that the nonaffiliated third party maintain the confidentiality of nonpublic personal financial information, as long as the licensee entered into the agreement on or before July 1, 2000.


APPENDIX A



SAMPLE CLAUSES

 Licensees, including a group of financial holding company affiliates that use a common privacy notice, may use the following sample clauses, if the clause is accurate for each institution that uses the notice. (Note that disclosure of certain information, such as assets, income and information from a consumer reporting agency, may give rise to obligations under the Federal Fair Credit Reporting Act, such as a requirement to permit a consumer to opt out of disclosures to affiliates or designation as a consumer reporting agency if disclosures are made to nonaffiliated third parties.)

   A-1—Categories of information a licensee collects (all institutions)

 A licensee may use this clause, as applicable, to meet the requirement of §  146a.13(a)(1) to describe the categories of nonpublic personal financial information the licensee collects.

 Sample Clause A-1:

 We collect nonpublic personal financial information about you from the following sources:

 • Information we receive from you on applications or other forms.

 • Information about your transactions with us, our affiliates or others.

 • Information we receive from a consumer reporting agency.

   A-2-Categories of information a licensee discloses (institutions that disclose outside of the exceptions)

 A licensee may use one of these clauses, as applicable, to meet the requirement of §  146a.13(a)(2) to describe the categories of nonpublic personal financial information the licensee discloses. The licensee may use these clauses if it discloses nonpublic personal financial information other than as permitted by the exceptions in § §  146a.31, 146a.32 and 146a.33.

 Sample Clause A-2, Alternative 1:

 We may disclose the following kinds of nonpublic personal financial information about you:

 • Information we receive from you on applications or other forms, such as [provide illustrative examples, such as ’’your name, address, social security number, assets, income, and beneficiaries’’].

 • Information about your transactions with us, our affiliates or others, such as [provide illustrative examples, such as ‘‘your policy coverage, premiums, and payment history’’].

 • Information we receive from a consumer reporting agency, such as [provide illustrative examples, such as ‘‘your creditworthiness and credit history’’].

 Sample Clause A-2, Alternative 2:

 We may disclose all of the information that we collect, as described [describe location in the notice, such as ‘‘above’’ or ‘‘below’’].

   A-3-Categories of information a licensee discloses and parties to whom the licensee discloses (institutions that do not disclose outside of the exceptions)

 A licensee may use this clause, as applicable, to meet the requirements of §  146a.13(a)(2), (3) and (4) to describe the categories of nonpublic personal financial information about customers and former customers that the licensee discloses and the categories of affiliates and nonaffiliated third parties to whom the licensee discloses. A licensee may use this clause if the licensee does not disclose nonpublic personal financial information to any party, other than as permitted by the exceptions in § §  146a.32 and 146a.33.

 Sample Clause A-3:

 We do not disclose any nonpublic personal financial information about our customers or former customers to anyone, except as permitted by law.

   A-4-Categories of parties to whom a licensee discloses (institutions that disclose outside of the exceptions)

 A licensee may use this clause, as applicable, to meet the requirement of §  146a.13(a)(3) to describe the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information. This clause may be used if the licensee discloses nonpublic personal financial information other than as permitted by the exceptions in § §  146a.31, 146a.32 and 146a.33, as well as when permitted by the exceptions in § §  146a.32 and 146a.33.

 Sample Clause A-4:

 We may disclose nonpublic personal financial information about you to the following types of third parties:

 • Financial service providers, such as [provide illustrative examples, such as ‘‘life insurers, automobile insurers, mortgage bankers, securities broker-dealers, and insurance agents’’].

 • Non-financial companies, such as [provide illustrative examples, such as ‘‘retailers, direct marketers, airlines, and publishers’’].

 • Others, such as [provide illustrative examples, such as ‘‘non-profit organizations’’].

 We may also disclose nonpublic personal financial information about you to nonaffiliated third parties as permitted by law.

   A-5-Service provider/joint marketing exception

 A licensee may use one of these clauses, as applicable, to meet the requirements of §  146a.13(a)(5) related to the exception for service providers and joint marketers in §  146a.31. If a licensee discloses nonpublic personal financial information under this exception, the licensee shall describe the categories of nonpublic personal financial information the licensee discloses and the categories of third parties with which the licensee has contracted.

 Sample Clause A-5, Alternative 1:

 We may disclose the following information to companies that perform marketing services on our behalf or to other financial institutions with which we have joint marketing agreements:

 • Information we receive from you on applications or other forms, such as [provide illustrative examples, such as ‘‘your name, address, social security number, assets, income, and beneficiaries’’].

 • Information about your transactions with us, our affiliates or others, such as [provide illustrative examples, such as ‘‘your policy coverage, premium, and payment history’’].

 • Information we receive from a consumer reporting agency, such as [provide illustrative examples, such as ‘‘your creditworthiness and credit history’’].

 Sample Clause A-5, Alternative 2:

 We may disclose all of the information we collect, as described [describe location in the notice, such as ‘‘above’’ or ‘‘below’’] to companies that perform marketing services on our behalf or to other financial institutions with whom we have joint marketing agreements. iA-6-Explanation of opt out right (institutions that disclose outside of the exceptions)

 A licensee may use this clause, as applicable, to meet the requirement of §  146a.13(a)(6) to provide an explanation of the consumer’s right to opt out of the disclosure of nonpublic personal financial information to nonaffiliated third parties, including the method(s) by which the consumer may exercise that right. The licensee may use this clause if the licensee discloses nonpublic personal financial information other than as permitted by the exceptions in § §  146a.31, 146a.32 and 146a.33.

 Sample Clause A-6:

 If you prefer that we not disclose nonpublic personal financial information about you to nonaffiliated third parties, you may opt out of those disclosures, that is, you may direct us not to make those disclosures (other than disclosures permitted by law). If you wish to opt out of disclosures to nonaffiliated third parties, you may [describe a reasonable means of opting out, such as ‘‘call the following toll-free number: (insert number)’’].

   A-7-Confidentiality and security (all institutions)

 A licensee may use this clause, as applicable, to meet the requirement of §  146a.13(a)(8) to describe its policies and practices with respect to protecting the confidential-ity and security of nonpublic personal financial information.

 Sample Clause A-7:

 We restrict access to nonpublic personal financial information about you to [provide an appropriate description, such as ‘‘those employees who need to know that information to provide products or services to you’’]. We maintain physical, electronic, and procedural safeguards that comply with Federal regulations to guard your nonpublic personal financial information.

Cross References

   This appendix cited in 31 Pa. Code §  146a.3 (relating to examples and safe harbor); and 31 Pa. Code §  146a.13 (relating to information to be included in privacy notices).


No part of the information on this site may be reproduced for profit or sold for profit.


This material has been drawn directly from the official Pennsylvania Code full text database. Due to the limitations of HTML or differences in display capabilities of different browsers, this version may differ slightly from the official printed version.