Insurance Litigation Law Blog | Regulatory Law | Bad Faith | California | Lawyer | Attorney | Barger & Wolen

The purpose of this alert is twofold: (1) to remind our clients that both federal and state law requires financial institutions and most businesses to safeguard their customers’ information; and (2) to advise of new requirements for security breach notification letters.

by Timothy Moroney and Dawn Valentine

In 2002, California adopted a first-in-the-nation security breach notification statute (AB 700, Simitian) (the “Security Breach Notification Law”).

The Security Breach Notification Law requires companies that do business in California and retain their customer’s personal information to notify individuals when there has been a data breach involving their personal information. 

Background

Since 2002, 45 other states, as well as the District of Columbia, Puerto Rico, and the U.S. Virgin Islands, have also enacted security breach notification laws that are modeled upon California’s Security Breach Notification Law. Only Alabama, Kentucky, New Mexico and South Dakota do not have security breach notification laws.

Moreover, 14 states (Hawaii, Iowa, Maryland, Massachusetts, Minnesota, New Hampshire, New York, North Carolina, Oregon, Vermont, Virginia, West Virginia, Wisconsin, and Wyoming) and Puerto Rico have built upon California’s model and added more detailed requirements for security breach notifications to include certain types of information.  

Further, the federal government has weighed in. As of February 19, 2009, for breaches of personal medical information, individuals have to be notified and those notifications must contain certain specified content.

Still further, most of these states require a business that suffers a security breach to notify a state regulator, such as the Attorney General, in addition to the affected individuals (Alaska, Hawaii, Louisiana, Maine, Maryland, Massachusetts, New Hampshire, New Jersey, New York, North Carolina, South Carolina, Vermont, and Virginia).  

SB 24 Data Breach Notification

Accordingly, not to be outdone as the leader in consumer protection, effective January 1, 2012, California adopted new requirements (SB 24 – amending Civil Code sections 1798.29 and 1798.82) for what information must be put in a security breach notification letter. 

The purpose underlying these new requirements is to close a gap that has been identified – the old requirements simply required data holders to notify individuals when there had been a data breach involving personal information but were silent on what information should be contained in the notification.

As a result, security breach notification letters varied greatly in the information provided leaving consumers confused and not providing answers to the questions of what information was breached, when did the breach occur, and what consumers should do to protect themselves.

Moreover, businesses were left exposed and uncertain of what was expected of them in the event of a breach.  

The new requirements fill this gap by establishing standard, core content for the notification letters. Specifically, the new law requires that security breach notification letters, at a minimum, contain the following information:

• Email This
• Print
• Comments (1)
• Trackbacks

On January 18, 2012, California Secretary of State Debra Bowen announced that an initiative on automobile insurance rates has qualified for the November 6, 2012 ballot.

The initiative, named the “2012 Automobile Insurance Discount Act,” would allow insurers to use continuous automobile insurance coverage with any admitted insurer or insurers as a rating factor for private passenger automobile insurance. We previously reported on this topic last summer, when the initiative was being circulated for signatures.

Under an existing California Department of Insurance regulation, an insurer may use continuous coverage as a rating factor when an individual is currently insured for automobile insurance with the insurer.

The existing regulation prohibits an insurer from basing the continuous coverage rating factor on coverage provided by another non-affiliated insurer. The initiative would override this existing prohibition.

• Email This
• Print
• Comments (1)
• Trackbacks

We recently blogged here about the California Supreme Court’s decision in Howell v. Hamilton Meats.

In a long-awaited, and nearly unanimous decision, the California Supreme Court has held that an injured plaintiff whose medical expenses are paid through private health insurance may recover as economic damages no more than the amounts paid by the plaintiff’s insurer for those medical services, and that this discounted amount does not fall within the collateral source rule.

Dan Walters in a recent Sacramento Bee post, 'Tort war' could hit the California Capitol is wondering if the trial attorneys will take this loss lying down:

The issue in the case (Howell v. Hamilton Meats) was whether the injured party could collect the full medical bills imposed by doctors, hospitals and other medical care providers, or would be limited to the amounts actually paid by insurers, which are often pennies on the dollar.

The case, stemming from a 2005 collision in San Diego County, involved $200,000 in medical bills that were whittled down to $60,000 before payment.

The trial judge decreed that only the smaller amount need be paid, while an appellate court said it should be the full amount, and several other pending cases had conflicting appellate court decisions, so the issue was kicked upstairs to the Supreme Court.

Its widely watched ruling hit personal injury lawyers in their wallets but elated insurers, who had said an adverse outcome would have cost them, and their policyholders, another $3 billion a year. (emphasis added)

The legislature has just returned to Sacramento, and, according to Mr. Walters, the “Consumer Attorneys of California, the lobbying arm of personal injury lawyers, has made no secret that it wants legislation to counteract the Supreme Court decree.”

We’ll keep you posted if and when legislation is introduced.

• Email This
• Print
• Comments
• Trackbacks

By Sam Sorich and Larry Golub

On January 4, 2012, the California Secretary of State announced that signatures may be collected for a proposed initiative which would bring prior approval of rates for health insurance to California, and also amend the existing regulation of automobile and homeowners insurance.

Jamie Court, the President of Consumer Watchdog, is the proponent of the measure, termed the Insurance Rate Public Justification and Accountability Act. There were actually two virtually identical versions of the initiative submitted to (and allowed to proceed to collect signatures by) the Secretary of State, file numbers 11-0070 and 11-0072, but it is expected that Consumer Watchdog will pursue signature gathering for only the second version of the initiative.  (In fact, its website only links to the second version of the initiative.)

In order to qualify for the November 6, 2012 ballot, backers of an initiative must file 504,760 valid signatures in support of the measure. The deadline for submitting signatures for the initiative is June 4, 2012.

Among other things, the initiative would give the California Insurance Commissioner the power to approve health insurance rates proposed after November 6, 2012. The rate approval statutes enacted by Proposition 103 in 1988 for most property and casualty insurance would be made applicable to health insurance. A health insurer’s rate application would have to be accompanied by a sworn statement by insurer’s chief executive officer declaring that the contents of the application are accurate and comply in all respects with California law.

The initiative would require a health insurance company to pay refunds with interest if the insurance commissioner determines that the company’s rates are excessive; this requirement would apply to rates in effect on November 6, 2012 and rates in effect after that date.

Large group health insurance policies would be excluded from the scope of the initiative unless any one of four specified conditions exists; two of the conditions relate to the level of the proposed rate increase.

For health insurance, as well as automobile and homeowners insurance, the initiative would prohibit insurers from using the absence of prior insurance coverage or a person’s credit history as a rating factor or a criterion for determining insurance eligibility.

The initiative specifies that it may be amended only (1) by the Legislature if the legislation furthers the initiative’s purposes and is passed by a two-thirds vote in both the Assembly and the Senate or (2) by another voter ballot initiative.

In its summary of the fiscal effects of the initiative if approved by the voters, the Legislative Analyst’s Office estimates that the measure would increase “state administrative costs in the low tens of millions of dollars annually to regulate health insurance rates, funded with revenues collected from filing fees paid by health insurance companies.”

• Email This
• Print
• Comments
• Trackbacks