There Is a Newer Version
of
this Section
2022 New Hampshire Revised Statutes
Title XXXVII - Insurance
Title 420-P - Insurance Data Security Law
Section 420-P:9 - Exceptions.
Universal Citation:
NH Rev Stat § 420-P:9 (2022)
Learn more
This media-neutral citation is based
on the American Association of Law Libraries Universal Citation Guide and is not
necessarily the official citation.
420-P:9 Exceptions. –
I. The following exceptions shall apply to this chapter:
(a) A licensee with fewer than 20 employees, including any independent contractors, shall be exempt from RSA 420-P:4.
(b) An employee, agent, representative, or designee of a licensee, who is also a licensee, shall be exempt from RSA 420-P:4 and need not develop its own program to the extent that the employee, agent, representative, or designee is covered by the information security program of the other licensee.
(c) A continuing care retirement community, as defined by RSA 420-D, shall be exempt from RSA 420-P:4.
(d) A life settlement provider, as defined by RSA 408-D, shall be exempt from RSA 420-P:4.
(e) A licensee that is a bank or a credit union, as defined in RSA 383-A:2-201, that has established and maintains programs and procedures regarding administrative, technical, and physical safeguards for customer information that are prescribed by section 501(b) of the Gramm-Leach-Bliley Act, 15 U.S.C. section 6801 et seq. and by section 216 of the Fair and Accurate Credit Transaction Act of 2003, and that is subject to examination by its federal regulatory authorities, shall be exempt from RSA 420-P:4, and those provisions of this chapter that apply to a bank or credit union apply only to the extent that it involves insurance. Notification to affected consumers for security breaches relating to insurance business shall be made consistent with the requirements of the Gramm-Leach-Bliley Act. Notification to the commissioner shall be made consistent with that received by federal regulatory authorities.
(f) A motor vehicle retail seller or a motor vehicle sales finance company, as defined in RSA 361-A, shall be exempt from RSA 420-P:4, and those provisions of this chapter that apply to a motor vehicle retail seller or a motor vehicle sales finance company apply only to the extent that it involves insurance. Notification to affected consumers for security breaches relating to the insurance business shall be made consistent with the requirements of the Gramm-Leach Bliley Act. Notification to the commissioner shall be made consistent with that received by federal regulatory authorities.
(g) A vendor, as defined under RSA 402-K:1, shall be exempt from this chapter.
II. A licensee which ceases to qualify for an exception under this section shall have 180 days to comply with RSA 420-P:4.
I. The following exceptions shall apply to this chapter:
(a) A licensee with fewer than 20 employees, including any independent contractors, shall be exempt from RSA 420-P:4.
(b) An employee, agent, representative, or designee of a licensee, who is also a licensee, shall be exempt from RSA 420-P:4 and need not develop its own program to the extent that the employee, agent, representative, or designee is covered by the information security program of the other licensee.
(c) A continuing care retirement community, as defined by RSA 420-D, shall be exempt from RSA 420-P:4.
(d) A life settlement provider, as defined by RSA 408-D, shall be exempt from RSA 420-P:4.
(e) A licensee that is a bank or a credit union, as defined in RSA 383-A:2-201, that has established and maintains programs and procedures regarding administrative, technical, and physical safeguards for customer information that are prescribed by section 501(b) of the Gramm-Leach-Bliley Act, 15 U.S.C. section 6801 et seq. and by section 216 of the Fair and Accurate Credit Transaction Act of 2003, and that is subject to examination by its federal regulatory authorities, shall be exempt from RSA 420-P:4, and those provisions of this chapter that apply to a bank or credit union apply only to the extent that it involves insurance. Notification to affected consumers for security breaches relating to insurance business shall be made consistent with the requirements of the Gramm-Leach-Bliley Act. Notification to the commissioner shall be made consistent with that received by federal regulatory authorities.
(f) A motor vehicle retail seller or a motor vehicle sales finance company, as defined in RSA 361-A, shall be exempt from RSA 420-P:4, and those provisions of this chapter that apply to a motor vehicle retail seller or a motor vehicle sales finance company apply only to the extent that it involves insurance. Notification to affected consumers for security breaches relating to the insurance business shall be made consistent with the requirements of the Gramm-Leach Bliley Act. Notification to the commissioner shall be made consistent with that received by federal regulatory authorities.
(g) A vendor, as defined under RSA 402-K:1, shall be exempt from this chapter.
II. A licensee which ceases to qualify for an exception under this section shall have 180 days to comply with RSA 420-P:4.
Source. 2019, 309:1, eff. Jan. 1, 2020.
Disclaimer: These codes may not be the most recent version. New Hampshire may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
