New York Codes, Rules and Regulations
Title 11 - INSURANCE
Chapter XIX - Privacy Of Consumer Financial and health Information
Part 420 - Privacy Of Consumer Financial And Health Information
Exceptions to Limits on Disclosure of Financial Information
Section 420.15 - Other exceptions to notice and opt out requirements for disclosure of nonpublic personal financial information

Current through Register Vol. 46, No. 39, September 25, 2024

(a) Exceptions to opt out requirements. The requirements for initial notice to consumers in section 420.4(a)(2) of this Part, and the opt out provisions in sections 420.7 and 420.10 of this Part and their application to service providers and joint marketing in as described in section 420.13 of this Part, do not apply when a licensee discloses nonpublic personal financial information:

(1) with the consent or at the direction of the consumer, provided that the consumer has not revoked the consent or direction (see subdivision [b] of this section);

(2)
(i) to protect the confidentiality or security of a licensee's records pertaining to the consumer, service, product or transaction;

(ii) to protect against or prevent actual or potential fraud or unauthorized transactions, claims, or other liabilities;

(iii) for required institutional risk control or for resolving consumer disputes or inquiries;

(iv) to persons holding a legal or beneficial interest relating to the consumer; or

(v) to persons acting in a fiduciary or representative capacity on behalf of the consumer;

(3) to provide information to insurance rate advisory organizations, guaranty funds or agencies, agencies that are rating a licensee, persons that are assessing the licensee's compliance with industry standards, and the licensee's attorneys, accountants, and auditors;

(4) to the extent specifically permitted or required under other provisions of law and in accordance with the Federal Right to Financial Privacy Act of 1978 (12 U.S.C. 3401 et seq.), to law enforcement agencies (including the Federal Reserve Board, Office of the Comptroller of the Currency, Federal Deposit Insurance Corporation, Office of Thrift Supervision, National Credit Union Administration, the Securities and Exchange Commission, the Secretary of the Treasury, with respect to 31 U.S.C. chapter 53, subchapter II [records and reports on monetary instruments and transactions] and 12 U.S.C. chapter 21 [financial recordkeeping], a State insurance or banking authority and the Federal Trade Commission), self-regulatory organizations, or for an investigation on a matter related to public safety;

(5)
(i) to a consumer reporting agency in accordance with the Federal Fair Credit Reporting Act (15 U.S.C. 1681 et seq.) and the New York Fair Credit Reporting Act (General Business Law, article 25); or

(ii) from a consumer report reported by a consumer reporting agency;

(6) in connection with a proposed or actual sale, merger, transfer or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal financial information concerns solely consumers of such business or unit;

(7)
(i) to comply with Federal, State, or local laws, rules and other applicable legal requirements;

(ii) to comply with a properly authorized civil, criminal or regulatory investigation, or subpoena or summons by Federal, State or local authorities; or

(iii) to respond to judicial process or government regulatory authorities having jurisdiction over a licensee for examination, compliance or other purposes as authorized by law; or

(8) for purposes related to the replacement of a group benefit plan, a group health plan, a group welfare plan or a workers' compensation plan.

(b) Example of revocation of consent. A consumer may revoke consent by subsequently exercising the right to opt out of future disclosures of nonpublic personal financial information as permitted under section 420.7(f) of this Part.

Disclaimer: These regulations may not be the most recent version. New York may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.