New York Codes, Rules and Regulations
Title 11 - INSURANCE
Chapter XIX - Privacy Of Consumer Financial and health Information
Part 420 - Privacy Of Consumer Financial And Health Information
Privacy and Opt Out Notices for Financial Information
Section 420.7 - Form of opt out notice to consumers and opt out methods

Current through Register Vol. 46, No. 39, September 25, 2024

(a)

(1) Form of opt out notice. If a licensee is required to provide an opt out notice under section 420.10(a) of this Part, the licensee shall provide a clear and conspicuous notice to each of its consumers that accurately explains the right to opt out under that section. The notice shall state:
(i) that the licensee discloses or reserves the right to disclose nonpublic personal financial information about its consumer to a nonaffiliated third party;

(ii) that the consumer has the right to opt out of that disclosure; and

(iii) a reasonable means by which the consumer may exercise the opt out right.

(2) Examples.
(i) Adequate opt out notice. A licensee provides adequate notice that the consumer can opt out of the disclosure of nonpublic personal financial information to a nonaffiliated third party if the licensee:
(a) identifies all of the categories of nonpublic personal financial information that the licensee discloses or reserves the right to disclose, and all of the categories of nonaffiliated third parties to which the licensee discloses the information, as described in section 420.6(a)(2) and (3) of this Part, and states that the consumer may opt out of the disclosure of that information;

(b) identifies the insurance products or services that the consumer (either individually or jointly) obtains from the licensee to which the opt out direction would apply; and

(c) in the case of a written opt out notice, prominently provides the address to which the completed opt out notice should be sent.

(ii) Reasonable opt out means. A licensee provides a reasonable means to exercise an opt out right if it:
(a) designates check-off boxes in a prominent position on the relevant forms with the opt out notice;

(b) includes a reply form together with the opt out notice;

(c) provides an electronic means to opt out, such as a form that can be sent via electronic mail or a process at the licensee's web site, if the consumer agrees to the electronic delivery of information; or

(d) provides a toll-free telephone number that consumers can call to opt out.

(iii) Unreasonable opt out means. A licensee does not provide a reasonable means of opting out if:
(a) the only means of opting out is for the consumer to write his or her own letter to exercise that opt out right; or

(b) the only means of opting out as described in any notice subsequent to the initial notice is to use a check-off box that the licensee provided with the initial notice but did not include with the subsequent notice.

(iv) Specific opt out means. A licensee may require each consumer to opt out through a specific means, as long as the means is reasonable for that consumer.

(b) Same form as initial notice permitted.

The licensee may provide the opt out notice together with or on the same written or electronic form as the initial notice the licensee provides in accordance with section 420.4 of this Part.

(c) Initial notice required when opt out notice delivered subsequent to initial notice.

If a licensee provides the opt out notice later than required for the initial notice in accordance with section 420.4 of this Part, the licensee shall also include a copy of the initial notice in writing or, if the consumer agrees, electronically.

(d) Joint relationships.

(1) If two or more consumers jointly obtain an insurance product or service from a licensee, the licensee may provide a single opt out notice. The licensee's opt out notice shall explain how the licensee will treat an opt out direction by a joint consumer (as explained in paragraph [2] of this subdivision).

(2) Any of the joint consumers may exercise the right to opt out. The licensee may either:
(i) treat an opt out direction by a joint consumer as applying to all of the associated joint consumers; or

(ii) permit each joint consumer to opt out separately.

(3) If a licensee permits each joint consumer to opt out separately, the licensee shall permit one of the joint consumers to opt out on behalf of all of the joint consumers.

(4) A licensee may not require all joint consumers to opt out before the licensee implements any opt out direction.

(5) Example. If John and Mary are both named policyholders on a homeowner's insurance policy issued by a licensee and the licensee sends all correspondence about the policy to John's address, the licensee may do any of the following, but the licensee shall explain in its opt out notice which opt out policy it will follow:
(i) send a single opt out notice to John's address, but the licensee shall accept an opt out direction from either John or Mary;

(ii) treat an opt out direction by either John or Mary as applying to the entire account. If the licensee does so, and John opts out, the licensee may not require Mary to opt out as well before implementing John's opt out direction; or

(iii) permit John and Mary to make different opt out directions. If the licensee does so:
(a) it shall permit John and Mary to opt out for each other;

(b) if both opt out, the licensee shall permit both of them to notify it in a single response (such as on a form or through a telephone call); and

(c) if John opts out and Mary does not, the licensee may only disclose nonpublic personal financial information about Mary, but not about John and not about John and Mary.

(e) Time to comply with opt out.

A licensee shall comply with a consumer's opt out direction as soon as reasonably practicable after the licensee receives it.

(f) Continuing right to opt out.

A consumer may exercise the right to opt out at any time.

(g) Duration of consumer's opt out direction.

(1) A consumer's direction to opt out under this section is effective until the consumer revokes it in writing or, if the consumer agrees, revokes it electronically, or revokes it by calling a toll-free telephone number, if such number is provided by the licensee.

(2) When a customer relationship terminates, the customer's opt out direction continues to apply to the nonpublic personal financial information the licensee collected during or related to that relationship. If the individual subsequently establishes a new customer relationship with the licensee, the opt out direction that applied to the former relationship does not apply to the new relationship.

(h) Delivery.

When a licensee is required to deliver an opt out notice by this section, the licensee shall deliver it according to section 420.9 of this Part.

Disclaimer: These regulations may not be the most recent version. New York may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.