<<Prev Rule

Texas Administrative Code

Next Rule>>
TITLE 28INSURANCE
PART 1TEXAS DEPARTMENT OF INSURANCE
CHAPTER 22PRIVACY
SUBCHAPTER AINSURANCE CONSUMER FINANCIAL INFORMATION PRIVACY
RULE §22.9Annual Privacy Notice

(a) A covered entity must provide a clear and conspicuous notice to customers that accurately reflects its privacy policies and practices not less than annually during the continuation of the customer relationship, except as provided in subsection (d) of this section. "Annually" means at least once in any period of 12 consecutive months during which that relationship exists. A covered entity may define the 12-consecutive-month period, but the covered entity must apply it to the customer on a consistent basis. A covered entity provides a notice annually if it defines the 12-consecutive-month period as a calendar year and provides the annual notice to the customer once in each calendar year following the calendar year in which the covered entity provided the initial notice. For example, if a customer opens an account on any day of year 1, the covered entity must provide an annual notice to that customer by December 31 of year 2.

(b) A covered entity is not required to provide an annual notice to a former customer. A former customer is an individual with whom a covered entity no longer has a continuing relationship. A covered entity no longer has a continuing relationship with an individual:

  (1) if the individual no longer is a current policyholder of an insurance product or no longer obtains insurance services with or through the covered entity;

  (2) if the individual's policy is lapsed, expired, or otherwise not in force, and the covered entity has not communicated with the customer about the relationship for a period of 12 consecutive months, other than to provide annual privacy notices, material required by law or regulation, communication at the direction of a state or federal authority, or promotional materials;

  (3) for the purposes of this subchapter, if:

    (A) the covered entity sends mail to the individual's last known address, according to the covered entity's records, and the postal authorities return that mail as undeliverable, and

    (B) subsequent attempts by the covered entity to obtain a current valid address for the individual are unsuccessful; or

  (4) in the case of providing real estate settlement services, at the later of the following events:

    (A) the customer completes execution of all documents related to the real estate closing;

    (B) payment for those services has been received; or

    (C) the covered entity has completed all of its responsibilities with respect to the settlement, including filing documents in the public record.

(c) A covered entity must deliver any annual privacy notices required by this section according to §22.13 of this title (relating to Delivery).

(d) A covered entity that is excepted from annual privacy notice requirements under 15 U.S.C. §6803(f), or one that would be excepted if it were a financial institution, is not required to provide an annual privacy notice under this section. At any time the covered entity fails to meet both criteria for the exception under §6803(f), the covered entity is subject to the annual notice requirement in this section.


Source Note: The provisions of this §22.9 adopted to be effective December 17, 2001, 26 TexReg 10316; amended to be effective May 10, 2017, 42 TexReg 2413

Link to Texas Secretary of State Home Page | link to Texas Register home page | link to Texas Administrative Code home page | link to Open Meetings home page