The insurance industry has become increasingly impacted and reliant on digital technologies, for both internal operations and customer-facing programs. While technology has undoubtedly made processes faster and customer self-service more widely available, all of this data means insurers and their customers are susceptible to security breaches.
That’s why many state and federal governments have enacted new data privacy laws and legislation — not only to protect everyone’s data from hackers, but also to protect consumers from having their data sold and shared without their permission. As such, staying in compliance and keeping customers’ data safe must be a top priority for all insurers. Here is a breakdown of some of the most important legislation that will impact insurance operations, and the steps insurers can take to protect data privacy.

The path to compliance is ez
A2C Simple Assessment™
The A2C platform provides insurance brokers online self assessments surrounding vulnerabilities created through the collection, storage and sharing of sensitive information (non-public). A common practice within the insurance industry. The A2C platform provides quick and easy access to industry tailored assessments to ensure all risks are properly identified and addressed in the A2C policies & procedures.
A2C Policies and Procedures™
Once you have completed your quick and easy online self assessment, it's time to implement the required policies & procedures to remedy any issues identified. The industry-focused and tailored library of policies and procedures, will ensure that compliance is met for having the appropriate written policies in place. A2C provides these policies in simple to edit templates based on the information collected during the self-assessments. These procedures will now be ready for implementing into your day to day business...
A2C Training and Testing™
Once the policies have been properly documented using the A2C policies and procedures module it is time to ensure ongoing compliance and adherence to the policies. Users will leverage the A2C education platform to access tailored training material that covers all the policies and procedures. Following completion of each of the courses each user is presented with online testing to ensure proper understanding is achieved. This is a great way to defend your policies should you even have to. A2C has you covered!
A2C Vendor Assessment™
Now that you and your internal team have completed the self-assessment, drafted your written policies and procedures, underwent the online training & testing its time to take your protection to the next level! A2C now offers the ability to forward the Vendor Assessments to your key vendors that also are privy to your clients' private and protected information. This will ensure that they are also doing everything possible to mitigate risk throughout the custody of information. The vendor assessments will provide you insights as to where you may have additional exposure that is in everyone's best interest to remedy.

Privacy Information Matrix

Privacy Notice Disclosure Requirement.

Opt Out Notification Requirement

Data Security and Integrity Requirement
Individuals be permitted to “opt out” before personal, “non- transactional” information may be shared with an “affiliate”

If Information is intended to be used for an insurance, credit or employment-related purposes. 
These regulations apply to all health insurance agents, but they do not apply to agents to the extent that they sell certain “excepted benefits,” including life, disability, property and casualty, and workers compensation insurance.
prohibits the transfer of “personal data” to non-EU nations that do not meet the EU “adequacy” standard for privacy protection. More and more States are adopting EU standards within their practice. A common use is GDPR