Section R590-206-3 - DefinitionsTerms used in this rule are defined in Section 31A-1-301. Additional terms are defined as follows:
(1)(a) "Clear and conspicuous" means that a notice is reasonably understandable and designed to call attention to the nature and significance of the information in the notice.(b) "Clear and conspicuous" includes: (i) presenting the information in the notice in clear, concise sentences, paragraphs, and sections;(ii) using short explanatory sentences or bulleted lists whenever possible;(iii) using definite, concrete, everyday words and active voice whenever possible;(iv) avoiding multiple negatives;(v) avoiding legal and highly technical business terminology;(vi) avoiding explanations that are imprecise and readily subject to different interpretations;(vii) using a plain-language heading to call attention to the notice;(viii) using a typeface and type size that are easy to read;(ix) providing wide margins and ample line spacing;(x) using boldface or italics for key words; and(xi) using distinctive type size, style, and graphic devices, such as shading or sidebars.(c) "Clear and conspicuous" also includes, if a licensee provides a notice on a web page, the following: (i) calling attention to the nature and significance of the information in the notice by using text or visual cues to encourage scrolling down the web page, if necessary, to view the entire notice and ensure that other elements on the web page, such as text, graphics, hyperlinks, or sound, do not distract attention from the notice;(ii) placing the notice on a screen that consumers frequently access, such as a page where transactions are conducted; or(iii) placing a link that connects directly to the notice and is labeled appropriately to convey the importance, nature, and relevance of the notice.(2) "Collect" means to obtain information that the licensee organizes or can retrieve by the name of an individual or by identifying number, symbol, or other identifying particular assigned to the individual, irrespective of the source of the underlying information.(3) "Company" means a corporation, limited liability company, business trust, general or limited partnership, association, sole proprietorship, or similar organization.(4)(a) "Consumer" means an individual who seeks to obtain, obtains, or has obtained an insurance product or service from a licensee that is used primarily for a personal, family, or household purpose, and about whom the licensee has nonpublic personal information, or that individual's legal representative.(b) "Consumer" includes: (i) an individual who provides nonpublic personal information to a licensee in connection with obtaining or seeking to obtain financial, investment, or economic advisory services relating to an insurance product or service;(ii) an applicant for insurance before the start of insurance coverage;(iii) an individual who is a beneficiary of a life insurance policy underwritten by the licensee;(iv) an individual who is a claimant under an insurance policy issued by a licensee;(v) an individual who is an insured or an annuitant under an insurance policy or an annuity; and(vi) an individual who is a mortgagor under a mortgage insurance policy.(c) "Consumer" does not include: (i) an individual who is a consumer of another financial institution, solely because the licensee acts as agent for, or provides processing or other services to, that financial institution;(ii) a participant or a beneficiary of an employee benefit plan that the licensee administers or sponsors or for which the licensee acts as a trustee, insurer, or fiduciary;(iii) a person covered under a group or blanket insurance policy or group annuity contract;(iv) a claimant covered by a workers' compensation plan;(v) an individual, solely because the individual is a beneficiary of a trust for which the licensee is a trustee; or(vi) an individual, solely because the individual designates the licensee as trustee for a trust.(5) "Consumer reporting agency" has the same meaning as in the Fair Credit Reporting Act, 15 U.S.C. 1681a(f).(6) "Control," for purposes of this rule, means: (a) ownership, control, or power to vote 25% or more of the outstanding shares of a class of voting security of a company, directly or indirectly, or acting through one or more other persons;(b) control over the election of a majority of the directors, trustees or general partners, or individuals exercising similar functions, of a company; or(c) the power to exercise, directly or indirectly, a controlling influence over the management or policies of a company, as the commissioner determines.(7) "Customer" means a consumer who has a customer relationship with a licensee.(8)(a) "Customer relationship" means a continuing relationship between a consumer and a licensee under which the licensee provides one or more insurance products or services to the consumer that are used primarily for a personal, family, or household purpose.(b) "Customer relationship" includes a consumer having a continuing relationship with a licensee if:(i) the consumer is a current policyholder of an insurance product issued by or through the licensee; or(ii) the consumer obtains financial, investment, or economic advisory services relating to an insurance product or service from the licensee for a fee.(c) "Customer relationship" does not exist if: (i) a consumer applies for insurance but does not purchase the insurance;(ii) a licensee sells a consumer airline travel insurance in an isolated transaction;(iii) an individual is no longer a current policyholder of an insurance product or no longer obtains insurance services with or through the licensee;(iv) a consumer is a beneficiary or a claimant under a policy and submitted a claim under the policy choosing a settlement option involving an ongoing relationship with the licensee;(v) a consumer is a beneficiary or a claimant under a policy and submitted a claim under the policy choosing a lump sum settlement option;(vi) a customer's policy is lapsed, expired, or otherwise inactive or dormant under the licensee's business practices, and the licensee has not communicated with the customer about the relationship for 12 consecutive months, other than annual privacy notices, material required by law or rule, communication at the direction of a state or federal authority, or promotional materials;(vii) an individual is an insured or an annuitant under an insurance policy or annuity but is not the policyholder or owner of the insurance policy or annuity; or(viii) mail sent to an individual's last known address according to the licensee's records is returned by the postal authorities as undeliverable, and subsequent attempts by the licensee to obtain a current valid address for the individual are unsuccessful.(9)(a) "Financial institution" means an institution that engages in activities that are financial in nature or incidental to financial activities described in Section 4(k) of the Bank Holding Company Act of 1956, 12 U.S.C. 1843(k).(b) "Financial institution" does not mean: (i) a person or entity that is subject to the jurisdiction of the Commodity Futures Trading Commission under the Commodity Exchange Act, 7 U.S.C. 1 et seq.;(ii) the Federal Agricultural Mortgage Corporation or any entity charged and operating under the Farm Credit Act of 1971, 12 U.S.C. 2001 et seq.; or(iii) an institution chartered by Congress specifically to engage in securitizations, secondary market sales, including sales of servicing rights, or a similar transaction related to a transaction of a consumer, if the institution does not sell or transfer nonpublic personal information to a nonaffiliated third party.(10)(a) "Financial product or service" means a product or service that a financial holding company offers by engaging in an activity that is financial in nature or incidental to a financial activity under Section 4(k) of the Bank Holding Company Act of 1956, 12 U.S.C. 1843(k).(b) "Financial product or service" includes a financial institution's evaluation or brokerage of information that the financial institution collects in connection with a request or an application from a consumer for a financial product or service.(11) "Health care," for purposes of this rule, means:(a) any preventive, diagnostic, therapeutic, rehabilitative, maintenance or palliative care, service, procedure, test, or counseling that: (i) relates to the physical, mental, or behavioral condition of an individual; or(ii) affects the structure or function of the human body or any part of the human body, including banking of blood, sperm, organs, or any other tissue; or(b) prescribing, dispensing, or furnishing to an individual: (i) drugs or biologicals;(iii) health care equipment and supplies.(12) "Health care provider," for purposes of this rule, means: (a) a physician or other health care practitioner who is licensed, accredited, or certified to perform specified health services consistent with state law; or(b) a health care facility.(13) "Health information" means information or data, except age or gender, whether oral or recorded in any form or medium, created by or derived from a health care provider or a consumer, that relates to:(a) the past, present, or future physical, mental, or behavioral health or condition of an individual;(b) the provision of health care to an individual; or(c) payment for the provision of health care to an individual.(14)(a) "Insurance product or service" means a product or service offered by a licensee.(b) "Insurance product or service" includes a licensee's evaluation, brokerage, or distribution of information that the licensee collects in connection with a request or an application from a consumer for an insurance product or service.(15) "Joint agreement" means a written contract where a licensee and one or more financial institutions jointly offer, endorse, or sponsor a financial product or service.(16)(a) "Licensee" means a licensed insurer, producer, or other person licensed or required to be licensed, or authorized or required to be authorized, or registered or required to be registered, in this state.(b) A licensee is not subject to the notice and opt out requirements for nonpublic personal financial information in Sections R590-206-4 through R590-206-17 if the licensee is an employee, agent, or other representative of another licensee, the principal, and: (i) the principal complies with and provides the notice required by this rule; and(ii) the licensee does not disclose nonpublic personal information to a person other than the principal or its affiliates in a manner permitted by this rule.(c)(i) Subject to Subsection R590-206-3(16)(c)(ii), "licensee" includes an unauthorized insurer that accepts business placed through a licensed surplus lines broker in this state, but only in regard to the surplus lines placements placed pursuant to Section 31A-15-103.(ii) A surplus lines broker or surplus lines insurer is compliant with the notice and opt out requirements for nonpublic personal financial information under Sections R590-206-4 through R590-206-17 provided: (A) the broker or insurer does not disclose nonpublic personal financial information of a consumer or a customer to a nonaffiliated third party for any purpose, including joint servicing or marketing under Section R590-206-15, except as permitted by Section R590-206-16 or R590-206-17; and(B) the broker or insurer delivers a notice to the consumer at the time a customer relationship is established on which the following is printed in 16-point type: PRIVACY NOTICE
"NEITHER THE U.S. BROKERS THAT HANDLED THIS INSURANCE NOR THE INSURERS THAT HAVE UNDERWRITTEN THIS INSURANCE WILL DISCLOSE NONPUBLIC PERSONAL INFORMATION CONCERNING THE BUYER TO NONAFFILIATES OF THE BROKERS OR INSURERS EXCEPT AS PERMITTED BY LAW."
(17)(a) "Nonaffiliated third party" means a company that is an affiliate solely by virtue of the direct or indirect ownership or control of the company by the licensee or its affiliate in conducting merchant banking or investment banking activities or insurance company investment activities under the Bank Holding Company Act, 12 U.S.C. 1843(k) (4)(H) and (I).(b) "Nonaffiliated third party" does not include: (ii) a person employed jointly by a licensee and a company that is not an affiliate, but nonaffiliated third party includes the other company that jointly employs the person.(18) "Nonpublic personal information" means nonpublic personal financial information and nonpublic personal health information.(19)(a) "Nonpublic personal financial information" means: (i) personally identifiable financial information; and(ii) any list, description, or other grouping of consumer information and publicly available information pertaining to the consumer, that is derived using any personally identifiable financial information that is not publicly available.(b) "Nonpublic personal financial information" includes any list of individuals' names and street addresses that is derived in whole or in part using personally identifiable financial information that is not publicly available, such as an account number.(c) "Nonpublic personal financial information" does not include: (ii) publicly available information;(iii) a list, description, or other grouping of consumer information;(iv) publicly available information pertaining to a consumer that is derived without using personally identifiable financial information that is not publicly available; or(v) a list of names and addresses that contains only publicly available information, is not derived in whole or in part using personally identifiable financial information that is not publicly available, and is not disclosed in a manner that indicates that any of the individuals on the list is a consumer of a financial institution.(20) "Nonpublic personal health information" means health information: (a) that identifies an individual who is the subject of the information; or(b) that could reasonably be used to identify an individual.(21)(a) "Personally identifiable financial information" means any information: (i) a consumer provides to a licensee to obtain an insurance product or service;(ii) about a consumer resulting from a transaction involving an insurance product or service between a licensee and a consumer; or(iii) obtained by a licensee about a consumer in connection with providing an insurance product or service to that consumer.(b) "Personally identifiable financial information" includes:(i) information a consumer provides to a licensee on an application to obtain an insurance product or service;(ii) account balance information and payment history;(iii) information that an individual is or has been a customer or has obtained an insurance product or service from the licensee;(iv) information about a consumer if it is disclosed in a manner that indicates that the individual is or has been a consumer of the licensee;(v) information that a consumer provides to a licensee or that the licensee or its agent otherwise obtains in connection with collecting on a loan or servicing a loan;(vi) information the licensee collects through the internet, cookies, or an information-collecting device from a web server; and(vii) information from a consumer report.(c) "Personally identifiable financial information" does not include: (ii) a list of names and addresses of customers of an entity that is not a financial institution; and(iii) information that does not identify a consumer, such as aggregate information or blind data that does not contain personal identifiers such as account numbers, names, or addresses.(22)(a) "Publicly available information" means any information that a licensee has a reasonable basis to believe is lawfully made available to the general public from: (i) federal, state, or local government records;(ii) widely distributed media;(iii) disclosures to the public that are required to be made by federal, state, or local law;(iv) information that is available to the public;(v) information that an individual can direct to not be made available to the public, and the individual has not done so;(vi) government real estate records and security interest filings; and(vii) widely distributed media including information from: (E) a website that is available to the general public.Utah Admin. Code R590-206-3
Amended by Utah State Bulletin Number 2017-15, effective 7/11/2017Adopted by Utah State Bulletin Number 2023-23, effective 11/21/2023