Legislation
SECTION 3451
Identity theft group insurance policies
Insurance (ISC) CHAPTER 28, ARTICLE 34
* § 3451. Identity theft group insurance policies. (a)(1) An identity
theft group insurance policy, and certificates thereunder, may be issued
or delivered in this state only in accordance with the provisions of
this section.
(2) An identity theft group insurance policy, and certificates
thereunder, may be issued only by an authorized insurer.
(3) The policy may be issued to:
(A) an employer, or a trustee or trustees of the fund established by
an employer, which employer or trustee shall be deemed the policyholder,
where the policy insures the employees of the employer;
(B) a labor union, or a trustee or trustees of a fund established by a
labor union, which labor union or trustee shall be deemed the
policyholder, where the policy insures the members of the labor union;
(C) a trustee of a trust established, or participated in, by two or
more employers or labor unions, or by one or more employers and one or
more labor unions, which the trustee shall be deemed the policyholder,
where the policy insures the employees of the employers, and the members
of the labor unions;
(D) a sponsor, where the policy insures account group members, as the
terms are defined in subsection (a) of section three thousand four
hundred forty-two of this article;
(E) an association, or to a trustee or trustees of a fund established,
created, or maintained for the benefit of one or more associations,
which the association or trustee shall be deemed the policyholder; where
all the eligible members of the association or associations have the
same profession, trade, or occupation, and the association or
associations have been organized and maintained in good faith for
purposes principally other than that of obtaining insurance, and have
been in active existence for at least two years, and where the policy
insures the members of the associations;
(F) a business that sells services or products designed to prevent, or
to minimize the effects of stolen identity events, which the business
shall be deemed to be the policyholder, where the policy insures the
persons that purchase the services or products;
(G) any other business or association that has in its possession
individuals' personal identification information, where the policy
insures the individuals whose information the business or association
possesses; or
(H) any other entity where the superintendent has determined in a
regulation that the members are engaged in a common enterprise, or have
an economic or social affinity or relationship, and that the issuance of
the policy would not be contrary to the best interests of the public.
(4) For purposes of this section, the term "employer" shall include
subsidiaries or affiliates of the employer.
(b) The group shall consist only of natural persons, hereinafter
referred to as group members, as specified in paragraph three of
subsection (a) of this section, and may also include a member of the
group member's immediate family or household or, where the group
policyholder is a sponsor, an authorized user, as the terms are defined
in subsection (a) of section three thousand four hundred forty-two of
this chapter.
(c)(1) The policy shall cover losses and expenses incurred because of
stolen identity events, as defined in subparagraph (E) of paragraph
seven of subsection (a) of section one thousand one hundred thirteen of
this chapter.
(2) An insurer shall treat in a like manner all eligible group members
of the same class.
(3) Except for groups as described in subparagraph (F) of paragraph
three of subsection (a) of this section, a group member shall not be
required to purchase any product or service to be eligible for the
coverage.
(d) The premium for the group policy, including certificates, may be
paid by the group policyholder from funds contributed: (1) wholly by the
group policyholder; (2) wholly by the group members; or (3) jointly by
the group policyholder and the group members, except that with regard to
subparagraph (G) of paragraph three of subsection (a) of this section,
the premium for the group policy shall be paid from funds contributed
wholly by the group policyholder.
(e) A group identity theft insurance policy or certificate issued
thereunder, shall not be subject to section three thousand four hundred
twenty-five or section three thousand four hundred twenty-six of this
article. The following requirements shall apply with regard to
cancellation, nonrenewal, or conditional renewal of coverage:
(1) Unless the group policy provides for a longer policy period, the
policy shall be issued or renewed for a one-year policy period.
(2) A group policy, or any certificate thereunder, may be cancelled by
an insurer only if cancellation is based upon one or more of the reasons
set forth in paragraph one of subsection (c) of section three thousand
four hundred twenty-six of this article, provided, however, that an act
or omission by a group member shall not constitute the basis for
cancellation of the policy and provided further, that coverage for an
individual group member shall terminate upon termination of the member's
employment by, or other affiliation with, the group policyholder that
constitutes membership in the group.
(3) An insurer's cancellation, nonrenewal, or conditional renewal of a
group policy, or any certificate issued thereunder, shall not become
effective until at least forty-five days, or twenty days if based upon
non-payment of premium, after the insurer mails or delivers written
notice of the cancellation or nonrenewal to the group policyholder at
the mailing address shown in the policy and to affected certificate
holders at each certificate holder's last known mailing address. If so
authorized by the insurer, the group policyholder may mail or deliver
the notice to the certificate holder on behalf of the insurer. For
purposes of this section, the term "conditional renewal" shall mean a
renewal that is conditioned upon change of limits, change in type of
coverage, reduction or elimination of coverage, increased deductible or
addition of exclusion, or increased premiums in excess of ten percent
(exclusive of any premium increase generated as a result of increased
exposure units or as a result of experience rating, loss rating,
retrospective rating, or audit).
(4) Every notice of cancellation, nonrenewal, or conditional renewal
shall set forth the specific reason or reasons for cancellation,
nonrenewal, or conditional renewal.
(5) A group policyholder may cancel the group policy for any reason
upon thirty days written notice to the insurer and each affected group
member. A group policyholder shall not be required to give notice to a
group member if substantially similar coverage has been obtained from
another insurer without lapse of coverage.
(6) If prior to the effective date of cancellation, nonrenewal, or
conditional renewal of the group policy, or cancellation, nonrenewal,
conditional renewal or termination of a certificate, whether initiated
by the insurer, group policyholder, or by the group member, with respect
to the group member's certificate, a group member sustains an identity
theft loss, the loss shall remain covered in accordance with the
coverage provided under the policy, notwithstanding the cancellation,
nonrenewal, conditional renewal, or termination.
(f) The superintendent may promulgate regulations pertaining to
identity theft group insurance, including regulations regarding:
payments of dividends or retrospective premium refunds; minimum
provisions; minimum number of group members; and other reasonable
limitations.
* NB There are 2 § 3451's
theft group insurance policy, and certificates thereunder, may be issued
or delivered in this state only in accordance with the provisions of
this section.
(2) An identity theft group insurance policy, and certificates
thereunder, may be issued only by an authorized insurer.
(3) The policy may be issued to:
(A) an employer, or a trustee or trustees of the fund established by
an employer, which employer or trustee shall be deemed the policyholder,
where the policy insures the employees of the employer;
(B) a labor union, or a trustee or trustees of a fund established by a
labor union, which labor union or trustee shall be deemed the
policyholder, where the policy insures the members of the labor union;
(C) a trustee of a trust established, or participated in, by two or
more employers or labor unions, or by one or more employers and one or
more labor unions, which the trustee shall be deemed the policyholder,
where the policy insures the employees of the employers, and the members
of the labor unions;
(D) a sponsor, where the policy insures account group members, as the
terms are defined in subsection (a) of section three thousand four
hundred forty-two of this article;
(E) an association, or to a trustee or trustees of a fund established,
created, or maintained for the benefit of one or more associations,
which the association or trustee shall be deemed the policyholder; where
all the eligible members of the association or associations have the
same profession, trade, or occupation, and the association or
associations have been organized and maintained in good faith for
purposes principally other than that of obtaining insurance, and have
been in active existence for at least two years, and where the policy
insures the members of the associations;
(F) a business that sells services or products designed to prevent, or
to minimize the effects of stolen identity events, which the business
shall be deemed to be the policyholder, where the policy insures the
persons that purchase the services or products;
(G) any other business or association that has in its possession
individuals' personal identification information, where the policy
insures the individuals whose information the business or association
possesses; or
(H) any other entity where the superintendent has determined in a
regulation that the members are engaged in a common enterprise, or have
an economic or social affinity or relationship, and that the issuance of
the policy would not be contrary to the best interests of the public.
(4) For purposes of this section, the term "employer" shall include
subsidiaries or affiliates of the employer.
(b) The group shall consist only of natural persons, hereinafter
referred to as group members, as specified in paragraph three of
subsection (a) of this section, and may also include a member of the
group member's immediate family or household or, where the group
policyholder is a sponsor, an authorized user, as the terms are defined
in subsection (a) of section three thousand four hundred forty-two of
this chapter.
(c)(1) The policy shall cover losses and expenses incurred because of
stolen identity events, as defined in subparagraph (E) of paragraph
seven of subsection (a) of section one thousand one hundred thirteen of
this chapter.
(2) An insurer shall treat in a like manner all eligible group members
of the same class.
(3) Except for groups as described in subparagraph (F) of paragraph
three of subsection (a) of this section, a group member shall not be
required to purchase any product or service to be eligible for the
coverage.
(d) The premium for the group policy, including certificates, may be
paid by the group policyholder from funds contributed: (1) wholly by the
group policyholder; (2) wholly by the group members; or (3) jointly by
the group policyholder and the group members, except that with regard to
subparagraph (G) of paragraph three of subsection (a) of this section,
the premium for the group policy shall be paid from funds contributed
wholly by the group policyholder.
(e) A group identity theft insurance policy or certificate issued
thereunder, shall not be subject to section three thousand four hundred
twenty-five or section three thousand four hundred twenty-six of this
article. The following requirements shall apply with regard to
cancellation, nonrenewal, or conditional renewal of coverage:
(1) Unless the group policy provides for a longer policy period, the
policy shall be issued or renewed for a one-year policy period.
(2) A group policy, or any certificate thereunder, may be cancelled by
an insurer only if cancellation is based upon one or more of the reasons
set forth in paragraph one of subsection (c) of section three thousand
four hundred twenty-six of this article, provided, however, that an act
or omission by a group member shall not constitute the basis for
cancellation of the policy and provided further, that coverage for an
individual group member shall terminate upon termination of the member's
employment by, or other affiliation with, the group policyholder that
constitutes membership in the group.
(3) An insurer's cancellation, nonrenewal, or conditional renewal of a
group policy, or any certificate issued thereunder, shall not become
effective until at least forty-five days, or twenty days if based upon
non-payment of premium, after the insurer mails or delivers written
notice of the cancellation or nonrenewal to the group policyholder at
the mailing address shown in the policy and to affected certificate
holders at each certificate holder's last known mailing address. If so
authorized by the insurer, the group policyholder may mail or deliver
the notice to the certificate holder on behalf of the insurer. For
purposes of this section, the term "conditional renewal" shall mean a
renewal that is conditioned upon change of limits, change in type of
coverage, reduction or elimination of coverage, increased deductible or
addition of exclusion, or increased premiums in excess of ten percent
(exclusive of any premium increase generated as a result of increased
exposure units or as a result of experience rating, loss rating,
retrospective rating, or audit).
(4) Every notice of cancellation, nonrenewal, or conditional renewal
shall set forth the specific reason or reasons for cancellation,
nonrenewal, or conditional renewal.
(5) A group policyholder may cancel the group policy for any reason
upon thirty days written notice to the insurer and each affected group
member. A group policyholder shall not be required to give notice to a
group member if substantially similar coverage has been obtained from
another insurer without lapse of coverage.
(6) If prior to the effective date of cancellation, nonrenewal, or
conditional renewal of the group policy, or cancellation, nonrenewal,
conditional renewal or termination of a certificate, whether initiated
by the insurer, group policyholder, or by the group member, with respect
to the group member's certificate, a group member sustains an identity
theft loss, the loss shall remain covered in accordance with the
coverage provided under the policy, notwithstanding the cancellation,
nonrenewal, conditional renewal, or termination.
(f) The superintendent may promulgate regulations pertaining to
identity theft group insurance, including regulations regarding:
payments of dividends or retrospective premium refunds; minimum
provisions; minimum number of group members; and other reasonable
limitations.
* NB There are 2 § 3451's