NU Online News Service, Aug. 20, 2003, 6:02 p.m. EDT – Representatives for insurance trade groups say insurers still have some concerns about the way regulators will enforce the privacy requirements created by the Health Insurance Portability and Accountability Act of 1996 and the Gramm-Leach-Bliley Financial Services Modernization Act of 1999.

The trade groups could raise their concerns in Chicago in September, when the National Association of Insurance Commissioners, Kansas City, Mo., holds its fall meeting.

Bruce Ferguson, senior vice president-state relations with the American Council of Life Insurers, Washington, says differences in state privacy standards could interfere with efforts to create a national market conduct exam.

Some states combine health privacy standards with financial privacy standards, but others focus solely on financial privacy, Ferguson notes.

The ACLI also has concerns about the cost of compliance and the effects of requests for proprietary information.

A centralized company with one privacy policy might spend $30,000 to go through a privacy market conduct examination, but a decentralized company that lets each unit handle privacy separately might have to spend far more, Ferguson says.

Ferguson also has concerns about an NAIC privacy survey that includes questions about proprietary information, such as computer system security features. If regulators publish insurers’ descriptions of computer security features, the survey report “could be a blueprint to invasion of computer systems,” Ferguson warns.

Onsite demonstrations would be a better vehicle for informing regulators about computer security features, Ferguson says.

Insurers also want to know how many states will sign on to a reciprocity agreement, says Robert Zeman, senior vice president-state government affairs with the National Association of Independent Insurers, Des Plaines, Ill.

Additionally, some insurers are worried about the fact that PricewaterhouseCoopers L.L.P., New York, the contractor for the privacy market conduct initiative, has acted as an auditor for some companies. PricewaterhouseCoopers’ auditing relationships have the potential to create a conflict of interest, Zeman says.

Regulators have told insurers that companies worried about a conflict of interest can use an alternate vendor, says Chris Petersen, an attorney with Morris Manning and Martin, Washington, outside counsel for the Health Insurance Association of America, Washington.

Petersen says HIAA members, like NAII members, want to see a large number of states sign on to a reciprocity agreement.

Getting 30 to 40 states on board would be desirable, Petersen says.