§ 33-39-14 - Disclosure of personal or privileged information received in connection with insurance transactions

O.C.G.A. 33-39-14 (2010)
33-39-14. Disclosure of personal or privileged information received in connection with insurance transactions


An insurance institution, agent, or insurance-support organization shall not disclose any personal or privileged information about an individual collected or received in connection with an insurance transaction unless the disclosure is:

(1) With the written authorization of the individual, provided:

(A) If such authorization is submitted by another insurance institution, agent, or insurance-support organization, the authorization meets the requirement of Code Section 33-39-7; or

(B) If such authorization is submitted by a person other than an insurance institution, agent, or insurance-support organization, the authorization is:

(i) Dated;

(ii) Signed by the individual; and

(iii) Obtained one year or less prior to the date a disclosure is sought pursuant to this subsection; or

(2) To a person other than an insurance institution, agent, or insurance-support organization, provided such disclosure is reasonably necessary:

(A) To enable such person to perform a business, professional, or insurance function for the disclosing insurance institution, agent, or insurance-support organization and such person agrees not to disclose the information further without the individual's written authorization unless the further disclosure:

(i) Would otherwise be permitted by this Code section if made by an insurance institution, agent, or insurance-support organization; or

(ii) Is reasonably necessary for such person to perform its function for the disclosing insurance institution, agent, or insurance-support organization; or

(B) To enable such person to provide information to the disclosing insurance institution, agent, or insurance-support organization for the purpose of:

(i) Determining an individual's eligibility for an insurance benefit or payment; or

(ii) Detecting or preventing criminal activity, fraud, material misrepresentation, or material nondisclosure in connection with an insurance transaction; or

(3) To an insurance institution, agent, insurance-support organization, or self-insurer, provided the information disclosed is limited to that which is reasonably necessary:

(A) To detect or prevent criminal activity, fraud, material misrepresentation, or material nondisclosure in connection with insurance transactions; or

(B) For either the disclosing or receiving insurance institution, agent, or insurance-support organization to perform its function in connection with an insurance transaction involving the individual;

(4) To a medical-care institution or medical professional for the purpose of:

(A) Verifying insurance coverage or benefits;

(B) Informing an individual of a medical problem of which the individual may not be aware; or

(C) Conducting an operations or services audit;

provided only such information is disclosed as is reasonably necessary to accomplish the foregoing purposes;

(5) To an insurance regulatory authority;

(6) To a law enforcement or other governmental authority:

(A) To protect the interests of the insurance institution, agent, or insurance-support organization in preventing or prosecuting the perpetration of fraud upon it; or

(B) If the insurance institution, agent, or insurance-support organization reasonably believes that illegal activities have been conducted by the individual;

(7) Otherwise permitted or required by law;

(8) In response to a facially valid administrative or judicial order, including a search warrant or subpoena;

(9) Made for the purpose of conducting actuarial or research studies, provided:

(A) No individual may be identified in any actuarial or research report;

(B) Materials allowing the individual to be identified are returned or destroyed as soon as they are no longer needed; and

(C) The actuarial or research organization agrees not to disclose the information unless the disclosure would otherwise be permitted by this Code section if made by an insurance institution, agent, or insurance-support organization;

(10) To a party or a representative of a party to a proposed or consummated sale, transfer, merger, or consolidation of all or part of the business of the insurance institution, agent, or insurance-support organization, provided:

(A) Prior to the consummation of the sale, transfer, merger, or consolidation only such information is disclosed as is reasonably necessary to enable the recipient to make business decisions about the purchase, transfer, merger, or consolidation; and

(B) The recipient agrees not to disclose the information unless the disclosure would otherwise be permitted by this Code section if made by an insurance institution, agent, or insurance-support organization;

(11) To a person whose only use of such information will be in connection with the marketing of a product or service, provided:

(A) No medical-record information, privileged information, or personal information relating to an individual's character, personal habits, mode of living, or general reputation is disclosed, and no classification derived from such information is disclosed;

(B) The individual has been given an opportunity to indicate that he or she does not want personal information disclosed for marketing purposes and has given no indication that he or she does not want the information disclosed; and

(C) The person receiving such information agrees not to use it except in connection with the marketing of a product or service;

(12) To an affiliate whose only use of the information will be in connection with an audit of the insurance institution or agent or the marketing of an insurance product or service, provided the affiliate agrees not to disclose the information for any other purpose or to unaffiliated persons;

(13) By a consumer reporting agency, provided the disclosure is to a person other than an insurance institution or agent;

(14) To a group policyholder for the purpose of reporting claims experience or conducting an audit of the insurance institution's or agent's operations or services, provided the information disclosed is reasonably necessary for the group policyholder to conduct the review or audit;

(15) To a professional peer review organization for the purpose of reviewing the service or conduct of a medical-care institution or medical professional;

(16) To a governmental authority for the purpose of determining the individual's eligibility for health benefits for which the governmental authority may be liable;

(17) To a certificate holder or policyholder for the purpose of providing information regarding the status of an insurance transaction; or

(18) To a lienholder, mortgagee, assignee, lessor, or other person shown on the records of an insurance institution or agent as having legal or beneficial interest in a policy of insurance, provided that:

(A) No medical-record information is disclosed unless the disclosure would otherwise be permitted by this Code section; and

(B) The information disclosed is limited to that which is reasonably necessary to permit such person to protect its interest in such policy.