California Insurance Code Sections 791 - 791.27, the Insurance Information and Privacy Protection Act (IIPPA), provide protections for one's personally identifiable information, which is generally provided to an agent, broker or insurance company in order to apply for insurance or submit a claim. These entities must provide you with a "Privacy Notice" that describes the entities' practices and policies regarding privacy, the kind of information collected about you in connection with the application for insurance, submission of a claim or other insurance transaction; how and with whom your personally identifiable information will be shared, and your rights to restrict that sharing.
These regulations became effective on March 24, 2003. Among other things they clarify the standards for privacy notices and opt out notices to ensure that they are helpful to and readable by consumers and they establish guidelines for safeguarding the confidentiality of personally identifiable information. In particular, they require agents, brokers and insurers to provide a Privacy Notice to consumers and to give consumers the opportunity to "opt out" from having personal information shared.
Health Information (HIPAA)
The privacy rules of the federal Health Insurance Portability and Accountability Act (HIPAA) were effective as of April 14, 2003 and apply to all states. Among other things, these regulations provide a national floor of privacy protections for patients by limiting the ways that health plans, health insurers, pharmacies and hospitals among others, can use and disclose patients' personal medical information. The regulations protect medical records and other individually identifiable health information, whether it is on paper, in computers or communicated orally. One practical impact of these regulations is that you have been receiving or will receive a "Notice of Privacy Rights" from your doctor, medical clinic and pharmacy. The Notice should describe the provider's practices regarding how your personal information is handled and your rights. It should tell you how to contact the right person with a question or complaint about your health information privacy. In addition, since HIPAA establishes minimum standards, states are permitted to enforce more stringent privacy standards.
This guide provides an overview of the protections provided by HIPAA and state law. It is published by the Department of Justice’s Privacy Unit.
The U.S. Department of Health and Human Services has prepared a fact sheet that provides an overview of HIPAA.
General Privacy Information
The Department of Justice’s Privacy Unit, has a wide array of privacy information.