Please consider making a donation to keep this project's resources available at no cost to the public. Your donation will support new research, updates to current resources, and website maintenance for HealthInfoLaw.org.
Information Security Program Requirements – Cal. Code Regs. tit. 10 § 2689.14
Link to the law
This will open in a new window
Current as of June 2015
This will open in a new window
A licensee is an insurance institution, agent, or support organization licensed by the California Department of Insurance that handles information in connection with health insurance transactions pertaining to California residents or engages in health insurance transactions with applicants, individuals, or policyholders who are residents of California.
Licensees must implement a comprehensive, written information security program to protect nonpublic personal information the licensee holds about current health insurance policyholders. The program must include administrative, technical, and physical safeguards, which must be appropriate relative to the size and complexity of the licensee and the scope of its activities.
Current as of June 2015
.png)