If your MGA or Insurtech business conducts any business in California, you should be aware of the California Consumer Privacy Act (CCPA), a state law which places certain obligations on companies regarding consumer rights and data privacy. Even if your business is not based in California, the regulations apply to many companies who provide services to California residents. This means that any personal and commercial insurance client information for California-based clients or prospects, which is stored in your Agency Management System, is covered by the law and you need to know how to handle it from an operational perspective.
The CCPA grants California consumers the following rights:
- the right to be aware of any personal information collected about them - including how those details are used and shared. This impacts your company’s data security settings in your Agency Management System, since you must decide who has access to the data of California-resident clients and how to limit access within your business
- the right to demand the deletion of any personal data which has been collected on the consumers in question. You need a response plan within your record-keeping protocols for your Agency Management System in the event that a client contacts your MGA requesting their data be removed from your system
- the right to opt out of any sale of the clients’ personal information. This might not necessarily apply to traditional MGAs, but could apply to an Insurtech business which is developing partnerships with third-party providers of complementary services. Your Agency Management System needs to contain a mechanism to flag accounts which have opted out of the sale of their personal information, and should also store the disclosures to document the client’s requests.
- the right to non-discrimination based upon any exercise of their CCPA rights. For example, if a consumer opts out of the sale of their personal data, your company can’t proceed by refusing to offer them the same types of services which are offered to the remainder of your customers. This is why it is imperative for your business to have an AMS with an intuitive interface, which easily displays the most important factors for an account if or when you and your employees need to make quick decisions regarding your clients.
Businesses must comply with the CCPA if they have $25 million or more in annual revenue, possess the personal data of more than 50,000 consumers, or earn more than half of their annual revenue by selling the personal data of consumers.
If your company is planning on growing its operations or ramping up its business initiatives in California, you must have the proper tools in place to scale accordingly with your plans. An Agency Management System equipped with the right functions will assist you with your CCPA compliance, protecting you from regulatory fines and damage to your reputation due to issues with client data privacy.
For more information about BindHQ, the industry’s leading cloud-hosted Agency Management System, built in consideration of your compliance and reporting needs, please contact us at firstname.lastname@example.org.