(A) Documents, materials, or other information in the control or possession of the department that are furnished by a licensee or an employee or agent acting on behalf of a licensee, or obtained by the director in an investigation or examination are confidential by law and privileged, are not subject to disclosure under the Freedom of Information Act, and are not subject to subpoena or discovery in a private or civil action; and are not admissible as evidence in a private or civil action. However, the director is authorized to use the documents, materials, or other information in the furtherance of a regulatory or legal action brought as a part of the director's duties.
(B) The director or a person who received documents, materials, or other information while acting under the authority of the director may not be permitted or required to testify in a private civil action concerning confidential documents, materials, or information.
(C) To assist in the performance of his duties, the director may:
(1) share documents, materials, or other information, including confidential and privileged documents, materials, or information, with other state, federal, and international regulatory agencies the National Association of Insurance Commissioners, its affiliates or subsidiaries, and state, federal, and international law enforcement authorities, provided that the recipient agrees in writing to maintain the confidentiality and privileged status of the documents, materials, or other information;
(2) receive documents, materials, or information, including otherwise confidential and privileged documents, materials, or information, from the National Association of Insurance Commissioners, its affiliates or subsidiaries and from regulatory and law enforcement officials of other foreign or domestic jurisdictions, and maintain as confidential or privileged any document, material, or information received with notice or the understanding that it is confidential or privileged under the laws of the jurisdiction that is the source of the document, material, or information;
(3) share documents, materials, or other information with a third-party consultant or vendor, provided the consultant agrees in writing to maintain the confidentiality and privileged status of the document, material, or other information; and
(4) enter into an agreement governing the sharing and use of information consistent with this subsection.
(D) No waiver of any applicable privilege or claim of confidentiality in the documents, materials, or information may occur from disclosure to the director under this section or sharing as authorized under this chapter.
(E) Nothing in this chapter prohibits the director from releasing final, adjudicated actions that are open to public inspection to a database or other clearinghouse service maintained by the National Association of Insurance Commissioners, its affiliates, or subsidiaries.
HISTORY: 2018 Act No. 171 (H.4655), Section 3, eff January 1, 2019.
Editor's Note
2018 Act No. 171, Sections 1 and 2, provide as follows:
"SECTION 1. The purpose and intent of this act is to establish standards for data security and standards for the investigation of and notification to the director of a cybersecurity event applicable to licensees. This act may not be construed to create or imply a private cause of action for a violation of its provisions nor may it be construed to curtail a private cause of action which would otherwise exist in the absence of this act.
"SECTION 2. This act is known and may be cited as the 'South Carolina Insurance Data Security Act'."