(a) “Authorized individual” means an individual known to and screened by the licensee and determined to be necessary and appropriate to have access to the nonpublic information held by the licensee and its information systems.
(b) “Commissioner” means the Commissioner of Insurance.
(c) “Consumer” means an individual, including, but not limited to, applicants, policyholders, insureds, beneficiaries, claimants and certificate holders, who is a resident of this state and whose nonpublic information is in a licensee’s possession, custody or control.
(d) “Cybersecurity event” means an event resulting in unauthorized access to, disruption or misuse of, an information system or nonpublic information stored on such information system. The term “cybersecurity event” does not include the unauthorized acquisition of encrypted nonpublic information if the encryption, process or key is not also acquired, released or used without authorization. “Cybersecurity event” does not include an event with regard to which the licensee has determined that the nonpublic information accessed by an unauthorized person has not been used or released and has been returned or destroyed.
(e) “Department” means the Mississippi Insurance Department.
(f) “Encrypted” means the transformation of data into a form which results in a low probability of assigning meaning without the use of a protective process or key.
(g) “Information security program” means the administrative, technical and physical safeguards that a licensee uses to access, collect, distribute, process, protect, store, use, transmit, dispose of or otherwise handle nonpublic information.
(h) “Information system” means a discrete set of electronic information resources organized for the collection, processing, maintenance, use, sharing, dissemination or disposition of electronic nonpublic information, as well as any specialized system such as industrial/process controls systems, telephone switching and private branch exchange systems, and environmental control systems.
(i) “Licensee” means any person licensed, authorized to operate, or registered, or required to be licensed, authorized or registered pursuant to the insurance laws of this state, but shall not include a purchasing group or a risk-retention group chartered and licensed in a state other than this state or a person who is acting as an assuming insurer that is domiciled in another state or jurisdiction.
(j) “Multi-factor authentication” means authentication through verification of at least two (2) of the following types of authentication factors:
(i) Knowledge factors, such as a password;
(ii) Possession factors, such as a token or text message on a mobile phone; or
(iii) Inherence factors, such as a biometric characteristic.
(k) “Nonpublic information” means electronic information that is not publicly available information and is:
(i) Any information concerning a consumer which because of name, number, personal mark or other identifier can be used to identify such consumer, in combination with any one or more of the following data elements:
1. Social security number;
2. Driver’s license number or nondriver identification card number;
3. Financial account number, credit or debit card number;
4. Any security code, access code or password that would permit access to a consumer’s financial account; or
5. Biometric records;
(ii) Any information or data, except age or gender, in any form or medium created by or derived from a health care provider or a consumer, that can be used to identify a particular consumer, and that relates to:
1. The past, present or future physical, mental or behavioral health or condition of any consumer or a member of the consumer’s family;
2. The provision of health care to any consumer; or
3. Payment for the provision of health care to any consumer.
(l) “Person” means any individual or any nongovernmental entity, including, but not limited to, any nongovernmental partnership, corporation, branch, agency or association.
(m) “Publicly available information” means any information that a licensee has a reasonable basis to believe is lawfully made available to the general public from: federal, state or local government records; widely distributed media; or disclosures to the general public that are required to be made by federal, state or local law. For the purposes of this definition, a licensee has a reasonable basis to believe that information is lawfully made available to the general public if the licensee has taken steps to determine:
(i) That the information is of the type that is available to the general public; and
(ii) Whether a consumer can direct that the information not be made available to the general public and, if so, that such consumer has not done so.
(n) “Risk assessment” means the risk assessment that each licensee is required to conduct under Section 83-5-807(3).
(o) “State” means the State of Mississippi.
(p) “Third-party service provider” means a person, not otherwise defined as a licensee, who contracts with a licensee to maintain, process, store or otherwise is permitted access to nonpublic information through its provision of services to the licensee.
Copyright ©2024 LegalFix. All rights reserved. LegalFix is not a law firm, is not licensed to practice law, and does not provide legal advice, services, or representation. The information on this website is an overview of the legal plans you can purchase—or that may be provided by your employer as an employee benefit or by your credit union or other membership group as a membership benefit.
LegalFix provides its members with easy access to affordable legal services through a network of independent law firms. LegalFix, its corporate entity, and its officers, directors, employees, agents, and contractors do not provide legal advice, services, or representation—directly or indirectly.
The articles and information on the site are not legal advice and should not be relied upon—they are for information purposes only. You should become a LegalFix member to get legal services from one of our network law firms.
You should not disclose confidential or potentially incriminating information to LegalFix—you should only communicate such information to your network law firm.
The benefits and legal services described in the LegalFix legal plans are not always available in all states or with all plans. See the legal plan Benefit Overview and the more comprehensive legal plan contract during checkout for coverage details in your state.
Use of this website, the purchase of legal plans, and access to the LegalFix networks of law firms are subject to the LegalFix Terms of Service and Privacy Policy.