In April, PIA sent a letter to Representatives Brett Guthrie (R-KY) and John Joyce (R-PA), the chairman and vice-chairman of the House Energy and Commerce Committee, in response to their Request for Information (RFI) to explore the development of a federal data privacy and security framework. Earlier this year, the two established a Data Privacy Working Group within the House Energy and Commerce Committee, and the RFI invited members of the public to share their insights with the Working Group as it considers the development of a federal data privacy and security framework.

The RFI was wide-ranging, seeking recommendations as to how best to define consumer data classified as “personal information” and “sensitive personal information”; how to adequately protect each category of data; what disclosures or privacy notices, if any, should be required of entities using such data; how a federal framework should handle the use of artificial intelligence (AI); how a federal framework should interact with existing state and federal laws and regulations governing consumer data privacy and security; and how the enforcement of a federal framework could operate to maximize compliance and accountability.

PIA reiterated its position that the states serve as the primary regulators of the insurance industry. In keeping with longstanding practice, codified more than 75 years ago in the McCarran-Ferguson Act, Congress delegated the regulation of the insurance industry to the states and unencumbered itself from supervision of the industry.

Click here to send a message to members of the House Committee on Energy and Commerce urging them to exempt the business of insurance from any federal data privacy framework.