(a) To encourage insurance companies and persons conducting activities regulated under this title, both to conduct voluntary internal audits of their compliance programs and management systems and to assess and improve compliance with state and federal statutes, rules, and orders, an insurance compliance self-evaluative privilege is recognized to protect the confidentiality of communications relating to voluntary internal compliance audits. The General Assembly hereby finds and declares that protection of insurance consumers is enhanced by companies' voluntary compliance with this state's insurance and other laws and that the public will benefit from incentives to identify and remedy insurance and other compliance issues. It is further declared that limited expansion of the protection against disclosure will encourage voluntary compliance and improve insurance market conduct quality and that the voluntary provisions of this Code section will not inhibit the exercise of the regulatory authority by those entrusted with protecting insurance consumers.
(b) As used in this Code section, the term:
(1) "Insurance compliance audit" means a voluntary, internal evaluation, review, assessment, or audit not otherwise expressly required by law of an insurer or an activity regulated under this title, or other state or federal law applicable to an insurer, or of management systems related to the insurer or activity, that is designed to identify and prevent noncompliance and to improve compliance with those statutes, rules, or orders. An insurance compliance audit may be conducted by the insurer, its employees, or independent contractors.
(2) "Insurance compliance self-evaluative audit document" means any document prepared as a result of or in connection with and not prior to an insurance compliance audit. An insurance compliance self-evaluative audit document may include a written response to the findings of an insurance compliance audit. An insurance compliance self-evaluative audit document may include, but is not limited to, as applicable, field notes and records of observations, findings, opinions, suggestions, conclusions, drafts, memoranda, drawings, photographs, computer generated or electronically recorded information, phone records, maps, charts, graphs, and surveys, provided that this supporting information is collected or developed for the primary purpose and in the course of an insurance compliance audit. An insurance compliance self-evaluative audit document may also include any of the following:
(A) An insurance compliance audit report prepared by an auditor, who may be an employee of the insurer or an independent contractor, which may include the scope of the audit, the information gained in the audit, and conclusions and recommendations, with exhibits and appendices;
(B) Memoranda and documents analyzing portions or all of the insurance compliance audit report and discussing potential implementation issues;
(C) An implementation plan that addresses correcting past noncompliance, improving current compliance, and preventing future noncompliance; or
(D) Analytic data generated in the course of conducting the insurance compliance audit.
(c) (1) An insurance compliance self-evaluative audit document is privileged information and is not admissible as evidence in any legal action in any civil, criminal, or administrative proceeding, except as provided in subsections (d) and (e) of this Code section. Documents, communications, data, reports, or other information created as a result of a claim involving personal injury or workers' compensation made against an insurance policy are not insurance compliance self-evaluative audit documents and are admissible as evidence in civil proceedings as otherwise provided by applicable rules of evidence or civil procedure, subject to any applicable statutory or common law privilege, including, but not limited to, the work product doctrine, the attorney-client privilege, or the subsequent remedial measures exclusion.
(2) If any insurer, person, or entity performs or directs the performance of an insurance compliance audit, an officer or employee involved with the insurance compliance audit, or any consultant who is hired for the purpose of performing the insurance compliance audit, shall not be examined in any civil, criminal, or administrative proceeding as to the insurance compliance audit or any insurance compliance self-evaluative audit document, as defined in this Code section. This paragraph shall not apply if the privilege set forth in paragraph (1) of this subsection is determined under subsection (d) or (e) of this Code section not to apply.
(3) An insurer may voluntarily submit, in connection with examinations conducted under this Code section, an insurance compliance self-evaluative audit document to the Commissioner, or his or her designee, as a confidential document under subsection (g) of Code Section 33-2-14 without waiving the privilege set forth in this Code section to which the insurer would otherwise be entitled. However, the provision permitting the Commissioner to provide access to the National Association of Insurance Commissioners shall not apply to the insurance compliance self-evaluative audit document so voluntarily submitted. Nothing contained in this subsection shall give the Commissioner any authority to compel an insurer to disclose involuntarily or otherwise provide an insurance compliance self-evaluative audit document.
(d) (1) The privilege set forth in subsection (c) of this Code section shall not apply to the extent that it is expressly waived by the insurer that prepared or caused to be prepared the insurance compliance self-evaluative audit document.
(2) In a civil or administrative proceeding, a court of record may, after an in camera review, require disclosure of material for which the privilege set forth in subsection (c) of this Code section is asserted, if the court determines that:
(A) The privilege is asserted for a fraudulent purpose;
(B) The material is not subject to the privilege; or
(C) Even if subject to the privilege, the material shows evidence of noncompliance with state or federal statutes, rules, and orders and the insurer failed to undertake reasonable corrective action or eliminate the noncompliance within a reasonable time.
(3) In a criminal proceeding, a court of record may, after an in camera review, require disclosure of material for which the privilege described in subsection (c) of this Code section is asserted, if the court determines that:
(A) The privilege is asserted for a fraudulent purpose;
(B) The material is not subject to the privilege;
(C) Even if subject to the privilege, the material shows evidence of noncompliance with state or federal statutes, rules, and orders and the insurer failed to undertake reasonable corrective action or eliminate such noncompliance within a reasonable time; or
(D) The material contains evidence relevant to the commission of a criminal offense under this title and:
(i) The Commissioner has a compelling need for the information;
(ii) The information is not otherwise available; and
(iii) The Commissioner is unable to obtain the substantial equivalent of the information by any means without incurring unreasonable cost and delay.
(e) (1) Within 30 days after the Commissioner makes a written request by certified mail for disclosure of an insurance compliance self-evaluative audit document under this subsection, the insurer that prepared or caused the document to be prepared may file with the appropriate court a petition requesting an in camera hearing on whether the insurance compliance self-evaluative audit document or portions of the document are privileged under this Code section or subject to disclosure. The court has jurisdiction over a petition filed by an insurer under this subsection requesting an in camera hearing on whether the insurance compliance self-evaluative audit document or portions of the document are privileged or subject to disclosure. Failure by the insurer to file a petition waives the privilege.
(2) An insurer asserting the insurance compliance self-evaluative privilege in response to a request for disclosure under this subsection shall include in its petition for an in camera hearing all of the information set forth in paragraph (5) of this subsection.
(3) Upon the filing of a petition under this subsection, the court shall issue an order scheduling, within 45 days after the filing of the petition, an in camera hearing to determine whether the insurance compliance self-evaluative audit document or portions of the document are privileged under this Code section or subject to disclosure.
(4) The court, after an in camera review, may require disclosure of material for which the privilege in subsection (c) of this Code section is asserted if the court determines, based upon its in camera review, that any one of the conditions set forth in paragraph (2) of subsection (d) of this Code section is applicable as to a civil or administrative proceeding or that any one of the conditions set forth in paragraph (3) of subsection (d) of this Code section is applicable as to a criminal proceeding. Upon making such a determination, the court may only compel the disclosure of those portions of an insurance compliance self-evaluative audit document relevant to issues in dispute in the underlying proceeding. Any compelled disclosure will not be considered to be a public document or be deemed to be a waiver of the privilege for any other civil, criminal, or administrative proceeding. A party unsuccessfully opposing disclosure may apply to the court for an appropriate order protecting the document from further disclosure.
(5) An insurer asserting the insurance compliance self-evaluative privilege in response to a request for disclosure under this subsection shall provide to the Commissioner at the time of filing any objection to the disclosure:
(A) The date of the insurance compliance self-evaluative audit document;
(B) The identity of the entity conducting the audit;
(C) The general nature of the activities covered by the insurance compliance audit; and
(D) An identification of the portions of the insurance compliance self-evaluative audit document for which the privilege is being asserted.
(f) (1) An insurer asserting the insurance compliance self-evaluative privilege set forth in subsection (c) of this Code section has the burden of demonstrating the applicability of the privilege. Once an insurer has established the applicability of the privilege, a party seeking disclosure under paragraph (2) or (3) of subsection (d) of this Code section has the burden of proving that the privilege is asserted for a fraudulent purpose or that the insurer failed to undertake reasonable corrective action or eliminate the noncompliance within a reasonable time. The Commissioner, in seeking disclosure under paragraph (3) of subsection (d) of this Code section, has the burden of proving the elements set forth in paragraph (3) of subsection (d) of this Code section.
(2) The parties may at any time stipulate in proceedings under subsection (d) or (e) of this Code section to entry of an order directing that specific information contained in an insurance compliance self-evaluative audit document is or is not subject to the privilege provided under subsection (c) of this Code section.
(g) The privilege set forth in subsection (c) of this Code section shall not extend to:
(1) Documents, communications, data, reports, or other information required to be collected, developed, maintained, reported, or otherwise made available to a regulatory agency pursuant to this title or other federal or state law, rule, or order;
(2) Information obtained by observation or monitoring by any regulatory agency; or
(3) Information obtained from a source independent of the insurance compliance audit.
(h) Nothing in this Code section shall limit, waive, or abrogate the scope or nature of any statutory or common law privilege including, but not limited to, the work product doctrine, the attorney-client privilege, or the subsequent remedial measures exclusion.
(i) This Code section shall apply to self-evaluative audits completed before June 30, 2018, but shall not apply to any such audits completed on or after July 1, 2018, unless authorized by the General Assembly prior to that date.
Section: Previous 33-2-21 33-2-22 33-2-23 33-2-24 33-2-25 33-2-26 33-2-27 33-2-28 33-2-29 33-2-30 33-2-31 33-2-32 33-2-33 33-2-34Last modified: October 14, 2016