A. Except as provided in subsections E and F of this section, an insurance compliance audit document is privileged information and is not discoverable or admissible as evidence in any legal action in any civil or administrative proceeding other than a regulatory or legal action brought as part of the director’s duties. This privilege is a matter of substantive law of this state and is not merely a procedural matter governing civil proceedings in the courts of this state. The following provisions apply to the privilege:

1. If any company, person or entity performs or directs the performance of an insurance compliance audit, an officer, employee or agent involved with the insurance compliance audit or any consultant who is hired for the purpose of performing the insurance compliance audit may not be examined in any civil or administrative proceeding as to the insurance compliance audit or any insurance compliance audit document.

2. In connection with examinations conducted under this title, an insurer may submit an insurance compliance audit document to the director or the director’s designee as a confidential document without waiving the privilege set forth under this subsection to which the insurer would otherwise be entitled. Any insurance compliance audit document furnished to the director may not be provided by the director to any other person or entity and shall be accorded the same privilege provided under this subsection.

3. If an insurer submits an insurance compliance audit document to the director, the document remains confidential and privileged and:

(a) Is subject to all applicable statutory or common law privileges, including the insurance compliance audit privilege, the work product doctrine, the attorney-client privilege or the subsequent remedial measures exclusion.

(b) Is not subject to any further disclosure or production.

(c) Is not subject to Title 39, Chapter 1, Article 2, not subject to subpoena and not subject to discovery or admissible in a private administrative proceeding or in a private civil action, other than in an administrative proceeding conducted by the director.

4. Disclosure of an insurance compliance audit document to a governmental agency, whether voluntary or pursuant to compulsion of law, does not constitute a waiver of the privilege set forth under this subsection with respect to any other person or governmental agency.

5. The director may obtain insurance compliance audit documents at any time. The director may use the insurance compliance audit documents in the furtherance of any regulatory or legal action brought as part of the director’s duties. The insurer shall comply with any compliance dates set by the director with respect to the insurance compliance audit. Notwithstanding any other law, the director shall provide an insurer with copies of all documents that the director believes support a violation of this title or that justify any regulatory or other action against the insurer. A disclosure pursuant to this paragraph is not a waiver of any applicable privilege or claim of confidentiality in the disclosed documents.

6. In order to facilitate identification, audit documents produced as a result of an insurance compliance audit shall be labeled "compliance report: privileged document".

7. A person who conducts or participates in the preparation of an insurance compliance audit and who has observed physical events may testify regarding those events, but may not be compelled to testify or produce documents related to any privileged part of the insurance compliance audit or any insurance compliance audit document.

8. The insurance compliance audit does not prevent the discovery of a document or other evidence, otherwise discoverable, that is maintained by an insurer and that was not developed for the insurance compliance audit pursuant to this article.

B. The privilege described in this article does not apply to:

1. A document, communication, data or report or other information required by the department or other regulatory agency to be collected, developed, maintained or reported under applicable law.

2. Information obtained by observation, sampling or monitoring by the department or other regulatory agency.

3. Information obtained from a source not involved in the preparation of the insurance compliance audit report.

4. Documents, communications, data, spreadsheets, reports, memoranda, drawings, photographs, exhibits, computer records, maps, charts, graphs, recordings and surveys kept or prepared in the ordinary course of business.

C. If an insurance compliance audit document is obtained, reviewed or used in a criminal proceeding, the privilege described in this article is not waived or eliminated for any other purpose.

D. This article does not provide civil or criminal immunity to an organization or affect any other privilege that may be available by law.

E. The privilege set forth under subsection A of this section does not apply under the following circumstances:

1. To the extent that it is expressly waived by the insurer that prepared or caused to be prepared the insurance compliance audit document.

2. If, after an in camera review, a court of record in a civil or administrative proceeding other than in a regulatory or legal action brought as part of the director’s duties determines one of the following:

(a) The privilege is asserted for a fraudulent purpose.

(b) The document is not subject to the privilege.

(c) The privileged document shows evidence of noncompliance with applicable state or federal laws, rules, regulations or orders of the department and the insurer, person or entity fails to undertake corrective action or eliminate the noncompliance within the compliance date set by the director.

F. Within sixty days after an insurer is served a written request by certified mail for disclosure of an insurance compliance audit document, the insurer may file with the appropriate court a petition requesting a hearing on whether the insurance compliance audit document or portions of the document are privileged under this section or subject to disclosure. The court shall conduct an in camera review of the insurance compliance audit document and shall determine whether all or a portion of the insurance compliance audit document is privileged or subject to disclosure. The insurer’s failure to file a petition for a hearing does not waive the privilege in connection with any other request for disclosure of the insurance compliance audit document. If an insurer files a petition for an in camera hearing pursuant to this subsection, the following apply:

1. The petition shall include all of the information set forth in paragraph 3 of this subsection.

2. After conducting an in camera review, the court may require disclosure of all or a portion of the insurance compliance audit document if the court determines, based on its in camera review, that any one of the conditions set forth in subsection E, paragraph 2 of this section applies. On making this determination, the court may only compel the disclosure of those portions of an insurance compliance audit document that are relevant to issues in dispute in the underlying proceeding. Any compelled disclosure will not be considered to be a public document or be deemed to be a waiver of the privilege for any other civil or administrative proceeding. An insurer unsuccessfully opposing disclosure may apply to the court for an appropriate order protecting the document from further disclosure.

3. At the time of filing a request for a hearing, the insurer shall provide all of the following information:

(a) The date of the insurance compliance audit document.

(b) The identity of the entity conducting the insurance compliance audit.

(c) The general nature of the activities covered by the insurance compliance audit.

(d) An identification of the portions of the insurance compliance audit document for which the privilege is being asserted.

G. An insurer asserting the insurance compliance privilege set forth under subsection A of this section has the burden of demonstrating the applicability of the privilege. Once an insurer has established the applicability of the privilege, the party seeking disclosure has the burden of proving the inapplicability of the privilege.

H. At any time, the parties to a civil or administrative proceeding other than a regulatory or legal action brought as a part of the director’s duties may stipulate to entry of an order directing that specific information contained in an insurance compliance audit document is or is not subject to the privilege provided under subsection A of this section. The stipulation may be limited to the instant proceeding and, absent specific language to the contrary, is not applicable to any other proceeding.

I. This section or the release of any insurance compliance audit document under this section does not limit, waive or abrogate the scope or nature of any statutory or common law privilege including the work product doctrine, the attorney-client privilege or the subsequent remedial measures exclusion.

J. This article does not limit the director’s authority under sections 20-156, 20-157, 20-157.01, 20-160 and 20-466.