Rhode Island passed a bill requiring mortgage lenders, brokers, originators, processors and underwriters who are independent contractors, and 3rd-Party servicers licensed under the Rhode Island General Laws Licensed Activities Act to maintain a comprehensive information security program. Under the bill, mortgage lenders, brokers, originators, processors and underwriters who are independent contractors, and 3rd-Party servicers licensed under the Rhode Island General Laws Licensed Activities Act must develop a comprehensive information security program that:
- Ensures the security and confidentiality of customer information;
- Protects against any anticipated threats or hazards to the security or integrity of such information; and
- Protects against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer.
The bill also requires mortgage lenders, brokers, originators, processors and underwriters who are independent contractors, and 3rd-Party servicers licensed under the Rhode Island General Laws Licensed Activities Act to notify the Director (or Director’s designee) if a “notification event” involves the nonpublic personal information of at least 500 customers. “Notification event” means the acquisition of unencrypted customer information without the authorization of the individual to which the information pertains. The bill provides an exemption to certain requirements with respect to the information security program for mortgage lenders, brokers, originators, processors and underwriters who are independent contractors, and 3rd-Party servicers licensed under the Rhode Island General Laws Licensed Activities Act that maintain customer information concerning 500 or fewer customers. The bill went into effect July 2, 2025.
Click to view the Rhode Island House Bill 5415: https://www.tenaco.com/wp-content/uploads/2025/08/RI-HB-5415-07-07-25.pdf
