|Date:||December 4, 2006|
|To:||All Wisconsin-Licensed Insurers, Gift Annuities, Warranty Plans, Motor Clubs and Employee Benefit Plan Administrators|
|From:||Jorge Gomez, Commissioner of Insurance|
|Subject:||Information Security Incidents|
In order to better serve Wisconsin insurance consumers, the Office requests that all Wisconsin-licensed insurers, gift annuities, warranty plans, motor clubs and employee benefit plan administrators notify the Office of any unauthorized access to personal information of Wisconsin residents as soon as practicable, but no later than 10 days after it has become aware of such unauthorized access. For the purposes of this request the Office defines "personal information" as defined by s. 895.507 (1) (b), Stats., as follows:
An individual's last name and the individual's first name or first initial, in combination with and linked to any of the following elements, if the element is not publicly available information and is not encrypted, redacted, or altered in a manner that renders the element unreadable:
- The individual's social security number.
- The individual's driver's license number or state identification number.
- The number of the individual's financial account number, including a credit or debit card account number, or any security code, access code, or password that would permit access to the individual's financial account.
- The individual's deoxyribonucleic acid profile, as defined in s. 939.74 (2d) (a).
- The individual's unique biometric data, including fingerprint, voice print, retina or iris image, or any other unique physical representation.
Any questions concerning this request and all notifications of unauthorized access to personal information should be sent to:
Cari Lee, Director Bureau of Market Regulation
(contact information updated October 5, 2015)