Skip to Top Main Navigation Skip to Left Navigation Skip to Content Area Skip to Footer
Texas Department of Insurance
Topics:   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

Commissioner’s Bulletin # B-0009-23

July 18, 2023

To:   All TDI-regulated entities and individuals

Re:   Reporting of cybersecurity incidents

The Texas Department of Insurance (TDI) takes seriously cybersecurity incidents that may affect consumers or the insurance industry. In addition, the Texas Business and Commerce Code Chapter 521 sets out a business duty to protect sensitive personal information and provides some definitions of information that TDI is concerned about. Federal law also provides standards that might be applicable to some insurance companies.

Domestic insurance companies and HMOs

A domestic insurance company or HMO should contact if the company or HMO experiences or discovers an unauthorized acquisition, release, or use of personal information or sensitive company information.

After TDI is notified, TDI may request information about the incident under its examination authority. Information will be held confidential under applicable statutes.

All other regulated entities and individuals 

All others can send breach notices to


Questions about this bulletin should be directed to


Note: This bulletin updates contact email addresses from Commissioner’s Bulletin # B-0022-16.

For more information, contact:

Last updated: 6/10/2024