The Texas Department of Insurance (TDI) takes seriously cybersecurity incidents that may affect consumers or the insurance industry. In addition, the Texas Business and Commerce Code Chapter 521 sets out a business duty to protect sensitive personal information and provides some definitions of information that TDI is concerned about. Federal law also provides standards that might be applicable to some insurance companies.
Domestic insurance companies and HMOs
A domestic insurance company or HMO should contact FinancialAnalysis@tdi.texas.gov if the company or HMO experiences or discovers an unauthorized acquisition, release, or use of personal information or sensitive company information.
After TDI is notified, TDI may request information about the incident under its examination authority. Information will be held confidential under applicable statutes.
All other regulated entities and individuals
All others can send breach notices to CyberReporting@tdi.texas.govCyberReporting@tdi.texas.gov.
Questions about this bulletin should be directed to FinancialAnalysis@tdi.texas.gov.
Note: This bulletin updates contact email addresses from Commissioner’s Bulletin # B-0022-16.