Skip to Content

Private Insurance Data Requirements in Wisconsin

< Return to Private Insurance Data Requirements

        Wisconsin regulates private insurance data and has set standards to protect enrollees’ rights and privacy.   Insurers must provide a clear and conspicuous notice outlining their privacy policies regarding nonpublic personal financial information to customers.1  The privacy notice must include information about the types of information the insurer collects and the third parties to whom the insurer may disclose the information.2  The law also requires insurers to provide consumers notice of their right to opt-out of disclosure of nonpublic personal financial information to third parties.3  The law provides certain exceptions for the notice and opt-out requirements.4  Insurers are also prohibited from disclosing a consumer’s nonpublic health information unless the insurer obtains an authorization to disclose or the disclosure is for the performance of insurance functions.5  The regulations outline the requirements of an authorization and what must be included.6  Wisconsin also prohibits insurers from disclosing a consumer’s policy number or similar account code to any nonaffiliated third party for any type of marketing purposes.7

        While Wisconsin imposes extensive privacy and confidentiality requirements on private health insurers, health plans have reporting obligations under the law as well.  Insurers are required to retain records of consumer grievances for at least three years, and submit a grievance report to the Commissioner of Insurance annually.8  In addition, health plans must collect and turn over to the Department of Health Services, financial data, market conduct, quality indicators, and grievance data.9

 

Footnotes

  • 1. Wis. Admin. Code Ins. §25.10
  • 2. Wis. Admin. Code Ins. §25.15
  • 3. Wis. Admin. Code Ins. §25.17
  • 4. Wis. Admin. Code Ins. §25.50; Wis. Admin. Code Ins. §25.55; Wis. Admin. Code Ins. §25.60
  • 5. W.S.A. 610.70; Wis. Admin. Code Ins. §25.70
  • 6. Wis. Admin. Code Ins. §25.73
  • 7. Wis. Admin. Code Ins. §25.40
  • 8. Wis. Admin. Code Ins. §18.06
  • 9. Wis. Admin. Code DHS §120.16

 

Private Insurance Data Requirements in Wisconsin

Subtopic Statute/Regulation Description
Privacy notices required to be given to consumers (Cross reference to Privacy & Confidentiality) Annual privacy notice to customers required – Wis. Admin. Code Ins §25-13 An insurer must provide a clear and conspicuous notice outlining its privacy policies regarding nonpublic personal financial information to customers...
Authorizations – Wis. Admin. Code Ins §25-73 A valid authorization to disclose nonpublic health information can be either written or in electronic format.  The authorization must include...
Exception to notice and opt-out requirements for disclosure of personal financial information – Wis. Admin. Code Ins §25-55 Exception to notice and opt-out requirements for disclosure of nonpublic personal financial information for processing and servicing transactions The...
Exception to opt-out requirements for disclosure of nonpublic personal financial information for service providers and joint marketing – Wis. Admin. Code Ins §25-50 The opt-out requirements in Wis. Admin. Code §Ins. 25.17 do not apply when an insurer provides nonpublic personal financial information to any...
Form of opt out notice to consumers and opt out methods – Wis. Admin. Code Ins §25-17 If an insurer is required to provide an opt-out notice, it must do so with a clear and conspicuous notice to consumers.  The notice must include...
Information to be included in privacy notices – Wis. Admin. Code Ins §25-15 Information to be included in privacy notices This law states what information needs to be included in privacy notices that insurers are required to...
Initial privacy notice to consumers required – Wis. Admin. Code Ins §25-10 An insurer must provide a clear and conspicuous notice outlining its privacy policies regarding nonpublic personal financial information to customers...
Limits on re-disclosure and reuse of nonpublic personal financial information – Wis. Admin. Code Ins §25-35 If an insurer receives nonpublic personal financial information from an unaffiliated financial institution under an exception provided by law, the...
Limits on sharing account number information for marketing purposes – Wis. Admin. Code Ins §25-40 An insurer is not allowed to disclose directly or through an affiliate, a policy number or similar account code to any nonaffiliated third party for...
Nondiscrimination – Wis. Admin. Code Ins §25-90 An insurer may not discriminate against a consumer because the consumer has opted out of disclosure of his or her nonpublic personal financial...
Other exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information – Wis. Admin. Code Ins §25-60 Other exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information The notice requirement in Wis....
Revised Privacy Notices – Wis. Admin. Code Ins §25-20 An insurer may not disclose a consumer’s nonpublic personal financial information to a third party other than what is described in the initial...
When authorization required for disclosure of nonpublic personal health information – Wis. Admin. Code Ins §25-70 When Authorization Required for Disclosure of Non-Public Personal Health Information An insurer is not allowed to disclose a consumer's nonpublic...
Disclosure of information held by health plan, including notice requirements Disclosure of personal medical information – Wis. Stat. Ann. § 610.70 The law sets forth standards that any disclosure form to any insurer authorizing the disclosure of personal medical information must follow. ...
Disclosure of personal medical information – Wis. Stat. Ann. § 610.70 The law sets forth standards that any disclosure form to any insurer authorizing the disclosure of personal medical information must follow. ...
Health plan required reporting Quality assurance – Wis. Stat. Ann. § 609.32 Defined network plans must create quality assurance standards in order to identify and resolve issues relating care quality, access, and continuity....
Wis. Admin. Code DHS §120-16 – Data to be submitted by health care plans Health plans may voluntarily submit data directly to the Department of Health Services or must submit data to state agencies that forward the...
Grievance procedures Reporting requirements – Wis. Admin. Code Ins §18-06 Reporting Requirements An insurer must keep each record of a complaint or grievance submitted to the insurer for at least 3 years.  The law...
Wis. Admin. Code DHS §120-16 – Data to be submitted by health care plans Health plans may voluntarily submit data directly to the Department of Health Services or must submit data to state agencies that forward the...
Click on the individual state law in the table above to see our summary of the individual law.


Welcome to Health Information & the Law

Please provide the following information and continue to the site.

by Dr. Radut.