Wisconsin Privacy Laws

Breach Notification

Mandated Timeframe

Within 45 days

Fines & Penalties

Violations

May be evidence of negligence

REGULATION LEVELS

Breach Reporting Consumer Notifcations
Vendor Management Vendor Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Breach Notification

Mandated Timeframe

Within 45 days

Fines & Penalties

Violations

May be evidence of negligence

REGULATION LEVELS

Breach
Reporting
Consumer
Notifications
Vendor
Management
Vendor
Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Breach Notification

Mandated Timeframe

Within 45 days

Fines & Penalties

Violations

May be evidence of negligence

REGULATION LEVELS

Breach
Reporting
Consumer
Notifications
Vendor
Management
Vendor
Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Quick Facts

Wisconsin Privacy Law Information

  • Breach Reporting

    If notification is required to more than 1,000 individuals, it must also be reported, without unreasonable delay, but within 45 days, to the consumer reporting agencies with specific information. Entities whose principal place of business is not located in Wisconsin and handles Wisconsin residents’ personal information are subject to Wisconsin’s breach notification law.

  • Consumer Notification

    If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.

  • Vendor/Third Parties

    A vendor discovering a breach or suspected breach must notify the organization. The organization is responsible for reporting to regulator and consumer notification.

  • Industry Specific Laws

    Wisconsin passed the Insurance Data Security Law, which includes requirements for insurance licensees to protect personal information and investigate and respond to data breaches. Effective November 1, 2021, licensees must comply with the breach notification requirements, including Commissioner notification within 3 business days.

  • Fines & Penalties

    Failure to give notice as required may be evidence of negligence or a breach of a legal duty to comply. Organizations may be fined or penalized for Vendor violations. Any party to a data breach that results in a violation may be charged with and convicted of the violation although he or she did not directly commit it and even if the person who directly committed it has not been convicted of the violation.

Wisconsin

Statutes and Laws

WISC. STAT. § 134.74

Nondisclosure of information on receipts

WISC. STAT. § 134.97

Disposal of records containing personal information

WISC. STAT. § 134.98

Notice of unauthorized acquisition of personal information

WISC. STAT. § 134.99

Parties to a violation

WISC. STAT. §§ 601.951 – 601-956

Insurance Data Security