Perhaps prompted by revelations that one or more Connecticut-based insurers failed to notify individuals or report known data security incidents or breaches until weeks, or even months, after the data had been lost or stolen, the state's Insurance Commissioner has issued stringent new reporting obligations applicable to all entities regulated by the Connecticut Department of Insurance (CDI), including, for example, insurers, agents, brokers, adjusters, health maintenance organizations, preferred provider networks, discount health plans and certain consultants and utilization review companie