Eric Goldberg, AIA assistant general counsel, said the episodes "individually and collectively cast a spotlight" on the issues for insurers.

"Insurance companies take the privacy of consumers very seriously and have procedures in place to ensure that insurance companies report information to consumer reporting agencies, such as ChoicePoint, in strict compliance with the Fair Credit Reporting Act," Mr. Goldberg said.

"Any other government regulation under consideration needs to be balanced to address legitimate privacy concerns while not creating unintended consequences for business."

Mr. Goldberg said the crux of the issue is that no one law or government authority oversees the commercial collection and distribution of such diverse personal information that is used by so many different industries.

"There is also an inconsistent degree of privacy protection among the state laws. Regardless, the ultimate solution to these problems is to improve security measures that protect consumer data," he noted.

Mr. Goldberg made his comments Thursday against the background of a hearing on the issue by the Senate Banking Committee and disclosure of a severe security breach at ChoicePoint that is raising insurers' concerns that Congress and the states may act to improve security in a way that raises costs and adds regulatory burden.

Mr. Goldberg said that several states have introduced regulatory bulletins and/or legislation regarding disclosure of private information that would require a business to notify a consumer of the unauthorized use of that consumer's personal identifying information.

California passed a similar bill in 2002 but is considering amending the statute to include an additional requirement of free access to credit reports for one year following a security breach, Mr. Goldberg said.

He noted that Congress will examine this issue in the coming months with several bills having already been introduced and several committees besides the Senate Banking Committee having scheduled hearings on the subject.

"The specific security breach at ChoicePoint raises concerns for insurers about the validity of information that it receives from the company collecting and maintaining the data," Mr. Goldberg said.

"It is critical that any information supplied by ChoicePoint to insurers, or any other business interest for that matter, be secure and accurate," he explained. "Having access to the objective data supplied by ChoicePoint helps insurers make more accurate underwriting and rating decisions, which in turn helps consumers receive the most fair and accurate pricing for their insurance products."