NJ S2956

Bill

Exempts certain personal information and entities from certain requirments concerning notification and disclosure of personal data.

Introduced
01/13/2026

In Committee
01/13/2026

Crossed Over

Passed
01/13/2026

Dead

Signed/Enacted/Adopted
01/13/2026

Introduced Session

2026-2027 Regular Session

Bill Summary

This bill exempts insurance-support organizations and national securities associations from provisions of current law that require certain entities to notify consumers of collection and disclosure of personal data. Under current law, insurance institutions and other entities are exempt from those requirements. The bill exempts certain data from disclosure requirements under current law, including: (1) information treated like protected health information collected, used, or disclosed by a covered entity or business associate under the "Health Insurance Portability and Accountability Act of 1996" (HIPAA), when the information is used or disclosed in accordance with HIPAA and the information is afforded all the privacy protections and security safeguards of the federal laws and implementing regulations under HIPAA; and (2) human subjects research conducted in accordance with good clinical practice guidelines issued by The International Council for Harmonisation of Technical Requirements for Pharmaceuticals for Human Use. Finally, the bill expands the definition of de-identified data under current law to include data de-identified in accordance with the requirements in HIPAA, where any recipients of that data are contractually prohibited from attempting to reidentify the data.

AI Summary

This bill exempts certain insurance-support organizations and national securities associations from requirements to notify consumers about the collection and disclosure of their personal data, aligning them with existing exemptions for insurance institutions. It also clarifies that certain health information protected under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), when used in accordance with HIPAA's privacy and security rules, is exempt from these notification and disclosure requirements. Additionally, the bill exempts human subjects research conducted according to specific international clinical practice guidelines from these requirements. Finally, it expands the definition of "de-identified data" to include data that meets HIPAA's de-identification standards and where recipients are contractually prohibited from re-identifying it.

Committee Categories

Business and Industry

Sponsors (1)

Raj Mukherji (D)*,

Last Action

Withdrawn Because Approved P.L.2025, c.367. (on 01/13/2026)

Official Document

https://www.njleg.state.nj.us/bill-search/2026/S2956

(2 Companion Bills)

Version:

Document Type	Source Location
State Bill Page	https://www.njleg.state.nj.us/bill-search/2026/S2956
BillText	https://pub.njleg.gov/Bills/2026/S3000/2956_I1.HTM

Bill	Bill Name	Last Action	Type
A5017	Exempts certain personal information and entities from certain requirements concerning notification and disclosure of personal data.	Approved P.L.2025, c.367.	Carry Over
S4259	Exempts certain personal information and entities from certain requirements concerning notification and disclosure of personal data.	Substituted by A5017 (3R)	Carry Over

Bill > S2956

summary

Introduced Session

Bill Summary

AI Summary

Committee Categories

Sponsors (1)

Last Action

Official Document

bill text

bill summary

bill summary

bill summary