summary
Introduced
01/23/2026
01/23/2026
In Committee
02/20/2026
02/20/2026
Crossed Over
Passed
Dead
Introduced Session
2026 Regular Session
Bill Summary
Prohibits government entities from making personal information publicly accessible through a publicly accessible information system or publicly accessible source of information, except under certain conditions. Allows individuals who reasonably believe their personal information is publicly accessible through a government entity's publicly accessible information system or publicly accessible source of information to submit a written notice to the entity to require corrective action. Establishes a cause of action to compel compliance. Establishes statutory penalties for intentional noncompliance. Requires government entities to adopt and implement policies and procedures to prevent personal information from being publicly accessible. Requires government entities that own, license, maintain, use, collect, or possess personal information to implement and maintain certain reasonable security procedures and practices to protect the personal information. Requires government entities to provide notice to individuals in the case of a breach of a security system protecting personal information. Requires government entities to submit an annual report to the Legislature. Effective 1/1/2525. (SD1)
AI Summary
This bill prohibits government entities from making personal information, which includes names combined with sensitive data like social security numbers, driver's license numbers, medical information, or financial account details, publicly accessible through systems like websites or searchable databases, unless a specific law requires it. Individuals who believe their personal information is improperly public can notify the government entity, which then has a limited time to correct the issue by removing or obscuring the data. If a government entity intentionally fails to comply, individuals can sue to force compliance and may be awarded damages and legal fees. The bill also mandates that government entities implement policies and security measures to protect personal information, notify individuals of data breaches, and submit annual reports to the Legislature on their compliance, with these provisions taking effect on January 1, 2525.
Committee Categories
Government Affairs, Justice
Sponsors (8)
Stanley Chang (D)*,
Rachele Fernandez Lamosao (D)*,
Troy Hashimoto (D)*,
Chris Lee (D)*,
Angus McKelvey (D)*,
Sharon Moriwaki (D)*,
Tim Richards (D)*,
Joy San Buenaventura (D)*,
Last Action
Report adopted; Passed Second Reading, as amended (SD 1) and referred to JDC. (on 02/20/2026)
Official Document
bill text
bill summary
Loading...
bill summary
Loading...
bill summary
| Document Type | Source Location |
|---|---|
| State Bill Page | https://www.capitol.hawaii.gov/session/measure_indiv.aspx?billtype=SB&billnumber=3015&year=2026 |
| BillText | https://www.capitol.hawaii.gov/sessions/session2026/bills/SB3015_SD1_.HTM |
| Committee Report SB3015_SD1_SSCR2676_ | https://www.capitol.hawaii.gov/sessions/session2026/CommReports/SB3015_SD1_SSCR2676_.pdf |
| SB3015_TESTIMONY_GVO_02-05-26_ | https://www.capitol.hawaii.gov/sessions/session2026/Testimony/SB3015_TESTIMONY_GVO_02-05-26_.PDF |
| BillText | https://www.capitol.hawaii.gov/sessions/session2026/bills/SB3015_.HTM |
Loading...