§487N-5 Information privacy and security council; established; duties; reports. (a) There is established an information privacy and security council within the department of accounting and general services for administrative purposes only. Members of the council shall be appointed no later than September 1, 2008, by the governor without regard to section 26-34 and shall be composed of the following representatives:
(1) Executive agencies that maintain extensive personal information in the conduct of their duties, including the department of commerce and consumer affairs, the department of education, the department of health, the department of human resources development, the department of human services, and the University of Hawaii, to be selected by the governor;
(2) The legislature, to be selected by the president of the senate and the speaker of the house of representatives;
(3) The judiciary, to be selected by the chief justice of the Hawaii supreme court; and
(4) The four counties, to be selected by the mayor of each county; provided that the mayor of each county shall determine the extent to which the county may or may not participate.
The chief information officer or the chief information officer's designee shall serve as chair of the council.
(b) By January 1, 2009, the council shall submit to the legislature a report of the council's assessment and recommendations on initiatives to mitigate the negative impacts of identity theft incidents on individuals. The report shall emphasize assessing the merits of identity theft passport and identity theft registry initiatives that have been implemented in other states.
(c) No later than June 30, 2009, the council shall develop guidelines to be considered by government agencies in deciding whether, how, and when a government agency shall inform affected individuals of the loss, disclosure, or security breach of personal information that can contribute to identify theft. The guidelines shall provide a standardized, risk-based notification process in the instance of a security breach.
(d) The council shall review the individual annual reports submitted by government agencies, pursuant to section 487N-7 and submit a summary report to the legislature no later than twenty days prior to the convening of the regular session of 2010 and each year thereafter. The summary report shall include the council's findings, significant trends, and recommendations to protect personal information used by government agencies.
The initial report to the legislature also shall include proposed legislation to amend section 487N-2 or any other law that the council deems necessary to conform to the guidelines established under subsection (c).
(e) The chief information officer may establish support positions for the office of enterprise technology services, including but not limited to information technology, human resources and personnel, records management, and administrative support. [L Sp 2008, c 10, pt of §4; am L 2012, c 71, §1; am L 2016, c 58, §7; am L 2016, c 58, §7]
Copyright ©2024 LegalFix. All rights reserved. LegalFix is not a law firm, is not licensed to practice law, and does not provide legal advice, services, or representation. The information on this website is an overview of the legal plans you can purchase—or that may be provided by your employer as an employee benefit or by your credit union or other membership group as a membership benefit.
LegalFix provides its members with easy access to affordable legal services through a network of independent law firms. LegalFix, its corporate entity, and its officers, directors, employees, agents, and contractors do not provide legal advice, services, or representation—directly or indirectly.
The articles and information on the site are not legal advice and should not be relied upon—they are for information purposes only. You should become a LegalFix member to get legal services from one of our network law firms.
You should not disclose confidential or potentially incriminating information to LegalFix—you should only communicate such information to your network law firm.
The benefits and legal services described in the LegalFix legal plans are not always available in all states or with all plans. See the legal plan Benefit Overview and the more comprehensive legal plan contract during checkout for coverage details in your state.
Use of this website, the purchase of legal plans, and access to the LegalFix networks of law firms are subject to the LegalFix Terms of Service and Privacy Policy.