Report Title:

Financial Institutions; Privacy of Financial Information

Description:

Prohibits a financial institution from disclosing a customer's financial information, subject to exceptions. Establishes penalties.

THE SENATE

S.B. NO.

3199

TWENTY-SECOND LEGISLATURE, 2004

 

STATE OF HAWAII

 


 

A BILL FOR AN ACT

 

relating to privacy of financial information.

 

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF HAWAII:

SECTION 1. Chapter 412, Hawaii Revised Statutes, is amended by adding a new section to article I to be appropriately designated and to read as follows:

"§412:1-   Financial information privacy; policy; prohibition; exceptions; penalty. (a) It is the policy of this State to protect the privacy of customers of financial institutions without unduly inhibiting the free flow of commerce or legitimate law enforcement activities.

(b) Subject to the exceptions in subsection (c), a financial institution, and its officers, employees, agents, and directors shall not disclose to any person any financial information relating to a customer. Financial institutions shall adopt reasonable procedures to assure compliance with this subsection.

(c) The prohibition set forth in subsection (b) shall not apply to:

(1) The disclosure of information to the customer after verification of the customer's identity;

(2) Disclosure authorized by the customer and limited to the scope and purpose authorized;

(3) The disclosure of information requested by the child support enforcement agency pursuant to its authority under chapter 576D;

(4) The disclosure of information requested by the department of human services pursuant to its authority under chapter 346;

(5) The preparation, examination, handling, or maintenance of financial records by any officer, employee, or agent of a financial institution that has custody of the records;

(6) The examination of financial records by a certified public accountant while engaged by the financial institution to perform an independent audit;

(7) The disclosure of information to a collection agency, its employees or agents, or to any person engaged by the financial institution to assist in recovering an amount owed to the financial institution, if the disclosure is made in the furtherance of recovering such amount;

(8) The examination of financial records by, or the disclosure of financial records to, any officer, employee, or agent of a regulatory agency for use only in the exercise of that person's duties as an officer, employee, or agent;

(9) The publication of information derived from financial records if the information cannot be identified to any particular customer, deposit, or account;

(10) The making of reports, disclosures, or returns required by federal or state law;

(11) The disclosure of any information permitted to be disclosed under the laws governing dishonor of negotiable instruments;

(12) The exchange, in the regular course of business, of credit information between a financial institution and a credit reporting agency; provided that the exchange shall be in compliance with the federal Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.;

(13) The exchange, in the regular course of business, of information between a financial institution and an account verification service; provided that the exchange shall be in compliance with the federal Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.;

(14) The exchange, in the regular course of business, of information between a financial institution and a mercantile agency; provided that the exchange shall be solely for the purpose of reporting to third parties on the credit rating or creditworthiness of any business, and shall be in compliance with the federal Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.;

(15) The exchange of loan information that specifically affects a sale, foreclosure, or loan closing; provided that the exchange shall be for the purpose of accomplishing the sale, foreclosure, or loan closing;

(16) Disclosure of suspected criminal activities to civil or criminal law enforcement authorities for use in the exercise of the authority's duties or the sharing of information within an industry network;

(17) Disclosure requested pursuant to subpoena; provided that no disclosure shall be made until ten days after the financial institution has notified the customer that financial information has been requested by subpoena; and provided further that the notice shall be served by first class mail to the customer at the most recent address known to the financial institution. This paragraph shall not apply where the subpoena is issued by or on behalf of a regulatory, criminal, or civil law enforcement agency;

(18) Disclosure required by order of court;

(19) The disclosure of customer financial information among directors, officers, employees, or agents of affiliated financial institutions; provided that the disclosure shall be limited to information necessary or appropriate to the fulfillment of the persons' duties and responsibilities to the financial institution or institutions; and provided further that the disclosure shall be made in compliance with the federal Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.;

(20) The disclosure of customer financial information of one financial institution to another financial institution in connection with a proposed merger, consolidation, acquisition, or other reorganization transaction involving the customer's financial institution; provided that no further disclosure shall be made except in compliance with this section; and provided further that the disclosure shall be made in compliance with the federal Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.;

(21) Disclosure in accordance with rules adopted by the commissioner; provided that the commissioner may permit disclosure by temporary order, until such time as rules under this section are adopted; and

(22) Disclosure requested by the department of taxation pursuant to its authority under chapter 231.

(d) In addition to any other powers granted under this chapter, the commissioner may impose an administrative penalty of not more than $1,000 for each violation of this section resulting from willful conduct or from a failure by a financial institution to provide reasonable supervision of its employees to prevent violations of this section."

SECTION 2. Section 412:1-109, Hawaii Revised Statutes, is amended by adding five new definitions to be appropriately inserted and to read as follows:

""Account verification service" means any person that for monetary fees, dues, or on a cooperative nonprofit basis, regularly engages in whole or in part in the practice of:

(1) Assembling information on the frequency and location of depository account openings or attempted openings by a consumer, or forced closings by a depository institution of accounts of a consumer; or

(2) Authenticating or validating Social Security numbers or addresses for the purpose of reporting to third parties for use in fraud prevention.

"Credit reporting agency" means any person that for monetary fees, dues, or on a cooperative nonprofit basis, regularly engages in whole or in part in the practice of assembling or evaluating consumer credit information or other information on consumers for the purpose of reporting to third parties on the credit rating or creditworthiness of any consumer.

"Customer" means any person who deposits, borrows, or invests with a financial institution, including a surety or a guarantor on a loan.

"Financial information" means an original or copy of, or information derived from:

(1) A document that grants signature authority over a deposit or share account;

(2) A statement, ledger card, or other record of a deposit or share account that shows transactions in or with respect to that deposit or account;

(3) A check, clear draft, or money order that is drawn on a financial institution or issued and payable by or through a financial institution;

(4) Any item, other than an institutional or periodic charge, that is made under an agreement between a financial institution and another person's deposit or share account;

(5) Any information that relates to a loan account or an application for a loan; or

(6) Evidence of a transaction conducted by electronic or telephonic means.

"Mercantile agency" means any person that for monetary fees, dues, or on a cooperative nonprofit basis, regularly engages in whole or in part in the practice of assembling or evaluating business credit information or other information on businesses for the purpose of reporting to third parties on the credit rating or creditworthiness of any business."

SECTION 3. New statutory material is underscored.

SECTION 4. This Act shall take effect on January 1, 2005.

INTRODUCED BY:

_____________________________