About the Council

The Information Privacy and Security Council (IPSC), administratively attached to the Department of Accounting and General Services, was established by Act 10, SSLH 2008, as codified into law under HRS section 487N-5, to develop guidelines to be considered by government agencies in deciding whether, how, and when a government agency shall inform affected individuals of the loss, disclosure, or security breach of personal information that can contribute to identify theft.  The guidelines provide a standardized, risk-based notification process in the instance of a security breach.

The IPSC also reviews the individual annual reports submitted by state and county government agencies, pursuant to section 487N-7, and submits an annual summary report to the Legislature with the IPSC’s findings, significant trends, and recommendations to protect personal information used by government agencies.