KLS Keeping Law Simple Legislation in plain English

Straight-ahead summaries built from the official bill text. We keep the source links front and center and leave the decision up to you.

Back to Connecticut

HB05208 • 2026

AN ACT CONCERNING DATA SECURITY, PAYROLL PROCESSING, CONSUMER FRAUD PROTECTION, MORTGAGE LOANS AND EMPLOYEE CREDIT RATES.

AN ACT CONCERNING DATA SECURITY, PAYROLL PROCESSING, CONSUMER FRAUD PROTECTION, MORTGAGE LOANS AND EMPLOYEE CREDIT RATES.

Labor
Passed Legislature

This bill passed both chambers and reached final enrollment, even if later executive action is not shown here.

Sponsor
Banking Committee
Last action
2026-05-15
Official status
Transmitted by Secretary of the State to Governor
Effective date
Not listed

Plain English Breakdown

Using official source text because the generated explanation was unavailable or could not be confirmed against the official bill text.

AN ACT CONCERNING DATA SECURITY, PAYROLL PROCESSING, CONSUMER FRAUD PROTECTION, MORTGAGE LOANS AND EMPLOYEE CREDIT RATES.

To require the Department of Banking to study and submit a report concerning financial transactions in the state.

What This Bill Does

  • To require the Department of Banking to study and submit a report concerning financial transactions in the state.

Limits and Unknowns

  • This entry is temporarily using official source text because the generated explanation could not be confirmed against the official bill text during the last sync.

Bill History

  1. 2026-05-15 Connecticut General Assembly

    Transmitted to the Secretary of State

  2. 2026-05-15 Connecticut General Assembly

    Transmitted by Secretary of the State to Governor

  3. 2026-05-14 LCO

    Public Act 26-51

  4. 2026-05-05 Connecticut General Assembly

    Senate Adopted House Amendment Schedule A

  5. 2026-05-05 Connecticut General Assembly

    Senate Passed as Amended by House Amendment Schedule A

  6. 2026-05-05 Connecticut General Assembly

    On Consent Calendar / In Concurrence

  7. 2026-04-28 Connecticut General Assembly

    Favorable Report, Tabled for the Calendar, Senate

  8. 2026-04-28 Connecticut General Assembly

    Senate Calendar Number 479

  9. 2026-04-28 LCO

    File Number 728

  10. 2026-04-27 Connecticut General Assembly

    House Adopted House Amendment Schedule A 4520

  11. 2026-04-27 Connecticut General Assembly

    House Passed as Amended by House Amendment Schedule A

  12. 2026-04-27 Connecticut General Assembly

    Immediate Transmittal to the Senate

  13. 2026-03-19 LCO

    Reported Out of Legislative Commissioners' Office

  14. 2026-03-19 Connecticut General Assembly

    Favorable Report, Tabled for the Calendar, House

  15. 2026-03-19 Connecticut General Assembly

    House Calendar Number 82

  16. 2026-03-19 LCO

    File Number 90

  17. 2026-03-13 LCO

    Referred to Office of Legislative Research and Office of Fiscal Analysis 03/18/26 5:00 PM

  18. 2026-03-10 BA

    Joint Favorable

  19. 2026-03-10 LCO

    Filed with Legislative Commissioners' Office

  20. 2026-02-19 Connecticut General Assembly

    Public Hearing 02/24

  21. 2026-02-18 Connecticut General Assembly

    Referred to Joint Committee on Banking

Official Summary Text

To require the Department of Banking to study and submit a report concerning financial transactions in the state.

Current Bill Text

Read the full stored bill text 
House Bill No. 5208

Public Act No. 26-51

AN ACT CONCERNING DATA SECURITY, PAYROLL PROCESSING,
CONSUMER FRAUD PROTECTION, MORTGAGE LOANS AND
EMPLOYEE CREDIT RATES.
Be it enacted by the Senate and House of Representatives in General
Assembly convened:

Section 1. Section 36a -44a of the general statutes is repealed and the
following is substituted in lieu thereof (Effective October 1, 2026):
(a) As used in this section:
(1) "Data security incident" means any unauthorized access to or
unauthorized acquisition, destruction or corruption of electronic files,
media, databases or computerized data containing (A) personal
information of an individual, or (B) supervisory, financ ial, operational
or business information of any (i) licensee under this title, (ii)
Connecticut bank, or (iii) Connecticut credit union;
(2) "Financial institution" has the same meaning as provided in
Section 509 of the Gramm -Leach-Bliley Financial Modernization Act of
1999, 15 USC 6809, and the regulations promulgated thereunder, as said
act and such regulations may be amended from time to time; and
(3) "Personal information" has the same meaning as provided in
section 36a-701b.
House Bill No. 5208

Public Act No. 26-51 2 of 6

(b) Each financial institution that is a bank, a Connecticut credit
union, a federal credit union, an out -of-state bank that maintains a
branch in this state, an out -of-state trust company or out-of-state credit
union that maintains an office in this state [,] or a licensee under this
title, [or any] and each person subject to the jurisdiction of the
commissioner under title 36b, shall (1) adopt, in writing, a program that
sets forth standards for developing, implementing and maintaining
reasonable data security safeguards to protect the security,
confidentiality and integrity of customer information and that is
consistent with applicable federal regulations, and (2) comply with all
provisions of Subtitle A of Title V of the Gramm -Leach-Bliley Financial
Modernization Act of 1999, 15 USC 6801 et seq., and the regulations
promulgated thereunder that apply to such financial institution [, except
to] or person, including, but not limited to, the applicable provisions of
12 CFR Part 364, Appendix B, 12 CFR Part 748, Appendix A and 16 CFR
Part 314, as said act and such regulations may be amended from time to
time. To the extent that this [section] subsection is inconsistent with the
provisions of sections 36a -41 to 36a -44, inclusive, [in which case ] the
provisions that afford the customer greater protection shall control. [For
purposes of this section, "financial institution" has the meaning given to
that term in Section 509 of the Gramm -Leach-Bliley Financial
Modernization Act of 1999, 15 USC 6809, and the regula tions
promulgated thereunder.]
(c) Each licensee under this title, Connecticut bank and Connecticut
credit union shall file an initial notification with the Department of
Banking, in a form and manner prescribed by the Banking
Commissioner, not later than three business days after such licensee,
Connecticut bank or Connecticut credit union knows, or has reason to
know, of the occurrence of any data security incident that may (1)
materially impact its ability to operate in a safe and sound manner or
comply with applicable laws and regulat ions, (2) cause significant
disruption in customer services, or (3) involve any unauthorized access
House Bill No. 5208

Public Act No. 26-51 3 of 6

to the personal information of any individual. The Banking
Commissioner may request additional information regarding any such
occurrence subsequent to the filing of such initial notification.
Sec. 2. ( Effective from passage ) The Department of Banking shall
conduct a study concerning payroll processing methods employed by
financial institutions and the time required for payroll checks to clear.
Not later than January 1, 2027, the Department of Banking shall submit
a report on its findings and recommendations to the joint standing
committee of the General Assembly having cognizance of matters
relating to banking, in accordance with the provisions of section 11 -4a
of the general statutes.
Sec. 3. (Effective from passage) (a) The chairpersons of the joint standing
committee of the General Assembly having cognizance of matters
relating to banking shall convene a working group to study consumer
fraud and protections against such fraud.
(b) The working group shall include, but need not be limited to, the
following members:
(1) The chairpersons and ranking members of the joint standing
committee of the General Assembly having cognizance of matters
relating to banking, or their designees;
(2) The Banking Commissioner, or the commissioner's designee;
(3) The Commissioner of Emergency Services and Public Protection,
or the commissioner's designee;
(4) The executive director of the Commission on Women, Children,
Seniors, Equity and Opportunity, or the executive director's designee;
(5) An elder law attorney who represents senior citizens in the state;
(6) A representative of an association that represents financial
House Bill No. 5208

Public Act No. 26-51 4 of 6

institutions in the state;
(7) A representative of an organization that represents credit unions
in the state;
(8) A representative of an organization that represents consumers in
the state;
(9) A representative of an organization that represents senior citizens
in the state;
(10) Three members of an association that represents financial
institutions in the state, who shall be appointed by such association;
(11) Three members of an organization that represents credit unions
in the state, who shall be appointed by such organization; and
(12) The Commissioner of Consumer Protection, or the
commissioner's designee.
(c) The chairpersons of the joint standing committee of the General
Assembly having cognizance of matters relating to banking shall:
(1) Appoint the members described in subdivisions (5) to (9),
inclusive, of subsection (b) of this section;
(2) Select the association and organization described in subdivisions
(10) and (11) of subsection (b) of this section, respectively, for the
purpose of making the appointments described in said subdivisions;
and
(3) Schedule the first meeting of the working group, which shall be
held not later than sixty days after the effective date of this section.
(d) The members of the working group shall select two
cochairpersons from among the members of the working group.
House Bill No. 5208

Public Act No. 26-51 5 of 6

(e) The administrative staff of the joint standing committee of the
General Assembly having cognizance of matters relating to banking
shall serve as administrative staff of the working group.
(f) Not later than January 1, 2027, the working group shall submit a
report on its findings and recommendations to the joint standing
committee of the General Assembly having cognizance of matters
relating to banking, in accordance with the provisions of s ection 11-4a
of the general statutes. The working group shall terminate on the date
that it submits such report or January 1, 2027, whichever is later.
Sec. 4. Section 49-7b of the 2026 supplement to the general statutes is
repealed and the following is substituted in lieu thereof (Effective July 1,
2026):
(a) For purposes of this section:
(1) "Mortgage loan" means any loan, including an open -end line of
credit as defined in section 36a -760 or a home equity loan, that is (A)
secured by a mortgage on one -to-four family residential real property
located in this state, and (B) (i) in the amount of less than one million
dollars, or (ii) primarily for personal, family or household use; and
(2) "Home equity loan" means a closed-end extension of credit, other
than an open-end line of credit, (A) that is (i) secured by a mortgage on
a one-to-four family residential real property located in this state that is
the borrower's primary residence, (ii) made on the basis of the
borrower's equity in such property, and (iii) not made to finance the
acquisition of s uch property, and (B) under which the full principal
amount is advanced at consummation and repaid over a specified term.
[(a)] (b) [Not later than ten days prior to the date of the closing in a
mortgage loan transaction, each] Each creditor, as defined in section 49-
6a, shall notify the mortgage loan applicant, in writing, that: (1)
Standard homeowners insurance policies do not cover flood damage
House Bill No. 5208

Public Act No. 26-51 6 of 6

and related losses; (2) flood damage to property may occur regardless
of whether the real property is located in a designated flood zone; and
(3) the applicant may wish to consult a licensed insurance producer or
surplus lines broker concerning the availab ility and benefits of
obtaining flood insurance.
[(b)] (c) The notice required by subsection [(a)] (b) of this section shall
be (1) written in plain language , [and] (2) signed and dated by the
mortgage loan applicant to acknowledge receipt of such notice , and (3)
provided to the mortgage loan applicant not later than (A) the date of
closing if the mortgage loan is an open-end line of credit or home equity
loan, or (B) ten days prior to the date of closing if the mortgage loan is
not an open-end line of cr edit or home equity loan . Each creditor shall
keep and maintain a copy of such notice with the mortgage loan
applicant's mortgage records.