Citizen Portal
Sign In

Senate committee advances CHISPA (SB53) after hours of testimony on data privacy, opt‑in consent and business impacts

Senate Health and Public Affairs Committee · February 4, 2026

Loading...

AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

SB53 (CHISPA) would tighten consent and limits on sale/use of health and sensitive personal data; civil‑society groups urged passage citing privacy and safety, while a wide range of businesses and trade groups warned it diverges from other states and could harm small businesses and telehealth. Committee recorded a due‑pass recommendation after debate and a failed motion to table.

Senate Health and Public Affairs Committee heard Senate Bill 53, the Community Health Information Safety and Privacy Act (CHISPA), a sweeping data‑privacy proposal that would restrict collection, sale and use of sensitive personal data (including health, biometric, location and reproductive information), mandate meaningful opt‑in consent for sensitive categories and create rights to access, correct and delete personal information.

Sponsor Senator Charlie framed CHISPA as a measure to ‘‘put clear limits on what companies can collect, keep, and sell, especially when that data can be weaponized against people,’’ and to ‘‘center consent that is real, not buried in fine print.’’ She introduced policy experts from the ACLU and Electronic Frontier Foundation to explain technical components.

Supporters ranged from conservation and voting‑rights groups to reproductive‑health providers and privacy advocates, who argued the bill protects vulnerable communities, preserves access to care and strengthens public‑safety and democratic participation. ‘‘Privacy is not a partisan issue. It is a fundamental right,’’ Jennifer Raphael Goetz of the Commission on the Status of Women told the committee.

Business, technology and insurance groups raised implementation concerns. Allison Riley of the New Mexico Chamber said the bill ‘‘diverges from the approaches adopted in other states and imposes standards that are overly restrictive and impractical to comply with.’’ Industry witnesses objected to the bill’s opt‑in model, broad definitions of sensitive data, and a private right of action that could increase litigation risk; they urged carve‑outs for data already protected under GLBA and HIPAA.

Sponsor and experts responded that CHISPA includes exemptions for federally regulated data (HIPAA/GLBA), a threshold aimed at exempting small entities (processing fewer than 15,000 New Mexicans), and that opt‑in rules for sensitive categories balance protection with practicality. The ACLU expert and the sponsor said comparable measures have worked elsewhere and opt‑in has succeeded for sensitive data in multiple states.

After extended debate and motions on procedure, the committee rejected a motion to table and recorded a do‑pass recommendation on SB53 (committee tally reported as five in favor, four against). The sponsor said she will work with stakeholders on technical fixes going forward.

What’s next: Committee reported SB53 to the next stage with a due‑pass recommendation; staff and sponsor signaled continued stakeholder negotiations on exemptions, definitions and private enforcement provisions.