SB 6266
In CommitteeSenate
State auditor info. access
Concerning information access by the state auditor.
This status may be delayed. See Action History below for the latest updates.
How does a bill become law?
- Introduced: The bill is filed and assigned a number.
- Committee: A subject-matter committee holds hearings, takes public testimony, and decides whether to advance the bill.
- Floor Vote: The full chamber (House or Senate) debates and votes on the bill.
- Opposite Chamber: The bill repeats the committee and floor vote process in the other chamber.
- Governor: The Governor reviews the bill and decides whether to sign or veto it.
- Signed: The bill has been signed into law.
AI Analysis
This bill clarifies and expands the Washington State Auditor’s authority to access confidential records—including health, juvenile, and family leave data—for conducting audits, while preserving strict confidentiality protections. It also adds the auditor and legislative audit committee to lists of authorized data recipients across multiple state programs.
- Grants the Washington State Auditor and its employees explicit authority to access and inspect all files, records, and accounts—including confidential records—from state and local agencies for audit purposes.
- Clarifies that accessing confidential records for audits does not override existing confidentiality laws; records retain their protected status and must be handled under the same rules as original custodians.
- Adds the State Auditor and the Joint Legislative Audit and Review Committee to lists of entities permitted to receive data from the Prescription Monitoring Program, juvenile records, and family and medical leave insurance program for audit purposes.
- Amends five existing laws (RCW 43.09.020, 70.225.040, 50A.25.070, 13.50.050, and 13.50.100) to include consistent language about auditor access to confidential information while preserving confidentiality safeguards.
- Requires requesting agencies to submit written applications and verification for data sharing under the family and medical leave program, and ensures data is used only for official purposes.
Who is affected
- Washington State Auditor's Office — The state auditor gains explicit legal authority to access confidential records—including prescription data, juvenile records, and family and medical leave records—when conducting audits, while confidentiality protections remain unchanged.
- State and local government agencies — Agencies like the Department of Social and Health Services, Department of Labor & Industries, Health Care Authority, and others gain or clarify authority to share confidential data with the auditor for audit purposes, while maintaining strict confidentiality rules.
- Health care providers and prescribers — Prescription monitoring program data users (e.g., prescribers, pharmacists, law enforcement, licensing boards) retain existing confidentiality protections, but the auditor and legislative audit committee gain new access for oversight purposes.
- Youth and families involved with child welfare or juvenile courts — Juvenile justice and child protective service records remain highly protected, but the auditor and Joint Legislative Audit and Review Committee gain limited access to conduct oversight audits without altering confidentiality laws.
Pro/Con Analysis
Stronger case for benefits
Potential Benefits (5)
By explicitly authorizing the State Auditor and Joint Legislative Audit and Review Committee to access confidential records for oversight audits, the bill strengthens accountability for how public funds and sensitive programs (e.g., family leave, child welfare) are administered—potentially uncovering waste, fraud, or inefficiencies that ultimately benefit taxpayers.
Local GovernmentPeopleRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)The bill includes robust confidentiality safeguards—explicitly preserving existing confidentiality laws and requiring auditors to follow the same rules as original custodians—which helps protect vulnerable populations (e.g., youth, patients with substance use disorders) from stigmatization or harm if audit findings are leaked or misused.
Public SafetyPeopleRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)Formalizing auditor access to prescription monitoring data and juvenile records enables more rigorous oversight of high-risk programs, potentially improving program integrity and public trust in state systems that serve everyday Washingtonians.
Public SafetyPeopleRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)The bill’s requirement that requesting agencies submit written applications and verification for data sharing under the family and medical leave program adds procedural rigor that helps prevent arbitrary or politically motivated data requests, protecting program integrity.
Local GovernmentPeopleRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)By codifying auditor access across five statutes (RCW 43.09.020, 70.225.040, 50A.25.070, 13.50.050, 13.50.100), the bill eliminates ambiguity about who can access sensitive data, reducing the risk of inconsistent or unauthorized disclosures that could arise from ad hoc requests.
Public SafetyPeopleRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)
Potential Concerns (5)
The bill clarifies and expands the State Auditor’s authority to access confidential records—including juvenile, health, and family leave data—for audit purposes, which may increase administrative burden on local agencies required to respond to audit requests and comply with additional data-sharing protocols.
Local GovernmentRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)While confidentiality protections are preserved, expanding access to sensitive records (e.g., juvenile records, prescription data) increases the risk surface for potential data breaches or misuse, especially if audit staff turnover or training gaps occur.
Public SafetyRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)The bill does not alter existing confidentiality safeguards, but by formally adding the auditor and legislative audit committee to lists of authorized data recipients across multiple sensitive programs, it may normalize broader access to highly protected personal data, potentially eroding expectations of privacy over time—even if no abuse occurs.
Rights & LibertiesRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)Agencies like DHSS, HCA, and L&I must now verify and document data-sharing requests from the auditor and audit committee, potentially diverting staff time and resources from core program operations.
Local GovernmentRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)Expanding access to prescription monitoring data for audit purposes could inadvertently expose prescriber/patient data to secondary uses beyond audit scope if internal controls are weak, even if confidentiality rules technically remain intact.
Public SafetyRef: Sec. 1(3); Sec. 2(3)(o), (p); Sec. 3(2)(m), (n); Sec. 4(15), (16); Sec. 5(12), (13)
Who Is Most Affected
The State Auditor gains explicit legal authority to access confidential records—including prescription, juvenile, and family leave data—for oversight audits. This strengthens the auditor’s ability to hold agencies accountable, but also increases responsibility for safeguarding sensitive data.
State agencies (e.g., DHSS, HCA, L&I) gain clarity on when and how they may share confidential data with auditors, reducing legal uncertainty. However, they must also invest in compliance processes (e.g., application verification, data use agreements), which may strain resources.
Prescribers and pharmacists retain existing confidentiality protections, but their data may now be accessed by auditors for oversight. While this improves program accountability, it could increase concerns about data misuse or chilling effects on prescribing behavior if audits are perceived as punitive.
Youth and families involved with child welfare or juvenile courts remain protected by strict confidentiality rules, but the auditor and legislative audit committee now have formal access to juvenile records for oversight. This could improve program quality, but may heighten privacy concerns among vulnerable populations.