top of page
Search

Reminder: Colorado Biometric Information Policy Requirement Effective July 1, 2025 - HR ALERTS

Colorado Biometric Information Policy Requirement Effective July 1, 2025

Effective: July 1, 2025

Applies to: 

All employers operating in Colorado who collect biometric information from applicants or employees


Reminder:

As previously shared, starting July 1, 2025, employers in Colorado must meet new requirements under the Colorado Privacy Act when collecting biometric information—including fingerprints, retina scans, or other biological identifiers used for security, timekeeping, or access control.

If your organization collects biometric identifiers, you must have a written biometric policy and a process in place to obtain proper consent from employees and applicants.

 

What the Law Requires:


1. Written Biometric Policy

Must include:

  • A biometric information retention schedule

  • A deletion protocol

  • A procedure for responding to security breaches

  • Public availability if the policy applies beyond current employees (e.g., applicants or former staff)


2. Consent Requirements

Employers must obtain consent before collecting biometric identifiers. Consent can be a condition of employment for:

  • Physical access (e.g., fingerprint scanners)

  • Securing electronic systems or software

  • Timekeeping systems

  • Safety and security-related purposes

Voluntary consent is required for all other uses, and employers cannot retaliate if an employee or applicant declines. Note: Consent obtained during the application process must be renewed upon hire.


A Few Notable Exceptions:

  • No consent is required if biometric use is clearly expected due to job duties.

  • No consent is required for biometric data used to complete applications, ID checks, or background screenings.


Get day-to-day updates on Colorado Biometric Information Policy Requirement Effective July 1, 2025 visit the Vida HR Knowledge Center (Vida HR Clients Exclusive).

Comentarios

bottom of page