Connecticut Administrative Code
Title 32 - Commerce and Economic and Community Development
1c - Personal Data
Section 32-1c-4 - Maintenance of personal data-general

Universal Citation: CT Reg of State Agencies 32-1c-4

Current through September 9, 2024

(a) Personal data will not be maintained by the Department unless relevant and necessary to accomplish the lawful purposes of the agency. Where the agency finds irrelevant or unnecessary public records on its possession, the agency shall dispose of the records in accordance with its records retention schedule, or, if the records are not disposable under the records retention schedule, request permission from the Public Records Administrator to dispose of the records under Conn. Gen. Stat. Sec. 11-8a.

(b) The Department will collect and maintain all records with accurateness and completeness.

(c) Insofar as it is consistent with the needs and mission of the Department, it, wherever practical, shall collect personal data directly from the persons to whom a record pertains.

(d) Employees of the Department involved in the operations of the agency's personal data systems will be informed of the provisions of the

(1) Personal Data Act,

(2) the agency's regulations adopted pursuant to Sec. 4-196,

(3) the Freedom of Information Act and

(4) any other state or federal statute or regulations concerning maintenance or disclosure of personal data kept by the agency.

(e) All employees of the Department shall take reasonable precautions to protect personal data under their custody from the danger of fire, theft, flood, natural disaster and other physical threats.

(f) The Department shall incorporate by reference the provisions of the Personal Data Act and regulations promulgated thereunder in all contracts, agreements or licenses for the operation of a personal data system or for research, evaluation and reporting of personal data for the agency or on its behalf.

(g) The Department shall have an independent obligation to insure that personal data requested from any other state agency is properly maintained.

(h) Only employees of the Department who have a specific need to review personal data records for lawful purposes of the agency will be entitled to access to such records under the Personal Data Act.

(i) The Department will keep a written up-to-date list of individuals entitled to access of each of the agency's personal data systems.

(j) The Department will insure against unnecessary duplication of personal data records. In the event it is necessary to send personal data records through interdepartment mail, such records will be sent in envelopes or boxes sealed and marked "confidential."

(k) The Department will insure that all records in manual personal data systems are kept under lock and key and, to the greatest extent practical, are kept in controlled access areas.

Disclaimer: These regulations may not be the most recent version. Connecticut may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.