New York Codes, Rules and Regulations
Title 21 - Miscellaneous
Chapter XXIII - NIAGARA FRONTIER TRANSPORTATION AUTHORITY
Part 1158 - Personal Privacy Protection
Section 1158.3 - Designation of privacy compliance officer

Universal Citation: 21 NY Comp Codes Rules and Regs ยง 1158.3

Current through Register Vol. 46, No. 12, March 20, 2024

(a) The chief financial officer is hereby designated privacy compliance officer and is responsible for ensuring that the authority complies with the provisions of the Personal Privacy Protection Law and the regulations herein and for coordinating the authority's response to requests for records or amendment of records.

(b) The director, human resources, is hereby designated employee privacy compliance officer and is responsible for coordinating the authority's response to requests for records or amendments of records relating to data subjects who are employees or former employees of the authority.

(c) The address of the chief financial officer and the director, human resources, is Niagara Frontier Transportation Authority, 181 Ellicott Street, Buffalo, NY 14203.

(d) The privacy compliance officer and the employee privacy compliance officer are responsible for:

(1) assisting a data subject in identifying and requesting personal information, if necessary;

(2) describing the contents of systems of records orally or in writing in order to enable a data subject to learn if a system of records includes a record or personal information identifiable to a data subject requesting such record or personal information;

(3) taking one of the following actions upon locating the record sought:
(i) make the record available for inspection, in a printed form without codes or symbols, unless an accompanying document explaining such codes or symbols is also provided;

(ii) permit the data subject to copy the record; or

(iii) deny access to the record in whole or in part and explain in writing the reasons therefor;

(4) making a copy available, upon request, upon payment of or offer to pay established fees, if any, or permitting the data subject to copy the records;

(5) upon request, certifying that a copy of a record is a true copy; or

(6) certifying, upon request, that:
(i) the agency does not have possession of the record sought;

(ii) the agency cannot locate the record sought after having made a diligent search; or

(iii) the information sought cannot be retrieved by use of the description thereof, of by use of the name or other identifier of the data subject without extraordinary search methods being employed by the authority or its subsidiary corporation.

Disclaimer: These regulations may not be the most recent version. New York may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.