New Connecticut Law Regarding Data Security/Destruction and Social Security Numbers

11 September 2008 Publication

Legal News Alert: Privacy, Security & Information Management

Connecticut passed a law that appears to go into effect on October 1, 2008. The first portion of the law requires any person who possesses personal information of another person to safeguard the data, computer files and documents containing the information from misuse by third parties, and destroy, erase or make unreadable such data, computer files and documents prior to disposal. Under this law, “personal information" means information capable of being associated with a particular individual through one or more identifiers, including, but not limited to, a Social Security number, a driver's license number, a state identification card number, an account number, a credit or debit card number, a passport number, an alien registration number or a health insurance identification number, and does not include publicly available information that is lawfully made available to the general public from federal, state or local government records or widely distributed media.

Connecticut also amended its Social Security number law and now requires any person who collects Social Security numbers in the course of business shall create a privacy protection policy that must be published or publicly displayed in some form including, but not limited to, posting on an Internet Web page. The policy must protect the confidentiality of Social Security numbers, prohibit unlawful disclosure of Social Security numbers, and limit access to Social Security numbers. Civil remedies do exist, though there appear to be limits on private rights of actions for certain businesses that hold licenses, registrations, or certificates from a state agency other than the Department of Consumer Protection. 


Legal News Alert is part of our ongoing commitment to providing up-to-the-minute information about pressing concerns or industry issues affecting our clients and our colleagues. If you have any questions about this alert or would like to discuss this topic further, please contact your Foley attorney or the following individual:

Andrew B. Serwin
Chair, Privacy, Security & Information Management Practice
aserwin@foley.com
619.685.6428

Insights

RCE PTA Carve-Out Resumes After Interference
18 September 2019
PharmaPatents
The Ninth Circuit Expected to Rule that Doctors Can Be Wrong in the Winter v. Gardens False Claims Act Case
18 September 2019
Legal News: Government Enforcement Defense & Investigations
Upcoming Webinar: Maximizing Solar Tax Credits - Navigating the Start of Construction Rules (Part 1)
17 September 2019
Renewable Energy Outlook
When Birds Finally Find a Nest
17 September 2019
Dashboard Insights
Lacktman, Ferrante Cited in mHealth Intelligence About Ryan Haight Act
19 September 2019
mHealth Intelligence
Tinnen Discusses How Viewpoint Diversity Helps Businesses Thrive
18 September 2019
InsideTrack
Vernaglia Comments on AHA v Azar Decision
18 September 2019
MedPage Today
Lach Comments on Launch of New Group
16 September 2019
BizTimes Milwaukee
MedTech Impact Expo & Conference
13-15 December 2019
Las Vegas, NV
Review of 2020 Medicare Changes for Telehealth
11 December 2019
Member Call
BRG Healthcare Leadership Conference
06 December 2019
Washington, D.C.
CTeL Telehealth Fall Summit 2019
04-06 December 2019
Washington, D.C.