New Connecticut Law Regarding Data Security/Destruction and Social Security Numbers

11 September 2008 Publication

Legal News Alert: Privacy, Security & Information Management

Connecticut passed a law that appears to go into effect on October 1, 2008. The first portion of the law requires any person who possesses personal information of another person to safeguard the data, computer files and documents containing the information from misuse by third parties, and destroy, erase or make unreadable such data, computer files and documents prior to disposal. Under this law, “personal information" means information capable of being associated with a particular individual through one or more identifiers, including, but not limited to, a Social Security number, a driver's license number, a state identification card number, an account number, a credit or debit card number, a passport number, an alien registration number or a health insurance identification number, and does not include publicly available information that is lawfully made available to the general public from federal, state or local government records or widely distributed media.

Connecticut also amended its Social Security number law and now requires any person who collects Social Security numbers in the course of business shall create a privacy protection policy that must be published or publicly displayed in some form including, but not limited to, posting on an Internet Web page. The policy must protect the confidentiality of Social Security numbers, prohibit unlawful disclosure of Social Security numbers, and limit access to Social Security numbers. Civil remedies do exist, though there appear to be limits on private rights of actions for certain businesses that hold licenses, registrations, or certificates from a state agency other than the Department of Consumer Protection. 

Legal News Alert is part of our ongoing commitment to providing up-to-the-minute information about pressing concerns or industry issues affecting our clients and our colleagues. If you have any questions about this alert or would like to discuss this topic further, please contact your Foley attorney or the following individual:

Andrew B. Serwin
Chair, Privacy, Security & Information Management Practice


Foley Weekly Automotive Report
03 August 2021
Dashboard Insights
Podcast Episode 57: Kristel Schorr, Partner
03 August 2021
Foley Career Perspectives
New Facebook Policy Requires Certification and Pre-Approval for Telemedicine Company Advertisements
03 August 2021
Health Care Law Today
Act Now: Employer Obligations Under New York HERO Act
02 August 2021
Labor & Employment Law Perspectives
30th Annual Law of Product Distribution & Franchise Seminar
29 September | 7 & 20 October 2021
Milwaukee | Chicago | Dallas
7th National Telehealth Summit
4-5 October 2021
Miami Beach, FL
AHLA Fraud & Compliance Forum
21-22 September 2021
Baltimore, MD
2nd Clinical Trial Agreements Forum
16-17 September 2021
Online Livestream