52:9YY-7 Security of health data.
7. The department shall take appropriate measures to protect the security of health data which it obtains, including:
a. limiting access to the data to authorized persons;
b. designating a person to be responsible for the physical security of the data;
c. developing and implementing a system for monitoring the security of the data;
d. periodically reviewing all health data to evaluate whether it is appropriate to remove identifying characteristics from the data; and
e. developing a program for the routine scheduled destruction of all forms, records or electronic files maintained by the department which contain identifiable health data.
L.2001, c.192, s.7; amended 2010, c.87, s.15.