Current through Register Vol. 56, No. 23, December 2, 2024
Section 7:31-10.8 - Maintaining the confidentiality and security of confidential information(a) Until such time as a final confidentiality determination has been made, access to any information for which a confidentiality claim has been made will be limited to only those Department employees and agents whose activities necessitate such access and as provided at 7:31-10.9.(b) No disclosure of information for which a confidentiality claim has been asserted shall be made to any other persons except as provided in this subchapter.(c) Nothing in this section shall be construed as prohibiting the incorporation of confidential information into cumulations of data subject to disclosure as public records, provided that such disclosure is not in a form that would foreseeably allow persons, not otherwise having knowledge of such confidential information, to deduce from it the confidential information or the identity of the registrant who supplied it to the Department.(d) Only those Department employees who are designated as records custodians in accordance with (l) below, shall open any envelope which is marked "CONFIDENTIAL" and is addressed as provided at 7:31-10.4(f).(e) All submissions entitled to confidential treatment as determined at 7:31-10.5 shall be stored by the Department or its agents only in locked cabinets.(f) Any record made or maintained by Department employees or agents which contains confidential information shall be treated as confidential in accordance with the provisions of this section.(g) Confidential information shall not be publicly disclosed by the Department and shall not be communicated over telecommunications networks, including but not limited to telephones, computers connected by modems, or electronic mail systems.(h) Any document, which contains confidential information and is transmitted by the Department to the registrant or to any authorized person, shall be sent by certified mail or by other means that requires a verification of receipt, the date of receipt, and the name of the person who receives the document.(i) The Department's contact regarding confidential information shall be the owner or operator's qualified person.(j) Any document prepared by the Department for the registrant which contains confidential information shall display the word "CONFIDENTIAL" in bold type or stamp on the top of each page. The envelope containing this document shall be addressed to the registrant's responsible manager and shall display the word "CONFIDENTIAL" in bold type or stamp on both sides. This envelope shall be enclosed in a plain envelope addressed for mailing.(k) No persons other than the Commissioner and his or her designated employees or designated agents or an administrative law judge conducting a hearing on the confidentiality of information pursuant to 52:14F-1 et seq., shall have access to confidential information and such access shall be on a need-to-know basis only. Said designated representatives of the Commissioner shall be employees or agents of the Department and such designations shall be made in writing.(l) The Commissioner shall designate employees to act as records custodians of all confidential information gathered pursuant to the Act or this chapter. These designated employees shall be responsible for acknowledging and recording the receipt of confidential information from an owner or operator, for tracking and recording all confidential information given to Department-designated employees or agents or an administrative law judge, for maintaining and upkeeping the confidential information file and storage area and for establishing any other methods deemed appropriate to protect the confidentiality of information through internal procedures or guidelines.(m) Any confidential information added to a computerized data base shall only be added to computers which are:1. Capable of being locked during periods of non-use by means of a lock and key mechanism, or by the use of passwords or levels of security clearances, or by other means that restrict access only to authorized Department personnel;2. Are not tied to another computer system by means of a communications network; and3. Are kept within an office capable of being locked when not being used by an authorized person.(n) Any confidential information submitted to the Department which becomes obsolete or is no longer needed by the Department for the implementation of the Act or this chapter shall be returned to the owner or operator.N.J. Admin. Code § 7:31-10.8
Amended by R.1998 d.355, effective 7/20/1998.
See: 30 New Jersey Register 908(a), 30 New Jersey Register 2728(a).
In (a), (d) and (e), changed N.J.A.C. references; in (i), substituted "owner or operator's qualified person" for "registrant's responsible manager" at the end; and in (l) and (n), substituted references to owners and operators for references to registrants.