New Hampshire Revised Statutes 126-A:104 – Duties
Current as of: 2023 | Check for updates
|
Other versions
I. The data privacy and information technology security governance board shall:
(a) Meet at least 3 times a year and post public facing meeting minutes within 2 weeks of the completion of each meeting on the department’s web page.
(b) Become educated in what data governance means, how it will work for the organization, and what it means to embrace data governance and activate enterprise data stewards.
(c) Actively promote improved data governance practices across the department.
(d) Identify and approve of pivotal data governance roles and responsibilities for the department including cross-enterprise domain stewards and coordinators.
(e) Advise, review, and approve the department’s data control, governance, and privacy practices in compliance with federal and state law and federal and state information privacy and security policies, with the goal to meet or exceed private market benchmarks for governance, risk management, and compliance.
(f) Drive strategic and timely implementation of a department-wide privacy policy, related procedures and processes to operationalize policy-derived controls, and effective risk management methodologies, including industry standards such as privacy impact assessments and privacy by design.
II. The data privacy and information technology security governance board may solicit information from any person or entity the board deems relevant to its quest.
(a) Meet at least 3 times a year and post public facing meeting minutes within 2 weeks of the completion of each meeting on the department’s web page.
Terms Used In New Hampshire Revised Statutes 126-A:104
- person: may extend and be applied to bodies corporate and politic as well as to individuals. See New Hampshire Revised Statutes 21:9
- state: when applied to different parts of the United States, may extend to and include the District of Columbia and the several territories, so called; and the words "United States" shall include said district and territories. See New Hampshire Revised Statutes 21:4
(b) Become educated in what data governance means, how it will work for the organization, and what it means to embrace data governance and activate enterprise data stewards.
(c) Actively promote improved data governance practices across the department.
(d) Identify and approve of pivotal data governance roles and responsibilities for the department including cross-enterprise domain stewards and coordinators.
(e) Advise, review, and approve the department’s data control, governance, and privacy practices in compliance with federal and state law and federal and state information privacy and security policies, with the goal to meet or exceed private market benchmarks for governance, risk management, and compliance.
(f) Drive strategic and timely implementation of a department-wide privacy policy, related procedures and processes to operationalize policy-derived controls, and effective risk management methodologies, including industry standards such as privacy impact assessments and privacy by design.
II. The data privacy and information technology security governance board may solicit information from any person or entity the board deems relevant to its quest.