To use third-party project management tools that collect personal information in Wisconsin, you must comply with the state’s data privacy laws. The Wisconsin Administrative Code (WIAC) NR 810.02 defines personal information as “information that identifies an individual, including an individual’s name, address, telephone number, social security number, or other identifying number or code, but does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

Indiana Privacy Protection Requirements To ensure that your company is compliant with expanding privacy protections in Indiana, you need to follow the requirements outlined in the following documents: [1.3] Initial privacy notice to consumers [1.1] Revised privacy notices [1.4] Information to be included in privacy notices [1.2] Annual privacy notice to customers Initial Privacy Notice According to [1.3], a licensee must provide a clear and conspicuous notice that accurately reflects its privacy policies and practices to an individual who becomes the licensee’s customer, not later than when the licensee establishes a customer relationship.

Based on the provided context documents, there are requirements for using third-party project management tools that collect personal information in Washington. Requirements for using third-party project management tools that collect personal information in Washington According to WAAC 182-70-410, the data vendor must enter into an agreement with the lead organization that contains the following requirements: A provision that the data vendor is responsible for ensuring compliance of all aspects of WA-APCD operations with all applicable federal and state laws, and the state’s security standards established by the office of the chief information officer; Provisions that the data vendor is required to keep logs and documentation on activities conducted pursuant to the security plan consistent with the state records retention requirements, which the authority can request to verify that the security protocols are being followed; A provision that requires a detailed security process, which should include, but is not limited to, details regarding security risk assessments and corrective actions plans when deficiencies are discovered; Provisions that require secure file transfer for all receipt and transmission of health care claims data; and Provisions for encryption of data both in motion and at rest using latest industry standard methods and tools for encryption, consistent with the standards of the office of the chief information officer.

To ensure that your company is compliant with expanding privacy protections in Idaho, you must follow the requirements outlined in IDAPA 18.01.01.202, IDAPA 18.01.01.452, IDAPA 18.01.01.100, IDAPA 18.01.01.300, IDAPA 18.01.01.200, IDAPA 18.01.01.450, and IDAPA 18.01.01.451. IDAPA 18.01.01.202 This document outlines the requirements for satisfying the privacy notice information requirements. Your company must categorize the nonpublic personal financial information it collects and discloses, identify the types of businesses in which the third parties to which the licensee discloses nonpublic personal financial information about consumers engage, and describe its policies and practices with respect to protecting the confidentiality and security of nonpublic personal financial information.

Hawaii Privacy Protections Compliance Requirements To ensure compliance with expanding privacy protections in Hawaii, companies must adhere to the following requirements: Initial Privacy Notice to Consumers A licensee must provide a clear and conspicuous notice that accurately reflects its privacy policies and practices to a consumer: Not later than when the licensee establishes a customer relationship, except as provided in subsection (d); and Before the licensee discloses any nonpublic personal financial information about the consumer to any nonaffiliated third party, if the licensee makes a disclosure other than as authorized by sections 431:3A-402 and 431:3A-403 [1.

Based on the documents provided, there are several regulations in Vermont that govern the collection and disclosure of personal information. In general, a personal information protection company must be licensed by the Department of Financial Regulation and must maintain a comprehensive information security program that contains administrative, technical, and physical safeguards sufficient to protect personal information [1.1]. Regarding the disclosure of nonpublic personal information to third parties, a financial institution may not disclose any nonpublic personal financial information about a consumer to a nonaffiliated third party unless the consumer has authorized the disclosure in writing or electronically [2.

Based on the documents provided, there are specific requirements for the collection and use of personally identifiable information in Utah. Use of Personally Identifiable Information According to UTAC R895-8-6, any personally identifiable information provided to a State website shall be used solely by the State, its entities, and third party agents with whom it has contracted to perform a state function on its behalf, unless superseded by a federal statute, federal regulation, or State statute.

To ensure that your company is compliant with expanding privacy protections in Delaware, you must comply with the following requirements: Disclosure of agency privacy policies [1.1][1.2] Each state agency must post its internet privacy policy on its website. Such posting shall include a conspicuous and direct link to such privacy policy. The policy shall also be made available at no charge to other public and private entities. The policy should include a statement of any information, including personal information, the state agency website may collect with respect to the user and the use of the information; the circumstances under which information, including personal information, collected may be disclosed; whether any information collected will be retained by the state agency, and, if so, the period of time that such information will be retained; the procedures by which a user may gain access to the collected information pertaining to that user; the means by which information is collected and whether such collection occurs actively or passively; and whether the collection of information is voluntary or required, and the consequences, if any, of a refusal to provide the required information.

Using Third-Party Project Management Tools that Collect Personal Information in Tennessee Based on the provided context documents, there are no specific requirements or regulations in Tennessee that prohibit the use of third-party project management tools that collect personal information. However, it is important to note that any information collected by state or local officials, agents, or employees must be kept confidential and not disclosed except as authorized by law [3.1]([3.2]).

Connecticut Privacy Protections Compliance Requirements Connecticut has enacted privacy protection laws that companies must comply with to ensure the protection of personal data. The following are the requirements for companies to comply with expanding privacy protections in Connecticut: Limitation of Personal Data Collection: Companies must limit the collection of personal data to what is adequate, relevant, and reasonably necessary in relation to the purposes for which such data is processed, as disclosed to the consumer [5.