The responsible person designated under 950 CMR 33.05 shall, with respect to the system or systems for
which he is immediately responsible:
- (a) Ensure that the requirements of M.G.L. c. 66A and 950 CMR 33.00 for preventing unauthorized access to or disclosure of personal data are followed;
- (b) Receive complaints and objections; and
- (c) Answer questions.