- (1) Officer Designation. The State Auditor shall designate a person who shall serve as the responsible person for each personal data systemthe Departmentmaintains inaccordance with M.G.L.
- c. 66A, § 2(a). A single employee may serve as the responsible person for more than one such system.
(2) Duties and Responsibilities. The officer described in 965 CMR 2.03(1) shall with respect to the system or systems for which he is immediately responsible:
- (a) Ensure that the requirements for preventing unauthorized access to personal data, as set out in M.G.L. c. 66A and in 965 CMR 2.00, are followed;
- (b) Receive complaints and objections concerning the operation of the personal data system for which he is responsible and the implementation of 965 CMR 2.00; and
- (c) Answer questions concerning the operation of the personal data system for which he is responsible and the implementation of 965 CMR 2.00.