Ask Reggi Your Question Now

Reggi is the free generative AI assistance for regulatory compliance
Ask a Question

Can I collect cookie information from participants in Arizona? What are the requirements?

Based on the provided context documents, here is the response to your query:

Arizona Revised Statutes (AZRS) and Arizona Administrative Code (AZAC) have provisions related to privacy policies and information technology.

According to AZRS 18-202, an agency website provided by the state shall contain a privacy policy statement to disclose the information gathering and dissemination practices related to the internet. The privacy policy statement shall describe at a minimum the agency’s information practices with regard to the following matters:

  1. What services the site provides.
  2. The information the agency obtains from individuals on line.
  3. A person’s option to choose to proceed with the transaction and any alternatives available.
  4. How the agency uses the information.
  5. Whether and under what circumstances the agency discloses the obtained information to other entities or persons.
  6. Whether other entities or persons are collecting information through the agency web site.
  7. A general description of the security measures in place to protect a person’s information without compromising the integrity of the security measures.

Additionally, AZAC Title 19, Chapter 4, Article 2, Section 20 requires responsible parties to ensure the quality, reliability, and accuracy of all computer systems used in the operation. Responsible parties shall ensure that information technology duties are adequately segregated and monitored to detect procedural errors, unauthorized access to financial transactions and assets, and to prevent the concealment of fraud. The information technology environment and infrastructure shall be maintained in a secured physical location that is restricted to authorized employees.

Conclusion

Based on the provided context documents, there are no specific provisions related to the collection of cookie information from participants in Arizona. However, agencies and responsible parties are required to have a privacy policy statement that discloses their information gathering and dissemination practices related to the internet. Additionally, responsible parties are required to ensure the quality, reliability, and accuracy of all computer systems used in the operation and maintain the information technology environment and infrastructure in a secured physical location that is restricted to authorized employees.

Therefore, it is recommended to review the privacy policy statement and ensure that the collection of cookie information is in compliance with the privacy policy statement and the relevant AZRS and AZAC provisions.

Jurisdiction

Arizona