Can I collect third-party data from participants in California? What are the requirements?

Collecting Third-Party Data in California

In California, collecting third-party data is subject to certain requirements. The California Code of Regulations provides guidelines for submitting confidential data ^[2.1]. Any person submitting records containing data claimed to be “trade secret” or otherwise exempt from disclosure under Government Code Section 6254 or 6254.7 or under other applicable provisions of law shall, at the time of submission, identify in writing the portions of the records containing such data as “confidential” and shall provide the name, address, and telephone number of the individual to be contacted if the state board receives a request for disclosure of or seeks to disclose the data claimed to be confidential.

Additionally, data files that are submitted to the data portal must meet the file intake specifications detailed in the Data Submission Guide ^[1.3]. Registered submitters will be notified within 3 business days of submission whether a data file has been accepted or rejected. Plans shall submit data files monthly through the data portal ^[1.5].

Therefore, if you plan to collect third-party data in California, you must ensure that the data is not exempt from disclosure and that you follow the guidelines for submitting confidential data. You must also ensure that the data files meet the file intake specifications and are submitted through the data portal.

Please note that this is not an exhaustive list of requirements and you should consult with a legal professional for more information.

Source(s):

• [2.1] Submissions of Confidential Data.
• [1.3] Data Acceptance.
• [1.5] Monthly Data Submission.

Jurisdiction

California

• Privacy