Can I ignore my obligations as a service provider with access to personal information in New Mexico? What are the requirements?

Based on the documents provided, as a service provider with access to personal information in New Mexico, you cannot ignore your obligations. You are required to implement and maintain reasonable security procedures and practices appropriate to the nature of the personal identifying information and to protect it from unauthorized access, destruction, use, modification or disclosure ^[1.1][1.3]. Additionally, you must arrange for proper disposal of the records containing personal identifying information when they are no longer reasonably needed for business purposes ^[1.2].

Furthermore, you are responsible for all public access line charges associated with the provision of institutional operator service, paying all required regulatory fees to the commission, and repairing, servicing, and maintaining in good repair the institutional phones through which you provide service ^[2.1]. You must also comply with reporting requirements, including reporting the number and percentage of calls initiated from an institutional phone with a duration of sixty (60) seconds or less by correctional institution for the preceding calendar year, and complaints received about the service provided in New Mexico during the preceding calendar year ^[2.2].

Ignoring these obligations may result in legal consequences. Therefore, it is important to comply with the requirements outlined in the relevant documents.

Source(s):

• [1.1] Service provider use of personal identifying information; implementation of security measures.
• [2.1] RESPONSIBILITIES OF THE INSTITUTIONAL OPERATOR SERVICE PROVIDER
• [1.2] Disposal of personal identifying information.
• [1.3] Security measures for storage of personal identifying information.
• [2.2] REPORTING REQUIREMENTS

Jurisdiction

New Mexico

• Privacy