Can I use third-party project management tools that collect personal information in New Jersey? What are the requirements?

Using Third-Party Project Management Tools that Collect Personal Information in New Jersey

Based on the provided context documents, there are no specific requirements for using third-party project management tools that collect personal information in New Jersey. However, businesses using such tools must comply with New Jersey’s data privacy laws, including the New Jersey Consumer Fraud Act and the New Jersey Identity Theft Prevention Act. These laws require businesses to take reasonable measures to protect personal information from unauthorized access, use, and disclosure.

It is recommended that businesses using third-party project management tools that collect personal information conduct a thorough review of the tool’s privacy policies and terms of service to ensure compliance with applicable laws and regulations.

If the third-party administrator is subject to licensure or registration, they must comply with the application filing requirements outlined in NJAC 11:23-2.2, which includes submitting a biographical affidavit and a statement of any criminal convictions or civil, enforcement or regulatory action taken or pending against any of the persons responsible for conducting the affairs of the applicant or the applicant’s affiliates. Additionally, the applicant must provide a description of the quality assurance procedures established by the applicant, which may include procedures for protecting personal information.

If the third-party administrator is not subject to licensure or registration, they are not required to comply with NJAC 11:23-2.2. However, they must still comply with New Jersey’s data privacy laws.

It is important to note that businesses using third-party project management tools for State-funded projects must comply with audit and recordkeeping requirements outlined in NJAC 16:63-6.1. These requirements include keeping records that fully disclose the amount and disposition of the proceeds of the aid, the total cost of the plan or program in connection with which the grant is given or used, and the amount and nature of that portion of the cost of the plan or program supplied by other sources. Additionally, the Commission or any duly authorized representatives shall have access to any books, documents, papers, and records that are pertinent to aid received under this chapter, for the purpose of audit and examination.

In summary, businesses using third-party project management tools that collect personal information in New Jersey must comply with New Jersey’s data privacy laws and conduct a thorough review of the tool’s privacy policies and terms of service. If the third-party administrator is subject to licensure or registration, they must also comply with NJAC 11:23-2.2. For State-funded projects, businesses must comply with audit and recordkeeping requirements outlined in NJAC 16:63-6.1.

Jurisdiction

New Jersey

• Privacy