Executive Order

Executive Order No. 412: To protect the privacy of personal information

Date: 06/23/1999
Issuer: Jane Swift, Acting Governor
Mass Register: No. 873
Revoked by: Executive Order 504

Table of Contents

WHEREAS, state government agencies in the course of discharging their duties may be required to collect, review, store and disseminate personal information that identifies and relates to individuals; and

WHEREAS, the people of Massachusetts have a right to expect that personal information relating to them is used only for the purposes necessary and intended by the agency, is securely stored, and is disseminated no more widely than necessary; and

WHEREAS, the capability to transmit and access personal information has greatly increased with the development of information technology and therefore the potential for improper dissemination of such information has also greatly increased; and

WHEREAS, it is prudent to ensure that procedures within state government agencies to protect the security of personal information and to limit the collection and dissemination of personal information have kept pace with these technological advances; and

WHEREAS, employees of state government agencies are entitled to know their employer's privacy policy with respect to use of agency equipment, including telephones and computers:

NOW THEREFORE, I, Jane Swift, Acting Governor of the Commonwealth of Massachusetts, by virtue of the authority vested in me as Supreme Executive Magistrate, do hereby order as follows:

  1. Each secretariat, office, agency, department, board, commission, or other body within the Executive Department (hereinafter "agency") shall promptly undertake a review of its practices for the collection, storage and dissemination of information that relates to and identifies individuals.
  2. As part of said review, each agency shall determine the minimum quantity of personal information necessary to perform its functions.
  3. Each agency shall, as necessary, amend its practices for the collection of personal information to ensure that only the minimum quantity of personal information necessary for the agency to perform its functions is collected. Each agency shall also review the security of personal information it has in its possession and develop procedures to ensure that personal information is not improperly disseminated or accessed. Finally, each agency. shall, as necessary, amend its practices for the dissemination of personal information to ensure that only those data necessary to the function of the agency, or to the function of the receiving entity, are disseminated.
  4. Each agency shall certify to the Executive Office for Administration and Finance by November 1, 1999, that it has examined and, as necessary, amended its data collection practices so as to limit the collection and dissemination of personal information to minimum levels necessary for the functions of the agency and that it has taken necessary steps to ensure the security and confidentiality of personal information in its possession.
  5. Each agency shall develop and post a policy regarding employee expectations of privacy, especially as those expectations relate to use of agency equipment such as telephones and computers.
  6. Independent authorities are encouraged to comply with this Executive Order.

Given at the Executive Chamber in Boston this 23rd day of June, one thousand nine hundred and ninety-nine.

Jane Swift
Acting Governor

William Francis Galvin
Secretary of the Commonwealth

Contact for No. 412: To protect the privacy of personal information

Feedback