Legal

Our Company is committed to maintaining the confidentiality of social security numbers it collects with respect to employees. Effective October 1, 2008, it is the policy of the Company to protect the confidentiality of social security numbers obtained in the ordinary course of its business. Our Company restricts access to information or documents containing social security numbers to employees who have a legitimate business reason to access such information or documents. No employee of the Company community shall knowingly obtain, store, transfer, use, disclose, or dispose of a social security number that the Company obtains or possesses except in accordance with this policy. Each department having access to records containing social security numbers shall determine which personnel within their departments have a legitimate reason in the ordinary course of business to have access to such social security numbers. Personnel using records containing social security numbers must take appropriate steps to secure such records when not in immediate use.

Procedure:

1.  Authorized collection and use of social security numbers. This Policy does not prohibit the use of social security numbers where the use is authorized or required by state or federal statute, rule, regulation, or court order or rule, or pursuant to legal discovery or process.

Other legitimate reasons for collecting a social security number include, but are not limited to:

• Applicants for employment may be required to provide a social security number for purposes of a pre-employment background check.
• Copies of social security cards may be obtained for purposes of verifying employee eligibility for employment.
• Social security numbers may be obtained from employees for tax reporting purposes, for new hire reporting or for purposes of enrollment in any employee benefit plans.
• Social security numbers may be obtained from creditors, contractors or vendors for tax reporting purposes.
• Social security numbers may be obtained from employees for benefit payment, to facilitate medical treatment matters and other health care operations.

2.  Prohibited use or display of social security numbers.

a. Public Display. A social security number shall not be placed on identification cards, badges, time cards, employee rosters, bulletin boards, permits, licenses or any other materials or documents designed for public display. Documents, materials or computer screens that display all or more than four sequential digits of a social security number shall be kept out of public view at all times.

b. Account Numbers. The social security number as an individual’s primary employee number or benefit account number shall not be used unless that use has been approved by the Privacy Officer or Human Resources Manager of the Company.

c. Mailed Documents. No member of the Company community shall mail a document containing the social security number of an employee other individual except in the following circumstances:

• State or federal law, rule, regulation, or court order or rule authorizes, permits, or requires that the social security number appear in the document.
• As part of an application or enrollment process initiated by the individual for benefits, governmental assistance or mortgages;
• To establish, confirm the status of, service, amend, or terminate an account, contract, policy, or employee or health insurance benefit, or to confirm the accuracy of a social security number of an individual who has an account, contract, policy, or employee or health insurance benefit.
• The document is mailed by or at the request of the individual whose social security number appears in the document or at the request of his/her parent or legal guardian.
• The document is mailed in a manner or for a purpose consistent with Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act or the Connecticut Insurance Code.
• The document is mailed in connection with an ongoing administrative use to do any of the following:
• Verify an individual’s identity, identify an individual, or accomplish another similar administrative purpose related to an existing or proposed account, transaction, product, service, or employment.
• Investigate an individual’s claim, credit, criminal, or driving history.
• Detect, prevent, or deter identity theft or another crime.
• Lawfully pursue or enforce the Company’s legal rights.
• Provide or administer employee or health insurance benefits, claims, or retirement programs.

Documents containing all or more than four sequential digits of a social security number, that are sent through the mail, shall not reveal the number through the envelope window or otherwise be visible from outside the envelope or package.

3. Employee Identification Numbers. Social Security numbers shall not be used as the principle employee time records number.

4. Computer Transmission. No more than four sequential digits of a social security number shall be used or transmitted on the Internet or on a computer system or network unless the connection is secure or the transmission is encrypted.

5. Storage. All documents containing social security numbers shall be stored in a physically secure manner. Social security numbers shall not be stored on computers or other electronic devices that are not secured against unauthorized access.

6. Laptop Computers. All laptop computers which transported off the premises of the Company may not contain social security numbers, protected health information, individualized credit information or tax identification. Social security numbers shall not be stored on computers or other electronic devices that are not secured against unauthorized access.

7. Disposal. Documents containing social security numbers will be retained in accordance with the requirements of state and federal laws and the Company’s record retention policy. At such time as documents containing social security numbers may be disposed of, such disposal shall be accomplished in a manner that protects the confidentiality of the social security numbers, such as shredding.

8. Unauthorized use or disclosure of social security numbers. The Company shall take reasonable measures to enforce this privacy policy and to correct and prevent the reoccurrence of any known violations. Any employee who knowingly obtains, uses or discloses social security numbers for unlawful purposes or contrary to the requirements of this privacy policy shall be subject to discipline up to and including discharge. Additionally, certain violations of the Act carry criminal and/or civil sanctions. The Company will cooperate with appropriate law enforcement or administrative agencies in the apprehension and prosecution of any person who knowingly obtains, uses or discloses social security numbers through the Company for unlawful purposes.