RSA 507-H:9 De-Identifed Data.

Title: LII - ACTIONS, PROCESS, AND SERVICE OF PROCESS Chapter: 507-H - EXPECTATION OF PRIVACY

I. Any controller in possession of de-identified data shall:
(a) Take reasonable measures to ensure that the data cannot be associated with an individual;
(b) Publicly commit to maintaining and using de-identified data without attempting to reidentify the data; and
(c) Contractually obligate any recipients of the deidentified data to comply with all provisions of this chapter.
II. Nothing in this chapter shall be construed to:
(a) Require a controller or processor to re-identify de-identified data or pseudonymous data; or
(b) Maintain data in identifiable form, or collect, obtain, retain or access any data or technology, in order to be capable of associating an authenticated consumer request with personal data.
III. Nothing in this chapter s

Log in to read the full statute text and search all NH RSAs.

Read Full Statute