Data Practices Policy
Transit Authority Policies and Procedures regarding public access to government data and rights of subject of data.
This policy is adopted to comply with the requirements of the Minnesota Data Practices Act (The Act), Minnesota Statute 13.01, et seq.
II. Responsible Authority
The Minnesota Valley Transit Authority Board of Directors has appointed Beverley Miller as the person who is the Responsible Authority for compliance with the Act. The Responsible Authority may designate any person as her Designee to be in charge of individual files or systems containing government data and to receive and comply with requests for government data.
III. Access To Public Data
All information maintained by the Minnesota Valley Transit Authority (MVTA) is public unless there is a specific statutory designation, which gives it a different classification.
- Individuals entitled to access. Any person has the right to inspect and obtain a copy of public data. The requesting person also has the right to have an explanation of the meaning of the data. The requesting person need not state his or her name or give a reason for the request. However, the MVTA may ask for clarifying information to facilitate access to data.
- Form of request. The request for public data must be made in writing. A request for information relating to litigation should be made through the MVTA attorneys office.
- Time limits. Requests for public data will be received and processed during normal business hours of the MVTA and must be supplied as soon as is reasonably possible.
- Fees. Fees may be charged only if the requesting party asks for a copy or electronic transmittal of the data. If significant time is required, the fee will include the actual cost of searching for, retrieving, and copying or electronically transmitting the data. The fee may not include time necessary to separate public from non-public data. The Responsible Authority may also charge an additional fee if the data has commercial value and is a substantial and discrete portion of or an entire formula, compilation, program, process or system developed with a significant expenditure of public funds. This additional fee must relate to the actual development cost of the information.
In charging a reasonable fee for providing copies of public data, the Responsible Authority shall determine the amount of such fees by taking into account the following factors:
- The cost of materials;
- The cost of labor;
- Any standard copying charges established by the MVTA;
- Any special costs necessary to produce copies from machine based record keeping systems, including but not limited to computers and microfilm systems;
- Mailing costs.
IV. Access To Data On Individuals
Information about individual people is classified by law as public, private or confidential. Information to be incorporated on forms used to collect private and confidential information is also attached at Exhibit A.
- Individuals entitled to access.
- Public information about an individual may be shown or given to anyone.
- Private information about an individual may be given to:
The individual subject of the data, but only once every six months, unless a dispute has arisen or additional data has been collected; A person who has been given access by the express written consent of the individual data subject. The data consent must be on the form attached as Exhibit B, or a form reasonably similar; A person who is authorized access by Federal, State, or local law or court order; People about whom the individual was advised at the time the data were collected. The identity of those people must be made a part of the Tennessen Warning; and Individuals within the MVTA, members of the MVTA Board of Directors, and outside agents (such as attorneys) whose work assignments or responsibilities reasonably require access.
- Confidential information may not be given to the individual subject of the data, but may be shown or given to:
A person who is authorized access by Federal, State, or local law or court order; Individuals within the MVTA, members of MVTA Board of Directors, and outside agents (such at attorneys) whose work assignments or responsibilities reasonably require access.
- Form of request. Any individual may request, in writing, whether the MVTA has stored data about a person and whether that data is classified as public, private or confidential.
An information disclosure request, attached hereto as Exhibit C, must be completed to document who requests and who receives this information. The Responsible Authority or Designee must complete the relevant portions of the form. The Responsible Authority or Designee may waive the release of this form if there is other documentation of the requesting party's identity, the information requested, and the MVTAs response. A request related to litigation should be made through the MVTAs Attorney.
- Identification of requesting party. The Responsible Authority or Designee must verify the identity of the requesting party as the person entitled to access. This can be done through personal knowledge, presentation of written identification, comparison of the data subjects signature on a consent form with the persons signature in MVTAs records, or other reasonable means.
- Time limits. Requests will be received and processed during normal business hours. The response must be immediate, if possible, or within ten (10) working days if an immediate response is not possible.
- Fees. Fees may be charged in the same manner as for public information.
- Summary data. Summary data is statistical records and reports derived from data on individuals but which does not identify an individual by name or reveal any other private or confidential data. Summary data is public. The Responsible Authority or Designee will prepare summary data upon request, if the request is in writing and the requesting party pays for the cost of preparation. The Responsible Authority or Designee will provide an estimate of the costs associated with preparation of the summary data to the requestor. The Responsible Authority or Designee will attempt to notify the requestor of the anticipated time schedule to respond to a request for summary data.
Summary data may be prepared by blacking out personal identifiers, cutting out portions of the records that contain personal identifiers, programming computers to delete personal identifiers, or other reasonable means of removing personal identifiers from summary data.
The Responsible Authority may ask an outside authority or agent to prepare the summary data if: (a) the specific purpose is given in writing (b) the authority or agent agrees not to disclose the private or confidential data, and (c) the Responsible Authority determines that access by the authority or agent does not compromise the privacy of the private or confidential data. The Responsible Authority may use the form attached as Exhibit D.
- Juvenile records. The following applies to private (not confidential) data about individuals under the age of eighteen (18).
- Parental access. In addition to the individuals listed above who may have access to private data, a parent may have access to private information about a juvenile subject. Parent means the parent or legal guardian of a juvenile data subject, or individual acting as a parent or legal guardian in the absence of a parent or legal guardian. The parent is presumed to have this right unless the Responsible Authority or Designee has been given evidence that there is a State law, court order, or other legally binding document which prohibits this right.
- Notice to juvenile. Before requesting private data from juveniles, MVTA personnel must notify the juvenile that he/she may request that their information not be given to their parent(s). This notice shall be in the form attached as Exhibit E.
- Denial of parental access. The Responsible Authority or Designee may deny parental access to private data when the juvenile requests this denial and the Responsible Authority or Designee determines that withholding the data would be in the best interest of the juvenile. The request from the juvenile must be in writing stating the reasons for the request. In determining the best interest of the juvenile, the Responsible Authority or Designee will consider:
Whether the juvenile is of sufficient age and maturity to explain the reasons and understand the consequences;
Whether denying access may protect the juvenile from physical or emotional harm;
Whether there is reasonable grounds to support the juveniles reasons; and
Whether the data concerns medical, dental or other health services provided under Minnesota Statutes Sections ~144.341 to 144.347. If so, the data may be released only if failure to inform the parent would seriously jeopardize the health of the minor.
The Responsible Authority or Designee may also deny parental access without a request from the juvenile under Minnesota Statutes 144.335.
V. Denial of Access
If the Responsible Authority or Designee determines that the requested data is not accessible to the requesting party, the Responsible Authority or Designee must inform the requesting party orally at the time of the request or in writing as soon after that as possible. The Responsible Authority or Designee must place an oral denial in writing upon request. This must also include the specific authority for the denial.
VI. Collection of Data on Individuals
The collection and storage of information about individuals will be limited to that necessary for the administration and management of programs specifically authorized by the state legislature, MVTA Board of Directors, or federal government.
When an individual is asked to supply private or confidential information about himself or herself to MVTA personnel, the MVTA employee requesting the information must give the individual a Tennessen warning. This warning must contain the following:
The purpose and intended use of the requested data;
Whether the individual may refuse or is legally required to supply the requested data;
Any known consequences from supplying or refusing to supply the information; and
The identity of other persons or entities authorized by state or federal law to receive the data.
A Tennessen warning is not required when an individual is requested to supply investigative data to a law enforcement officer.
A Tennessen warning may be on a separate form or may be incorporated into the form which requests the private or confidential data.
VII. Challenge To Data Accuracy
An individual who is the subject of public or private data may contest the accuracy or completeness of that data maintained by the MVTA. The individual must notify the Responsible Authority in writing describing the nature of the contest. Within 30 days, the Responsible Authority or Designee must respond and either (a) correct the data found to be inaccurate or incomplete and attempt to notify past recipients of the inaccurate or incomplete data, including recipients named by the individual, or (b) notify the individual that the Authority believes the data to be correct.
An individual who is dissatisfied with the Responsible Authority's action may appeal to the Commissioner of the Minnesota Department of Administrations, using the contested case procedures under Minnesota Statutes. The Responsible Authority will correct any data if so ordered by the Commissioner.
VIII. Accuracy Of Data
- Accuracy and currency of data.
- Periodically all employees will be requested to provide updated personal information to their appropriate supervisor which is necessary for tax, insurance, emergency notifications, and other personnel purposes.
- Department heads should periodically review forms used to collect data on individuals to delete items that are not necessary and to clarify items that may be ambiguous.
- All collected data is subject to disposal in accordance with the MVTAs records retention schedule.
- Data safeguards.
- Private and confidential information will be stored in files or databases which are not readily accessible to unauthorized individuals during hours when the offices are closed.
- Private and confidential data will be kept only in MVTA offices, except when necessary for MVTA business.
- Only employees whose job responsibilities require them to have access will be allowed access to files and records that contain private and confidential information. These employees will be instructed to:
Not discuss, disclose or otherwise release private or confidential data to anyone whose job responsibilities do not require access to the data;
Not leave private or confidential data where non-authorized individuals may see it; and
Shred private or confidential data before discarding.
- When a contract with an outside party requires access to private or confidential information, the contracting party will be required to use and disseminate the information consistent with the Act. The MVTA may include in a written contract the language contained in Exhibit F.
Data Practices Advisory (Tennessen Warning)
Some or all of the information that you are asked to provide on the attached form is classified by state law as either private or confidential. Private data is information that generally cannot be given to the public, but can be given to the individual subject of the data. Confidential data is information that generally cannot be given to either the public or the individual subject of the data.
Our purpose and intended use of this information is: __________________
You are or are not legally required to provide this information.
If you refuse to supply the information, the following may happen: ______________
Other persons or entities that are authorized by law to receive this information are:
Consent To Release Private Data
I, _____________________, authorize the Minnesota Valley Transit Authority (MVTA) to release (print name) the following private data about me:
to the following person or people:
The person or people receiving the private data may use it only for the following purpose or purposes:
This authorization is dated ______________________ and expires on _______________________ The expiration cannot exceed one year from the date of the authorization, except in the case of authorizations given in connection with applications for life insurance or non-cancelable or guaranteed renewable health insurance and identified as such, two years after the date of the policy.
I agree to give up and waive all claims that I might have against the MVTA, its agents and employees for releasing data pursuant to this request.
Identification: Drivers License, State ID, Passport, other:
O Comparison with signature on file
O Other: ______________________________
Responsible Authority Designee:
- Completed by Requester
Minnesota Valley Transit AuthorityRequest For Information
Minnesota Valley Transit Authority
100 E. Highway 13
Burnsville, MN 55337
Requester Name (Last, First, M.):_____________________________
Date Of Request:_____________________________
Description Of Information Requested:
Completed by:___________________________ Handled By:_____________________________
Information Classified as:
- __Protected Non-Public
- __Approved in Part (Explain Below)
- __Denied (Explain Below) Remarks For basis for denial including statute section
- __# of Pages_________
- __Special Rate (attach explanation)
- __Personal Knowledge
Identity verified for Private Information
- __Drivers License, State ID, Etc.
- Comparison with signature on file
Government Data Access and Nondisclosure Agreement
- Authorization. Minnesota Valley Transit Authority (MVTA) hereby authorizes _________________________________ (Authorized Party) access to the following government data:
- Purpose. Access to this government data is limited to the objective of creating summary data for the following purposes:
- Cost. (Check which applies):
- The Authorized Party is the person who request the summary data and agrees to bear the MVTAs costs associated with the preparation of the data which has been determined to be $________
- The Authorized Party has been requested by the MVTA to prepare summary data and will be paid in accordance with the attached Exhibit A.
- Security. The Authorized Party agrees that it and any employees or agents under its control must protect the privacy interests of individual data subjects in accordance with the terms of this Agreement.
The Authorized Party agrees to remove all unique personal identifiers which could be used to identify any individual from data classified by state or federal law as not public which is obtained from MVTA records and incorporated into reports, summaries, compilations, articles, or any document series of documents.
Data contained in files, records, microfilm, or other storage media maintained by the MVTA are the MVTAs property and are not to leave the MVTAs custody. The Authorized Party agrees not to make reproductions of any data or remove any data from the site where it is provided, if the data can in any way identify an individual.
No data which is not public and which is irrelevant to the purpose stated above will ever be disclosed or communicated to anyone by any means.
The Authorized Party warrants that the following named individual(s) will be the only person(s) to participate in the collection of the data described above:
- Liability For Disclosure: The Authorized Party is liable for any unlawful use or disclosure of government data collected, used and maintained in the exercise of this Agreement and classified as not public under state or federal law. The Authorized Party understands that it may be subject to civil or criminal penalties under those laws.
The Authorized Party agrees to defend, indemnify, and hold the MVTA, its Board of Directors and employees harmless from any liability, claims, damages, costs, judgments, or expenses, including reasonable attorneys fees, resulting directly or indirectly from an act or omission of the Authorized Party, its agents, employees or assignees under this agreement and against all loss by reason of the Authorized Partys failure to fully perform in any respect all obligations under this Agreement.
- Insurance. In order to protect itself as well as the MVTA, the Authorized Party agrees at all times during the term of the Agreement to maintain insurance covering the Authorized Partys activities under this Agreement. The insurance will cover $1,000,000 per claimant for personal injuries and/or damages and $1,000,000 per occurrence. The policy must cover the indemnification obligation specified above.
- Access Period. The Authorized Party may have access to the information described above from ___________________________ to _____________________________
- Survey Results. (Check which applies):
If the Authorized Party is the requester, a copy of all reports, summaries, compilations, articles, publications or any document or series of documents which are created from the information provided under this Agreement must be made available to the MVTA in its entirety.
If the Authorized Party is a contractor of the MVTA, all copies of reports, summaries, compilations, articles, publications or any document or series of documents which are created from the information provided under this Agreement must be provided to the MVTA. The Authorized Party may retain one copy for its own records but may not disclose it without MVTA permission, except in defense of claims brought against it.
Authorized Party: ____________________
Title (if applicable):________________________________
Minnesota Valley Transit Authority
Its: Responsible Authority! Designee
Notice To Persons Under Age Of 18
Some of the information you are asked to provide is classified as private under state law. You have the right to request that some of the information not be given to one or both of your parents or legal guardians. Please complete the form below if you wish to have information withheld.
Your request does not automatically mean that the information will be withheld. State law requires the MVTA to determine if honoring the request would be in your best interest. The MVTA is required to consider:
- Whether you are sufficient age and maturity to explain the reasons and understand the consequences;
- Whether denying access may protect you from physical or emotional harm
- Whether there is reasonable grounds to support your reasons; and
- Whether the data concerns medical, dental, or other health services provided under Minnesota Statutes Sections 144.341 to 144.347. If so, the data may be released only if failure to inform the parent would seriously jeopardize your health.
Notice Given To:______________________ Date:_____
I request that the following information:
Date of birth:
Be withheld from:_____________________________
For these reasons:
Sample Contract Provisions
Data Practices Compliance. Contractor will have access to data collected or maintained by the MVTA to the extent necessary to perform Contractors obligations under this contract. Contractor agrees to maintain all data obtained from the MVTA in the same manner, and under the same classification, as the MVTA is required under the Minnesota Government Data Practices Act, Minnesota Statutes Chapter 13. Contractor will not release or disclose the contents of the data classified as not public to any person except upon written approval by the MVTA. Contractor agrees to defend and indemnify the MVTA from any claim, liability, damage or loss asserted against the MVTA as a result of Contractors failure to comply with the requirements of the Act or this provision. Upon termination of this contract, Contractor agrees to return all data to the MVTA, as requested by the MVTA.