3.979 DATA CLASSIFICATION AND DISCLOSURE.
    Subdivision 1. Data practices. The legislative auditor is subject to the Government Data
Practices Act, chapter 13, and shall protect from unlawful disclosure data classified as not public.
If data provided by the legislative auditor to the commission is disseminated by the commission
or its members or agents in violation of section 13.05, subdivision 4, the commission is subject to
liability under section 13.08, subdivisions 1 and 3.
    Subd. 2. Access to data by commission members. Members of the commission have access
to data that is collected or used by the legislative auditor and classified as not public or as private
or confidential only as authorized by resolution of the commission. The commission may not
authorize its members to have access to private or confidential data on individuals collected or
used in connection with the collection of any tax.
    Subd. 3. Audit data. (a) "Audit" as used in this subdivision means a financial audit, review,
program evaluation, best practices review, or investigation. Data relating to an audit are not public
or with respect to data on individuals are confidential until the final report of the audit has been
released by the legislative auditor or the audit is no longer being actively pursued. Upon release
of a final audit report by the legislative auditor, data relating to an audit are public except data
otherwise classified as not public.
(b) Data related to an audit but not published in the audit report and that the legislative auditor
reasonably believes will be used in litigation are not public and with respect to data on individuals
are confidential until the litigation has been completed or is no longer being actively pursued.
(c) Data on individuals that could reasonably be used to determine the identity of an
individual supplying data for an audit are private if the data supplied by the individual were
needed for an audit and the individual would not have provided the data to the legislative auditor
without an assurance that the individual's identity would remain private, or the legislative auditor
reasonably believes that the subject would not have provided the data.
(d) The definitions of terms provided in section 13.02 apply for purposes of this subdivision.
    Subd. 4. Review of data; data protection. If, before releasing a report, the legislative
auditor provides a person with data relating to the audit for the purpose of review and verification
of the data, the person must protect the data from unlawful disclosure or be subject to the penalties
and liabilities provided in sections 13.08 and 13.09.
    Subd. 5.[Repealed, 2006 c 262 s 2]
History: 1973 c 492 s 12; 1973 c 720 s 76 subd 2; 1975 c 204 s 90; 1980 c 484 s 1-3; 1981
c 311 s 39; 1982 c 545 s 24; 1983 c 317 s 1; 1985 c 248 s 70; 1986 c 444; 1988 c 469 art 1 s
1; 1989 c 351 s 1; 1991 c 345 art 1 s 38; 1993 c 4 s 5; 1994 c 632 art 3 s 15; 1997 c 184 s
1; 1999 c 99 s 23; 1Sp2001 c 10 art 2 s 11