(b) Any failure to maintain the confidentiality of client-identifiable
information shall subject such comptroller or officer to denial of any
further access to records until such time as the audit agency has
reviewed its procedures concerning controls and prohibitions imposed on
the dissemination of such information and has taken all reasonable and
appropriate steps to eliminate such lapses in maintaining
confidentiality to the satisfaction of the department. The department
shall establish the grounds for denial of access to records contained
under this section and shall recommend as necessary a plan of
remediation to the audit agency. Except as provided in this section,
nothing in this subdivision shall be construed as limiting the powers of
such comptroller or officer to access records which he is otherwise
authorized to audit or obtain under any other applicable provision of
law. Any person given access to information pursuant to this subdivision
who releases data or information to persons or agencies not authorized
to receive such information shall be guilty of a class A misdemeanor.
Structure New York Laws