ODNR Home | Jobs | Contact ODNR

Wildlife

Parks

Boating

Nature Preserves

Forests

Soil & Water

Recycling

Mineral Resources

Geology

Offices

Director, James Zehringer


Ohio Department of Natural Resources - Logging of Confidential Personal Information

HR SERVICES

HR LINKS

CALENDAR

LOGGING OF CONFIDENTIAL PERSONAL INFORMATION (Senior Staff Only)

PDF Link

Effective

April 1, 2010

Purpose

To set forth departmental policy to ensure uniformity and consistency in how access to Sensitive/Confidential information is logged by senior staff employees.

Authority

Statewide Information Technology Policy
ITP B.1
ITP B.7
ITB-2007.02

Reference

ORC 149.43
ORC 1347.01
ORC 1347.15

Resource

Office of Information Technology

Background

The State of Ohio is dedicated to developing and implementing information access policies and controls that enhance and ensure the privacy and security of Ohio's citizens who have information stored in the State's personal information systems. In November 2008 and April 2009, Governor Strickland issued Management Directives to Ohio’s executive agencies, boards and commissions (collectively, "state agencies") directing them to undertake certain steps designed to lead to the full implementation of sections 1347.15 and 5703.211 of the Ohio Revised Code.

The Ohio Department of Natural Resources (ODNR) is continuing their efforts to fully implement ORC section 1347.15, including executing agency implementation plans, evaluating personal information systems, developing information access policies, and finalizing administrative rules governing information use and access.

As ODNR continues to move toward full implementation of the law, this Interim Policy on Logging Access to Confidential Personal Information has been developed to ensure that the procedures for logging senior officials’ access to CPI are implemented in a standardized fashion across state agencies.

Policy

While the Department of Natural Resources works toward compliance with section 1347.15 of the Revised Code, the following policy will be adopted with regard to recording access to confidential personal information by senior officials. At a minimum, each senior official of a state agency, board and commission who accesses or directs an employee of the agency to access confidential personal information (CPI) from a personal information system shall record that specific access whenever it is specifically directed toward a specifically named individual or a group of specifically named individuals. Each employee covered by this policy shall record the access in a standard log(s) adopted by the agency. Consistent with section 1347.15 of the Revised Code, access to CPI that occurs as a result of a request of the person whose information is being accessed is not required to be recorded. Also, access to CPI that is not targeted to a specifically named individual or a group of specifically named individuals is not required to be recorded.

This policy applies to senior officials of executive branch agencies, boards and commissions that fall under the authority of the Governor. For purposes of this policy, senior officials include anyone whose appointing authority is the Governor, and any assistant directors and deputy directors who report to a gubernatorial appointee. It also includes board and commission members who are appointed by the Governor.

A personal information system is a system of record that contains all of the following attributes:

It is a group or collection of records that are kept in an organized manner in either electronic or paper formats. (See the definition of “system” in ORC 1347.01(F))
It contains “personal information” which is a person’s name or other identifier (such as SSN or driver’s license number) associated with any information that describes anything about a person or indicates that a person possesses certain personal characteristics. (See the definition of “personal information” in ORC 1347.01(E))
Personal information is retrieved from the system by name or other identifier. (See the definition of “system” in ORC 1347.01(F))
The agency has ownership of, control over, responsibility for, or accountability for that system of record. (See the definition of “maintains” in ORC 1347.01(D))

“Confidential Personal Information” for the purposes of this policy is personal information that the law prohibits the agency from releasing. Examples of personal information that may fall within the scope of CPI – depending on agency specific legal requirements – include Social Security Numbers, medical diagnoses, benefit related information, certain information relating to children and income tax information in certain circumstances. (See also the definition of “confidential personal information” in ORC 1347.15(A)(1) and “public records” in ORC 149.43)

“Access,” for the purposes of this policy, means the retrieval of confidential personal information from a personal information system by name or personal identifier so that CPI is viewed, or so that CPI is copied or retained outside of the personal information system.

Exclusions

In limited circumstances, routine information that is maintained for the purpose of internal office administration, the use of which would not adversely affect a person. This applies primarily to internal human resource records on employees as long as the information would not “adversely affect a person.” This type of information is not considered part of a personal information “system” under ORC 1347.01(F). Routine information does not require logging.

Logging Information

The record of access shall be maintained in a log. Each log shall contain the following information:

Information Recorded in Logs	Description
Name of the Personal Information System	Name of the personal information system from which a person’s confidential personal information (CPI) is being viewed or otherwise retrieved by name or personal identifier.
Date	The date of the access. Note: The format should be standardized, such as DD-MM-YYYY or MM-DD-YYYY. “DD” means date; “MM” means month; and “YYYY” means year.
Time	The time of the access occurred (HH:MM for manual logs; HH:MM:SS for automated logs). Note: If the log is automated, it should capture U.S. Eastern Time as the default or Greenwich Mean Time with the offset. “HH” means hour; “MM” means minute; and “SS” means second.
Name of the State Official Accessing CPI	The name of the senior official accessing or attempting to access CPI in the personal information system. Note: A system username is sufficient as long as the username is associated only with a single user who is the director, assistant director or deputy director accessing CPI directly or indirectly.
Identification of the Person Whose CPI was Accessed	The name or identifier of the person whose CPI was accessed. Note: When possible, do not record identifiers that are considered confidential such as Social Security Number, but record an identifier that is not confidential.

Logging Procedure

This procedure provides direction for the creation and retention of an annual CPI Log for each member of the senior staff. Each senior staff member shall make entries into the CPI Log (Appendix A) as needed. Every time there is access required to CPI as defined in this policy, the appropriate entry shall be made in the CPI Log. To comply with the policy please adhere to the following procedure:

Complete the entry in the Ohio Department of Natural Resources - CPI Log as needed throughout the calendar year (see Appendix A).
On December 31st of each year, initial and date the log and send the original to the Office of Information Technology (OIT). Each senior staff member must initial, date, and submit a CPI log at the end of each calendar year even if the log contains no entries.
The Office of Information Technology will retain the CPI Logs for two years from the time they are submitted.

Annual Log of Access of Confidential Personal Information (pdf)