MISSISSIPPI LEGISLATURE

2016 Regular Session

To: Accountability, Efficiency, Transparency

By: Senator(s) Jackson (32nd)

Senate Bill 2785

(As Passed the Senate)

AN ACT TO AMEND SECTION 25-53-51, MISSISSIPPI CODE OF 1972, TO REVISE THE QUALIFICATIONS FOR THE POSITION OF INFORMATION CONFIDENTIALITY OFFICER; TO AUTHORIZE THE DEPARTMENT OF INFORMATION TECHNOLOGY SERVICES TO CONDUCT FINGERPRINT-BASED CRIMINAL HISTORY BACKGROUND CHECKS TO CLEAR PERSONNEL FOR ACCESS INTO THE STATE DATA CENTERS; AND FOR RELATED PURPOSES.

     BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MISSISSIPPI:

     SECTION 1.  Section 25-53-51, Mississippi Code of 1972, is amended as follows:

     25-53-51.  (1)  To qualify for the position of information confidentiality officer a person must:

          (a)  Be an employee of a state agency or institution in a position such that his duties require him to handle or process or supervise the handling or processing of data in conjunction with the use of automated information technology equipment for an agency or institution other than that for whom he is regularly employed.

          (b)  Have been continuously employed for a period of at least one hundred eighty (180) days by such agency or institution or have successfully been cleared for employment through an investigation that shall consist of a determination as to good moral character and that the prospective employee has not been convicted of a felony.  In order to determine the applicant's suitability for employment at the Mississippi Department of Information Technology Services, the applicant shall be fingerprinted.  If no disqualifying record is identified at the state level, the fingerprints shall be forwarded by the Mississippi Department of Public Safety to the Federal Bureau of Investigation for a national criminal history record check.  A prospective employee may be provisionally employed based on a reference check by the employing agency pending final receipt of the results of a national criminal history record check for a period not to exceed one hundred eighty (180) days.

          (c)  Successfully complete a suitable instructional course on the subjects of information security, privacy and confidentiality and protection, to be developed and taught under the supervision of the executive director.  An employee may work in a provisional capacity under the direct supervision of an information confidentiality officer as part of an on-the-job training program while completing instructional requirements, for a period not to exceed ninety (90) days.

          (d)  Be duly sworn to the following oath:  "I, ______, do solemnly swear to protect and uphold the confidentiality of all information that may come to my knowledge that is designated as 'confidential information' by another state agency or institution for which I may handle or process in the normal course of my duties.  I swear to exercise reasonable care in the handling and processing of all such designated data and further that I will not reveal or otherwise divulge information from such data obtained.  I understand that proven violation of this oath will subject me to forfeiture of my bond and dismissal from employment."

 * * *  (e)  Enter into bond in the minimum amount of Five Thousand Dollars ($5,000.00) with a surety company authorized to do business in the state, and conditioned to pay the full amount thereof as liquidated damages to any person about whom confidential information is disclosed in violation of his oath.

          ( * * *fe) * * *Be identified by a wallet‑sized identification card with a picture of the person to be carried at all times while on duty  Carry identification at all times while on duty including a wallet-sized identification card and a photo card.

     (2)  In order to maintain appropriate liability insurance necessary to cover damages for any nonmalicious act, the Department of Information Technology Services will work in conjunction with the Tort Claims Board.

     (3)  In order to clear vendors, such as maintenance personnel, security personnel, cleaning personnel, contractors and others vendors with a valid need to gain access into the State Data Centers and campus, the department shall determine these individuals have not been convicted of a felony through a fingerprint-based criminal history background check.  If no disqualifying record is identified at the state level, the fingerprints shall be forwarded by the Department of Public Safety to the Federal Bureau of Investigation for a national criminal history record check.

     SECTION 2.  This act shall take effect and be in force from and after July 1, 2016.