(1) To qualify for the position of information confidentiality officer a person must:
(a) Be an employee of a state agency or institution in a position such that his duties require him to handle or process or supervise the handling or processing of data in conjunction with the use of automated information technology equipment for an agency or institution other than that for whom he is regularly employed.
(b) Have been continuously employed for a period of at least one hundred eighty (180) days by such agency or institution or have successfully been cleared for employment through an investigation that shall consist of a determination as to good moral character and that the prospective employee has not been convicted of a felony. In order to determine the applicant’s suitability for employment at the Mississippi Department of Information Technology Services, the applicant shall be fingerprinted. If no disqualifying record is identified at the state level, the fingerprints shall be forwarded by the Mississippi Department of Public Safety to the Federal Bureau of Investigation for a national criminal history record check. A prospective employee may be provisionally employed based on a reference check by the employing agency pending final receipt of the results of a national criminal history record check for a period not to exceed one hundred eighty (180) days.
(c) Successfully complete a suitable instructional course on the subjects of information security, privacy and confidentiality and protection, to be developed and taught under the supervision of the executive director. An employee may work in a provisional capacity under the direct supervision of an information confidentiality officer as part of an on-the-job training program while completing instructional requirements, for a period not to exceed ninety (90) days.
(d) Be duly sworn to the following oath: “I, ____, do solemnly swear to protect and uphold the confidentiality of all information that may come to my knowledge that is designated as ‘confidential information’ by another state agency or institution for which I may handle or process in the normal course of my duties. I swear to exercise reasonable care in the handling and processing of all such designated data and further that I will not reveal or otherwise divulge information from such data obtained. I understand that proven violation of this oath will subject me to forfeiture of my bond and dismissal from employment.”
(2) In order to maintain appropriate liability insurance necessary to cover damages for any nonmalicious act, the Department of Information Technology Services will work in conjunction with the Tort Claims Board.
(3) In order to clear vendors, such as maintenance personnel, security personnel, cleaning personnel, contractors and other vendors with a valid need to gain access into the State Data Centers and campus, the department shall determine these individuals have not been convicted of a felony through a fingerprint-based criminal history background check. If no disqualifying record is identified at the state level, the fingerprints shall be forwarded by the Department of Public Safety to the Federal Bureau of Investigation for a national criminal history record check.