Skip Maine state header navigation

Agencies | Online Services | Help

DEPARTMENT OF ADMINISTRATIVE & FINANCIAL SERVICES
Bureau of Human Resources
April 29, 2005

HUMAN RESOURCES MEMORANDUM 7-05

TO: Donald Williams, HR Director, Health & Human Services
Sue Bell, Acting HR Director, Labor
Patricia Beaudoin, HR Director, Administrative & Financial Services
SUBJECT: Pilot Implementation of Personnel Security Protocols - June 1, 2005 through August 31, 2005


Human Resource Memorandum 7-05 is intended to implement a three-month pilot of the proposed human resource related component of agency information security policies. The pilot will be conducted at the Department of Health and Human Services; the Department of Labor; and the Maine Revenue Service, Department of Administrative and Financial Services. Upon completion of the pilot, a final human resource component will be developed that may be adopted by agencies to fulfill the human resource related component of agency information security policies.

The procedures provided in this policy are intended to ensure public confidence, security, and that the State Government workforce is appropriately qualified and credentialed. These recommendations are an integral component of an information security initiative developed by the Office of the Chief Information Officer. It is anticipated that each agency will, in the near future, develop agency-specific information security protocols that are consistent with the State of Maine Information Technology Security Policy.1

This memorandum was developed by a team of human resource professionals from the Bureau of Human Resources, the Maine Department of Health and Human Services, the Maine Department of Labor, and the Maine Department of Administrative and Financial Services. This team will periodically convene to address emerging personnel security issues and concerns to ensure that the personnel security remains a viable component of the State’s overall information security effort. Following completion of the pilot, the final personnel security policy will be issued as a Civil Service Bulletin.

1The State of Maine Information Technology Security Policy “. . . provides a uniform set of information technology security policies, standards and general guidelines for every State Department, Agency, Board, Bureau, Commission, and Authority which are required to comply with Maine Revised Statute Annotated (MSRA) Title 5, Chapter 158, § 1871 - 1896. All Maine State Government entities, unless specifically exempted, are required to abide by the policies hereby established. All users (employees, contractors, vendors, and other parties) are expected to understand and abide by them.” 

 

SECTION 1.1 SECURITY IN JOB DEFINITION AND RESOURCING

 

1.1.1 SECURITY IN JOB RESPONSIBILITIES

1.1.1.a Classification specifications will include:

1.1.1.b Job postings will include:

1.1.1.c State of Maine application(s) for employment will include affirmations developed by the Bureau of Human Resources.

1.1.2 PERSONNEL SCREENING AND POLICY

Verification of information pertaining to applicants and new employees is a responsibility that is shared by the Bureau of Human Resources and appointing authorities. BHR is responsible to ensure that applications are complete, with the appropriate verifications left to agency interview/selection panels and the agency HR division.

All selections should be considered conditional until all prescribed verifications for a particular position are completed . All verifications must be completed prior to the end of the probationary period.

1.1.2.a Employment Application

1.1.2.b Employment References

1.1.2.c Resumes/Vitae

1.1.2.d Academic Qualifications

* The term “personnel file” is not specifically defined in Civil Service Law or Civil Service Rules. The CS Law, 5 MRSA, §7071 defines what records the Director, BHR is required to maintain. These requirements are further defined in CS Rules, Chapter 14. It is these records that constitute the “personnel file” within the state service. The official “personnel file” is maintained at the Bureau of Human Resources. Agency personnel files are considered an extension of the official personnel file, subject to the provisions of the 5 MRSA, § 7070 and §7071.

1.1.2.e Licenses/Certifications

1.1.2.f Background Checks

1.1.2.h Information to Applicant Prior to Employment Interview

1.1.2.i Written Job Offer

1.1.2.j Administration

1.1.3 CONFIDENTIALITY AGREEMENTS

Confidentiality agreements are intended to ensure that information designated confidential by law or rule is not improperly released to unauthorized persons. Confidentiality agreements inform an employee of his or her responsibilities with respect to the confidentiality of information and the potential consequences of the improper release of records.

Although maintaining the confidentiality of information remains an important responsibility of each State employee, the guiding principles articulated in 1 MRSA, Chapter 13, with respect to public access to public records should always be considered in the conduct of State business.

1.1.3.a In the event that an employee is unsure as to whether information should be released, supervisory and or legal guidance should be obtained prior to the release of the information requested.

1.1.3.b Prior to starting work, every employee of the State of Maine, regardless of employee status, is required to read, agree to, and sign a confidentiality agreement provided by the Bureau of Human Resources. This agreement will be included in the employee’s personnel file.

1.1.3.c Individual agencies may have additional confidentiality agreements that are specific to the agency, bureau, division, or other appropriate mission. Such additional confidentiality agreements will also be included in the employee’s personnel file.

1.1.3.d In the event that an employee changes work location, whether on a temporary or permanent basis, an HR representative must ensure that an appropriate agency confidentiality agreement is agreed to and signed by the employee.

1.1.4 TERMS AND CONDITIONS OF EMPLOYMENT

6.1.4.a Individual employees are responsible for information security within the purview of their employment.

6.1.4.b Maine law provides that under some circumstances, Executive Branch employees who leave state service may be disqualified from participation in certain matters. Employees should refer to 5 MRSA, §18 for guidance in this regard.

Section 1.2 USER TRAINING

1.2.1 INFORMATION SECURITY EDUCATION AND TRAINING

Information security responsibilities and protocols will be incorporated into new employee and management training.

1.2.1.a Information security included in mandatory New Employee Orientation (NEO)

1.2.1.b Information security included in mandatory Managing in State Government (MSG) training

.2.1.c Information security overview included in on-line BHR Policy and Procedures Manual



S/ Frank A. Johnson
Frank A. Johnson, Acting Director
Bureau of Human Resources

FAJ/pjs