(a) The Executive Director shall develop a pension
system security policy to protect member information, including electronic
data.
(b) The local board annually shall review the pension
system security policy and implement processes with respect to accessing
the participating department's information in the pension system's
online database which protect member information, including electronic
data.
(c) At a meeting of the local board, the local board
shall designate at least two (2) users who are approved by the local
board to have access to the participating department's information
in the pension system's online database. Using forms provided by the
pension system and certified by signature of the local board chair,
the local board shall report to the Executive Director the required
information for each of the local board's approved users. At a meeting
of the local board no later than the last day of February of each
calendar year, the local board shall designate and approve two (or
more) users and report the approved user information to the Executive
Director in the manner prescribed by the Executive Director.
(d) The Executive Director shall authorize access to
the pension system's online database only to users who complete a
confidentiality agreement.
(e) Authorized users' confidentiality agreements under
this section remain in effect until the last day of February of each
calendar year or until the local board chair provides the Executive
Director a written revocation of an authorized user's local board
approval to maintain member records through access to the pension
system's online database.
(f) If an authorized user's local board approval is
revoked, the local board shall fill the vacancy for the remainder
of the calendar year by the procedure in which the user was originally
approved.
(g) All user access to the pension system's online
database is subject to the Executive Director's approval and may be
terminated at any time.
|