Helen Jones-Kelley receives 30 day unpaid suspension
This in from the office of Governor Strickland:
Governor Ted Strickland issued the following statement today:
“Helen Jones-Kelley has dedicated her life to helping the most vulnerable among us. She is recognized nationally as an expert in the field of foster care and she has worked commendably for many years as an advocate for children, families and workers in her native Montgomery County and the state of Ohio. I value her contributions to the state and her local community.
“However, I accept the Inspector General’s judgment that there was not an adequate business purpose for the searches in question. I also accept his determination that her personal Blackberry was inappropriately synchronized, resulting in emails she perceived to be personal being transmitted through governmental email resources. Therefore, today I have issued a one-month unpaid suspension for Director Helen Jones-Kelley. Additionally, I am issuing a management directive – applicable to all state agencies, boards and commissions – regarding the proper use of state databases to help ensure that a situation such as this never happens again.”
The full text of the governor’s management directive is pasted below:
Management Directive
November 20, 2008
Accessing Sensitive Personal Information Maintained by the State
1. Protecting the Privacy of Ohioans. The State of Ohio is dedicated to developing and implementing technology standards that enhance and ensure the privacy and security of Ohio’s citizens who have information that is stored in the State’s data systems. To that end, this Directive will set forth those procedures that all executive agencies, boards and commissions (collectively, “State Agencies”) will implement to ensure that this information will only be accessed to clearly advance a specific, legitimate governmental objective. The policies and procedures outlined in this Directive are in no way intended to constrict the public’s access to public records as provided by Ohio law.
2. The State Can and Should Improve Existing Data Privacy Safeguards. This Management Directive seeks to develop means of protecting non-public data, by ensuring that agencies have implemented privacy-ensuring strategies that safeguard Ohio citizens’ personal information within their control. At a minimum, those safeguards should be based on the following principles:
a. No non-public data maintained by any State Agency should be accessed without the use of a password that expires after 180 days;
b. The director of each State Agency should make an affirmative determination of what employee positions receive a password that authorizes access to non-public information, as well as why access by such employees advances a legitimate business need;
c. Each State Agency should have a standard for accessing data based on that agency’s ability to articulate that the access is necessary to clearly advance a specific, legitimate governmental objective, and
d. Each State Agency should keep a log that details with respect to each access of non-public information:
i. Who accessed the information and whether the person who accessed the information was authorized to do so;
ii. What information was accessed and for what specific, legitimate governmental objective the information was accessed;
iii. When the information was accessed.
3. Definition of “Sensitive Personal Information”. As used in this Directive, “sensitive personal information” means non-public personal information that describes anything about a person; that indicates actions done by or to a person; that indicates that a person possesses certain personal characteristics; that contains, and can be retrieved from a system by a name or identifying number assigned to a person; and/or that carries a higher risk to the subjects of the information, if such information is misused or placed in the wrong hands. Examples of “sensitive personal information” may include the following when they are maintained in the State’s data systems and are not available under Ohio Public Records Law:
a. Data related to an individual’s educational, financial, health/medical, criminal or employment history;
b. Social security numbers;
c. Federal tax identification numbers; or
d. Financial account numbers.
4. Establishing Policies Regarding Access to Sensitive Personal Information. In Executive Order 2007-13S, I ordered all State Agency Directors to designate a Data Privacy Point of Contact (DPPOC), within their respective agency, to work with the State’s Chief Privacy Officer in order to ensure that Ohioans’ personal data are properly protected. Accordingly, in the State’s continuing effort to assure Ohioans that sensitive personal information collected by and provided to the State is handled with the utmost care and regard, I hereby direct the DPPOC for each State Agency to ensure that the following is completed by March 31, 2009:
a. Documentation of the sensitive personal information maintained by the State Agency, the database(s) in which that information resides and the labeling of information accordingly;
b. In consultation with the respective Chief Legal Counsel for the DPPOC’s State Agency, or the person acting in that capacity for the agency, the establishment and maintenance of a catalog of laws and administrative regulations and policies, both at the state and federal levels, that govern the storage, use and distribution of sensitive personal information;
c. In consultation with the respective Chief Legal Counsel for the DPPOC’s State Agency or the person acting in that capacity for the agency, as well as the State’s Chief Privacy Officer, establishment of written policies that specifically address when sensitive personal information under the agency’s control, may be accessed and how it may be used. Each agency’s written policy should include, but not be limited to:
i. The identification and/or description of employee positions within each agency that require access to sensitive personal information so that only those who need to, have access to such information;
ii. The identification and/or description of the types of sensitive personal information that is properly accessed by particular employee positions;
iii. Procedures that ensure that review of sensitive personal information is limited to instances in which access will clearly advance a specific, legitimate governmental objective. In developing these procedures, non-public sensitive personal information should only be accessed by personnel expressly authorized to do so and only when there is a concrete and articulable reason to believe that personal privacy concerns associated with sensitive personal information are outweighed by the specific, legitimate governmental objective advanced by accessing the sensitive personal information;
iv. The establishment of prohibitions against using or accessing sensitive personal information for impermissible purposes and the consequences for doing so;
v. The establishment of an annual review of the business need and legal basis for collecting sensitive personal information, in an effort to eliminate the necessity of collecting that information whenever possible.
d. Completion of a Privacy Impact Assessment Form to be developed by the Office of Information Technology and posted on the web by December 1. The Form should assist Agencies in complying with this Directive and should help them assess the risks and effects of collecting, maintaining and disseminating information, as well as privacy protection processes designed to mitigate potential privacy risks.
e. If a DPPOC is unable to complete the policies outlined in this Directive by March 31, 2009, because of human resource and/or financial constraints caused by Ohio’s current budget crisis, then the DPPOC for that agency must report to the director of the Agency by March 31, 2009, the status of the implementation of this Directive, the date by which implementation of the Directive is expected to be completed. Each Agency Director shall be responsible for assuring that this Directive is fully implemented in a timely manner.
No word yet on the others also mentioned in the Inspector General’s report:
November 20th, 2008 at 7:00 pmThey need to get the other haters as well as the kelly “lady”.
November 20th, 2008 at 7:15 pmShe should be fired, this is a mere slap on the wrist.
November 20th, 2008 at 8:01 pmLooks to me as if Gov. Strickland is entirely too tolerant of the growing culture of corruption within his administration.
November 20th, 2008 at 9:31 pmThis is not exactly the type of leadership promised by these folks. One committed a criminal act, lied about it, tried to get others to cover it up and then gets a suspension. If this would have happened during the last adminstration is there any doubt about the hue and cry that would have from the democrats?
November 21st, 2008 at 8:17 amYea, most of your democrats are hypocrites.
November 21st, 2008 at 8:38 amI remember Governor Strickland making a big deal about ethics when he ran for office. Must have put all that on the back burner for now.
November 21st, 2008 at 8:44 amEthics are important to democrats only if it is a republican not doing it.
November 21st, 2008 at 8:49 amThis is an outrage. This woman should be fired!
Where is the ACLU? A private citizen’s rights were violated by a government agency and the governor gives those involved a slap on the wrist. Well Joe the Plumber doesn’t fit the agenda of the ACLU. It wouldn’t surprise me if the ACLU chose to defend Helen Jones Kelley in all of this.
November 21st, 2008 at 9:11 amThe gov said this, “Helen Jones-Kelley has dedicated her life to helping the most vulnerable among us.”
This is so funny and ironic. Joe was in the most vulnerable position imaginable, at the mercy of a powerful government official, and she attempted to destroy him. LOL
November 21st, 2008 at 9:47 amThey were not able to prove what was done with the information that Jones-Kelley and others ordered or did search out. That said, it’s easy to see that some of the information reported in the media and on the blogs came from somewhere. I’m not sure if they did not dig deeper into state email addresses to find where it went from there or if those involved were smarter than Jones-Kelley when it came to not using a state email address and a state computer to share information.
All I do know is that as soon as the video of the question hit the media, before the debate had even begun, Ohio bloggers as well as others were looking for dirt on him to discredit him. Considering the way I’ve learned things work in this election, someone leaked this information.
November 21st, 2008 at 9:54 amEveryone envolved….from Jones-Kelly on down must be fired.
We don’t need Big Brother/Sister in Columbus.
November 21st, 2008 at 1:40 pm#4 – yup.
This is a snapshot into how our government uses our data. You can be absolutely certain that this is not the only person that this has happened to. This administration will be one that it is safest not to be noticed.
November 21st, 2008 at 3:24 pmAt least it took Republicans nearly a decade to develop into corrupt, thieving crooks! The Democrats seemingly couldn’t wait to get their hands on power to use the system for corrupt ends!
First Dann, now Strickland. I wonder how many newly elected members of the General Assembly will be run out of Columbus before the end of their first terms.
November 21st, 2008 at 5:12 pmI don’t think any party can try to lay claim to not being corrupt, the problem comes in when you run on a platform claiming you will end it and then don’t. Which only becomes a real issue if people actually demand accountability.
November 21st, 2008 at 6:35 pmExactly! And Teddy and the boys and girls who hold statewide office promised to end the “Culture of Corruption”.
Now we see them perpetuating it.
Plus, I think if I keep saying “culture of corruption” enough times, people will start believing it. It worked for the Democrats.
Culture of corruption.
Did I say culture of corruption?
November 21st, 2008 at 8:50 pmI believe that at least one law was broken during this intrusive attack on a private citizen. Any bets that the local democrat prosecutor will be charging anyone?
November 22nd, 2008 at 9:55 amAccording to an article in the Columbus Dispatch…three people have been fired in the last three years for improperly accessing taxpayer’s information. So much for the ethical standards of this current bunch.
November 22nd, 2008 at 10:10 amAh comparative reasoning and dispersal of accountability.
It does not matter that others have done wrong in the past. You can address the wrong doing of a person in a specific instance without bringing in the whole history of the world as a defense.
If three other people were fired for doing the same thing in the last three years – is this a defense of this person in this instance?
No, it isn’t. What it is, is a condemnation on the current administration – if – they don’t have the stones to step up and fire this woman for doing the same thing that three others were allegedly fired for by the prior administration.
November 22nd, 2008 at 1:30 pmI agree with Brian – Culture Of Corruption.
November 24th, 2008 at 9:36 amIf she were not protected from several different standpoints (figure it out for yourself), she would have been fired. End of story & nothing new. But this is definitely hypocritical and she definitely broke the law. We have just weathered 8 years of a national republican administration brazenly behaving as if it were above the law, any law. “Signing statements” replaced law, and barely a whimper was heard from the vast majority of Americans.
But the fact that a Democrat governor who got his job mainly due to Ohioans being tired of just that attitude, is doing the same thing and making the same kind of ridiculously lame excuses as bush&company make, should inform anyone who doesn’t already know it… that there isn’t a dimes worth of difference between the major political parties.
November 25th, 2008 at 7:33 pmShe needs to dedicate her life to something more fitting for her extensive work and goal to raise money for the Obama candidacy. She is more suited to work for ACORN and for Obama’s campaign.
Please remove her and put her in a job that will makeher happy and fulfillher better passion for PresidentElect. She has lost the trust of families in this state.
December 10th, 2008 at 12:59 am