Security

Although it is generally recognized that the automation of personnel records improves efficiency and provides valuable information for management, at the same time accessibility of centrally stored machine-readable data increases the risk of unwarranted disclosure of identifiable individual records or other information prohibited under the Privacy Act.

 

In 1973, an ad hoc committee, the Information Control Group, was appointed. The committee consisted of representatives of the CSU, Public Employee's Retirement System, the SCO and the State Personnel Board. The committee chair was a faculty member, Dr. Charles Clark, from California State University, Los Angeles. The committee was responsible for developing policies and procedures regarding the security of data and control of access to the PIMS database. The polices and procedures developed by that group, although amended by subsequent legislation, remain in place today. The guidelines are based on two considerations:

 

The guidelines that have been developed by the Information Control Group assure a high level of confidentiality for personal records while providing enough flexibility to meet the purposes for which the system was established.

 

Today, security for PIMS is administered through the State Controller’s Office, Information Security Office (SCO, ISO).