It’s another state mandate but one that could provide local officials the impetus to respond to citizens’ clamor for transparency. During the Calvert County Commissioners’ Tuesday, Jan. 31 meeting the Office of the County Attorney conducted a work session on a proposed document retention policy for county government.
Currently, Calvert County Government has nothing etched in stone regarding the management of records such as correspondence, forms, maps, scanned images, security log files and e-mails.
According to Associate County Attorney Pamela R. Lucas, the Annotated Code of Maryland State Government and the Code of Maryland “require every state, county and local government agency to develop a program to efficiently manage its records. This includes the establishment and/or regular revision of records retention and disposition schedules.”
The state’s annotated code defines a “public record” as “the original or any copy of a documentary material that is made by a unit or instrumentality in connection with the transaction of public business.”
Commissioners’ President Gerald W. “Jerry” Clark [R] stated the county government has done document retention in the past. “This just puts it in a more defined policy,” he said.
The issue of e-mails and the appropriate way of protecting anything sent or received electronically prompted most the board’s discussion during the work session. Commissioner Evan K. Slaughenhoupt Jr. [R] questioned a measure written in the “Security” section covering “E-mail Records.” The bullet item states government employees should “refrain from sharing or disclosing their passwords.” Slaughenhoupt indicated “refrain” could create ambiguity and suggested “prohibited” might be a better word.
Commissioner Susan Shaw [R] said she shares such information with Department of Technology personnel. “If it’s your employee or supervisor I don’t think it should be prohibited,” said Shaw.
County Attorney John B. Norris III said the way the measure is currently worded “allows some level of discretion.” Norris added that the password holder should be aware that he or she “is responsible” for any actions by the person to whom the password is given.