§ 37.23 DEFINITION.
   For the purpose of this subchapter, the following definition shall apply unless the context clearly indicates or requires a different meaning.
   SENSITIVE INFORMATION. Includes the following items whether stored in electronic or printed format:
      (1)   Credit card information, including any of the following:
         (a)   Credit card number (in part or whole);
         (b)   Credit card expiration date;
         (c)   Cardholder name; and
         (d)   Cardholder address.
      (2)   Tax identification numbers, including:
         (a)   Social Security number;
         (b)   Business identification number; and
         (c)   Employer identification numbers.
      (3)   Payroll information, including, among other information:
         (a)   Paychecks; and
         (b)   Pay stubs.
      (4)   Cafeteria plan check requests and associated paperwork;
      (5)   Medical information for any employee or customer, including but not limited to:
         (a)   Doctor names and claims;
         (b)   Insurance claims;
         (c)   Prescriptions; and
         (d)   Any related personal medical information.
      (6)   Other personal information belonging to any customer, employee, or contractor, examples of which include:
         (a)   Date of birth;
         (b)   Address;
         (c)   Phone numbers;
         (d)   Maiden name;
         (e)   Names; and
         (f)   Customer number.
      (7)   Municipal personnel are encouraged to use common sense judgment in securing confidential information to the proper extent. Furthermore, this section should be read in conjunction with the Ohio Public Records Act, being R.C. Chapter 149 and the municipality’s public records policy. If an employee is uncertain of the sensitivity of a particular piece of information, he or she should contact their supervisor.
(Res. 2009-041, passed 11-16-2009)