(A) Pursuant to the requirements of division (B)(2) of section 1347.15 of the Revised Code, this rule contains a list of valid reasons, directly related to the board's exercise of its powers or duties, for which only employees of the board may access confidential personal information regardless of whether the personal information system is a manual system or computer system.
(B) Any of the following functions normally performed by the board constitute valid reasons for authorized employees of the board to access confidential personal information:
(1) Responding to a public records request;
(2) Responding to a request from an individual for the list of confidential personal information the board maintains on that individual;
(3) Administering either a provision of the United States constitution or a provision of the Ohio constitution that is directly applicable to the operations of the board;
(4) Administering a provision of Chapter 4701. of the Revised Code;
(5) Administering a provision of agency 4701 of the Administrative Code;
(6) Complying with any state or federal program requirements;
(7) Processing or payment of claims;
(8) Auditing purposes;
(9) Licensure processes, including determination of eligibility and filing requirements for the CPA examination, CPA certificate, firm registration, Ohio permit, and Ohio registration.
(10) Investigation or law enforcement purposes;
(11) Administrative hearings;
(12) Litigation, complying with an order of the court, or subpoena;
(13) Human resource matters, including but not limited to, hiring, promotion, demotion, discharge, salary or compensation issues, leave requests or issues, and time card approvals or issues;
(14) Complying with an executive order;
(15) Complying with an official board policy or a state administrative policy issued by the department of administrative services, the office of budget and management or other similar state agency; or
(16) Complying with a collective bargaining agreement provision.
(C) In addition to the general processes described in paragraph (A) of this rule, in the following specific processes of the board, authorized board employees would have valid reasons for accessing confidential personal information:
(1) Investigators, attorneys, and staff may review confidential personal information of individuals who are subject to investigation for alleged misconduct which may result in discipline against a certified public accountant, public accountant, or public accounting firm. These same employees may review confidential personal information of individuals who are not the subject of the investigation, but may be witnesses with information related to the investigation. Confidential personal information may also be reviewed by these employees and members of the board in professional conduct matters which become the subject of administrative hearings.
(2) Board employees may review confidential personal information of students who apply for education assistance commitments or grants for the purpose of carrying out the statutory provisions of that program.
(3) Board employees may review confidential personal information of persons who are selected for the board's continuing education verification program.