Skip to main content
Home Button Home Button Home Button
This website publishes administrative rules on their effective dates, as designated by the adopting state agencies, colleges, and universities.

Rule 5101:9-9-37 | Data system security.

Ohio Administrative Code
/
5101:9
/
Chapter 5101:9-9 | Federal Tax Return Information Safeguarding Procedures
 
This is an Internal Management (IM) rule governing the day-to-day staff procedures and operations within an agency.
Effective:
December 5, 2025
Promulgated Under:
111.15
PDF:
Download Authenticated PDF
 

To help secure departmental data, all county and state employees and contractors (hereafter referred to as 'user' or 'users') who access data systems maintained by or on behalf of the Ohio department of job and family services (ODJFS) via the private or public network, must follow the restrictions and requirements listed in this rule.

(A) Users must comply with requirements and restrictions listed on the JFS 07078 ("Code of Responsibility") form (whether signed in paper or digital form) and JFS user attestation.

(B) The JFS 07078 is required for every new user accessing the system, and for making changes to an existing user's access.

(C) An original signed JFS 07078 hard copy form must be submitted to ODJFS with every county request for a user-ID or user access to ODJFS networks.

(D) The digital JFS user attestation located on MyOhio and accessed with a system user identification (system user-ID or SUID, also known as an Ohio ID or OHID), must be acknowledged by all users, both at the time access is requested for that user, and each year thereafter.

(E) The content of the JFS 07078 and user attestation are managed by the ODJFS office of information services, and county agencies are prohibited from modifying the JFS 07078 form or user attestation.

(F) Users are responsible for system inquiries and activities executed with their OHID, so users must limit inquiries and activities to work-related purposes, and are only permitted to access the files or information that are needed to perform their own job.

(G) To help prevent unauthorized access to ODJFS systems or data, users must create strong passwords that follow DAS password standards found at https://das.ohio.gov/technology-and-strategy/policies/2100-01, and are prohibited from sharing their OHID password with anyone else.

(H) Work terminals and work-provided computers, tablets, and smartphones must never be left unsecured when logged onto the ODJFS network or device.

(I) In addition to the JFS 07078 and user attestation, users shall comply with the data security and privacy provisions contained in IPP 3001 (information security), IPP 3922 (code of responsibility), and IPP 10002 (computer and information systems usage), all of which can be found in ODJFS's intranet policy library.

Last updated December 5, 2025 at 7:16 AM

Supplemental Information

Authorized By: 5101.02, 329.04
Amplifies: 5101.02, 329.04
Five Year Review Date:
Prior Effective Dates: 3/18/1988 (Emer.), 6/10/1988, 6/15/1998, 7/1/2005, 1/1/2016, 7/1/2021