Unauthorised access to e-office data will invite penal action in J&K
Jammu: Unauthorised personnel, if found, “accessing data from e-office files and references”, will invite disciplinary as well as penal action in J&K.
Unauthorised access includes (but is not limited to) “viewing, copying, sharing or disseminating such data without proper clearance.”
The unauthorised access to sensitive data is a breach of extant Information Technology rules and is treated as penal offence under chapter XI of the Information Technology (IT) Act 2000.
All officers or officials working on the e-office platform have been strictly prohibited from “accessing any sensitive data for which they do not have explicit authorization from the designated or competent authority.”
In this connection, the departments have been asked to conduct “audit trails to determine sensitive events and pattern analysis to indicate possible fraudulent use or unauthorized access to the system data.” They have also been authorized to “proceed in terms of extant legal provisions against such breach of access.”
Even those officers or officials, who have been transferred out of the Civil Secretariat or left their respective departments or organization and no longer need access to e-office, will not get any “access to their previous accounts.”
The Information Technology department has been asked to further institute procedures for Users Accounts Management, Data Resource Protection and Sensitive System Protection in line with the IT Act within a week. It will also submit monthly reports regarding unauthorized access, if any, to the General Administration Department (GAD).
Validating this set of instructions, Commissioner Secretary General Administration Department Sanjeev Verma stated that the government of Jammu and Kashmir rolled out implementation of e-office across all offices for efficient conduct of government business.
“To maintain the security and confidentiality of sensitive official information, and ensuring compliance with data protection regulations as enshrined in the IT Act of 2000 read with Information Technology Security Guidelines notified by the Ministry of Electronics and Information Technology, Government of India under the said Act, it has been felt necessary to prohibit unauthorized personnel from accessing data from e-office files and references,” he asserted.
Verma reiterated that any instance of unauthorized access would, therefore, be liable for disciplinary as well as penal action under the relevant provisions of law.
The departments will have to notify the Information Technology department about all such personnel, who have been transferred out of secretariat or left their respective departments or organization and no longer need access to e-office, within a day.
As per the circular instructions, the Information Technology department will immediately proceed to bar such officers or officials from accessing e-office from their previous offices or place of posting in the Secretariat or other organisations.
All departments have been asked to designate a Nodal officer for liaisoning with the Information Technology department, in future, with regard to such officers or officials, whose accounts need to be closed on account of their transfer or superannuation etc., so that their accounts are closed or suspended on time.
