Can I use third-party collaboration tools that collect personal information in Mississippi? What are the requirements?

Based on the documents provided, there are specific requirements for the submission and handling of personal information and proprietary information by public agencies in Mississippi.

Requirements for Submission of Personal Information

According to MSCO 25-62-3, public agencies are prohibited from requiring certain Section 501(c) entities to provide personal information. If a public agency possesses personal information, it cannot release, publicize, or otherwise disclose that personal information without the express written permission of every identified member, supporter, volunteer, or donor of the Section 501(c) entity as well as the Section 501(c) entity that received their membership, support, volunteer time, or donations. Personal information is also exempt from disclosure under the Mississippi Public Records Act.

Requirements for Submission of Proprietary Information

According to 30 MSAC Part 603 Chapter 5 Rule 5.1, to be deemed proprietary information, a producing party must place the term “CONFIDENTIAL” on the cover of any document containing proprietary information and clearly and specifically mark all proprietary information contained in the document. The producing party must also provide satisfactory proof that the information is competitive and sensitive and its disclosure could be harmful to the producing party.

Use of Third-Party Collaboration Tools

There is no specific information in the provided documents regarding the use of third-party collaboration tools that collect personal information in Mississippi. However, public agencies must follow the requirements for the submission and handling of personal information and proprietary information as outlined in the documents. Therefore, if a public agency uses third-party collaboration tools that collect personal information, they must ensure that the personal information is handled in accordance with the requirements outlined in MSCO 25-62-3.

Additionally, if the third-party collaboration tool is used to submit proprietary information, the producing party must follow the requirements outlined in 30 MSAC Part 603 Chapter 5 Rule 5.1.

It is recommended that public agencies develop a policy that defines the use of personal devices on state systems, including third-party collaboration tools. The policy should require those devices to be subject to the same security requirements as state-owned devices and include information describing how personal devices may be monitored and agency expectations regarding user cooperation in the investigation of a security breach related to state information where the personal device is a potential source for the breach.

Therefore, if a public agency uses third-party collaboration tools that collect personal information, they must ensure that the personal information is handled in accordance with the requirements outlined in MSCO 25-62-3. If the third-party collaboration tool is used to submit proprietary information, the producing party must follow the requirements outlined in 30 MSAC Part 603 Chapter 5 Rule 5.1. It is also recommended that public agencies develop a policy that defines the use of personal devices on state systems, including third-party collaboration tools.

Jurisdiction

Mississippi

• Privacy