In Romania, access to information classified as state secret is allowed, with the observance of the need-to-know principle, only to those individuals who have personnel security clearances or access authorizations, valid for the secrecy level of information required for carrying out their duties.
When protecting classified information, a distinction should be made between national and NATO classified information. This page contains references related to the procedures for granting access to national classified information.
The procedures for granting access to NATO classified information are described on a separate page.
In order to provide access to national classified information to its own personnel, each authority or public body, originator or holder of such information, shall:
• draw up a list with information classified as state secret and endorse it by Government Decision;
• draw up a list of positions which need access to information classified as state secret;
• clear and authorize the personnel designated to take up such positions.
The list with information classified as state secret, worked out or held by any organization, shall be drawn up in accordance with the provisions of art.17 of Law no.182/2002 which defines the content of the information belonging to this category. The secrecy levels which will be assigned to this category of information shall be established in compliance with the mandates stipulated in art.19 of the same law.
The list containing information classified as state secret, on secrecy levels, shall be endorsed by Government Decision. Any updating of this list shall also be endorsed by Government Decision.
For the correct and unitary classification of the information classified as state secret, each organization that works out or deals with such information shall draw up classification guidelines.
When drawing up the list of positions requiring access to information classified as state secret, the head of the organization shall take account of the individuals that belong to the security structure (who are to be issued security clearances), the employees who, by virtue of their assignments, shall handle information classified as state secret (who will be issued access authorizations to classified information), and the maintenance and cleaning personnel that can only indirectly have access to classified information (also based on the access authorizations). The secrecy level of information at which each employee is going to have access will also be mentioned on the list.
The list with classified information (after endorsement by GD) and the list with positions requiring access to classified information (approved by the head of the organization) shall be communicated to ORNISS and to the bodies which are assigned tasks of setting up specialized protective measures for the classified information.
The security clearance (GD no. 585/2002, Annex no.12) or the access authorization to classified information (GD no. 585/2002, Annex no.13) are issued only based on the confirmation of the Designated Security Authority (DSA), following the clearance of the individual with his/her written consent. The individual for whom the access to information classified as state secret is required shall state his/her approval for the conducting of the clearance in a written statement, given in the presence of the security officer at the same time with the presentation of the special form filled in according to the classification level of the information (GD no. 585/2002, Annexes no. 15-17).
The granting of the security clearance or of the access authorization to classified information, depending on the secrecy level, is conditioned by the confirmation of the Designated Security Authority and ORNISS’s decision transmitted to the requiring organization.
In view of issuing the security clearances / access authorizations, the head of the organization requires ORNISS in writing (GD no. 585/2002, Annex no.14) to carry out the security vetting of the individual who is to be granted access to information classified as state secret.
The applications for conducting the security vetting with a view to authorize the issuance of the security clearances / access authorizations for information classified as state secret shall be placed in conformity with the secrecy level of the information to which the individuals are to be granted access by virtue of their assignments. Depending on the level of secrecy of the information, the categories of individuals are shown below.
1. In order to provide access to information classified SECRET (CONFIDENTIAL), consideration shall be given to those individuals who:
• when performing their assignments, handle data and information of SECRET (CONFIDENTIAL) level;
• belong to the executive or maintenance and cleaning personnel and consequently may come into contact with data and information of such level;
• are supposed to handle data and information of SECRET (CONFIDENTIAL) level, owing to the position they hold;
• are not supposed to be promoted professionally if they do not have access to such information.
2. In order to issue the security clearances / access authorizations for information classified STRICT SECRET (SECRET), the vetting procedures shall be conducted on individuals who:
• when performing their assignments, handle data and information of STRICT SECRET (SECRET) level;
• belong to the executive or maintenance and cleaning personnel and consequently may come into contact with data and information of such level;
• are supposed to handle data and information of STRICT SECRET (SECRET) level, owing to the position they hold;
• are supposed not to be promoted professionally if they do not have access to such information.
3. In order to issue the security clearances / access authorizations for information classified STRICT SECRET DE IMPORTAN ŢĂ DEOSEBITĂ (COSMIC TOP SECRET), the vetting procedures shall be conducted on the individuals who:
• in performing their assignments, handle data and information of STRICT SECRET DE IMPORTANŢĂ DEOSEBITĂ (COSMIC TOP SECRET) level;
• belong to the executive or maintenance and cleaning personnel and, consequently, may come into contact with data and information of such level;
The application to start the vetting procedures for the issuance of the security clearance / access authorization for information classified as state secret will be accompanied by the special Personnel Security Forms (GD no. 585/2002, Annex no. 15-17) corresponding to the secrecy level of that information, filled in by the individual concerned and enclosed in separate, sealed envelope.
The security structure / officer is bound to supply the special personnel security forms corresponding to the level of access for which the issuance of the security clearance / access authorization is required for the concerned individual, and to give support in filling them in.
Within 7 (seven) working days from the receipt of the request, ORNISS shall send the application to start the vetting procedures (GD no. 585/2002, Annex 19) together with the sealed envelope containing the special Personnel Security Forms duly filled in, to the designated security authority (DSA). Once it has received the forms, the competent authority shall conduct the vetting within the provisions of the law.
Depending on the secrecy level of the information for which security authorization is required, the periods of time during which the answer can be given by the competent authority conducting the vetting are:
• for access to STRICT SECRET DE IMPORTAN ŢĂ DEOSEBITĂ (COSMIC TOP SECRET) information – 90 working days;
• for access to STRICT SECRET (SECRET) information – 60 working days;
• for access to SECRET (CONFIDENTIAL) information – 30 working days.
Should any data of security risks for any secrecy level appear during the vetting, a supplementary vetting shall be conducted, using the methods and means specific to the organizations with assignments in the field of national security.
In the case of the above-mentioned supplementary vetting, the periods of time for conducting the vetting shall be extended accordingly.
In case security risks are identified, the DSA shall assess whether they represent an impediment to granting the security authorization.
Should any elements relevant to the protection of information classified as state secret appear, the security interests shall prevail when deciding to grant the security authorization.
The vetting procedures for granting access to information classified as state secret are aimed at identifying the security risks relevant to the management of this kind of information.
Regarding the confirmation procedures, a special attention will be paid to those individuals who:
• are going to have access to STRICT SECRET (SECRET) and STRICT SECRET DE IMPORTANŢĂ DEOSEBITĂ (COSMIC TOP SECRET) information;
• have positions which require permanent access to a large volume of information classified as state secret;
• may be vulnerable to hostile actions due to the positions they are going to be appointed in, the relations environment and the former working place.
The necessity for confirmation shall be assessed based on the vetting and background enquiries of the individual concerned.
The main criteria for assessing the compatibility of an individual to be granted the personnel security clearance / access authorization take into consideration aspects of character and circumstances which may give rise to potential security risks and vulnerabilities.
The character, professional or social conduct, outlook and environment of the member’s spouse or concubine are relevant and should be taken into account when granting him/her the security clearance.
The following circumstances are considered elements of incompatibility for being granted access to information classified as state secret when the applicant or his/her spouse/concubine:
• has committed or attempted to commit, conspired with or aided and abetted another to commit any act of espionage, terrorism, treason or other deeds considered to be offences against the state security;
• has attempted, sustained, participated in, cooperated and supported espionage or terrorism activities, or has supported individuals suspected of having committed such crimes or who are members of organizations or foreign nations, inimical to our rightful laws;
• is or was a member of any organization that sought or is seeking to overthrow the constitutional law by violent, subversive or other unlawful means;
• is or has been a supporter of any organization described at letter c) above, or who is or has recently been closely associated with members of such organizations in a way that may arise strong suspicions related to the person’s trustworthiness and loyalty;
The applicant is incompatible to be granted access to information classified as state secret if he:
• has deliberately withheld, misinterpreted or falsified important information for the national security or has lied in completing the personnel security form or during the security interview;
• has a criminal record or has been sanctioned for minor offences which show tendencies related to delinquency;
• has serious financial difficulties or there is a significant difference between his living standard and his legally earned income;
• has a history of alcohol abuse or is dependent of alcohol, drugs or other substances forbidden by law;
• has or had promiscuous behaviour, sexual misconduct which may give rise to the risk of vulnerability to blackmail or pressure;
• has demonstrated unreliability, dishonesty, incorrectness or indiscretion;
• has infringed the regulations on the protection of classified information;
• is suffering or has suffered from any illness or mental condition which may cause significant defects in his judgement, and was confirmed by medical investigation conducted with the applicant’s consent;
• may be liable to pressure through relatives or close persons who could be vulnerable to foreign intelligence services whose interests are hostile for Romania and its allies;
After conducting the vetting within the period of time mentioned above, DSA shall transmit, in writing, to ORNISS (GD no. 585/2002, Annex no. 20) the confirmation of granting the personnel security clearance / access authority to classified information.
Within 7 (seven) working days since the receipt of the answer from the competent security authority, ORNISS shall decide on granting the personnel security clearance / access authorization to information classified as state secret and shall consequently inform the applicant organization (GD no. 585/2002, Annex no.21).
The decision on granting the personnel security clearance / access authorization shall be based on all the available information and shall take account of:
• the indisputable loyalty of the individual;
• the character, habits, relations and discretion of the individual who guarantees on:
• the correct management of the information classified as state secret;
• the necessity of unaccompanied access to security compartments, premises, areas and places where there is information classified as state secret;
• the observance of the regulations related to the protection of information classified as state secret within his/her field of activity.
The note informing about ORNISS’ decision shall be made in three copies, out of which one is sent to the applicant’s organization and the second to the organization which conducted the vetting.
Having obtained the confirmation, the head of the applicant organization will issue the personnel security clearance / access authorization to the individual concerned, after prior notification of ORNISS (GD no. 585/2002, Annex no.22).
The head of the organization shall notify ORNISS about the issuance of the personnel security clearance or access authorization to each employee who manages classified information.
The personnel security clearance / access authorization is issued in two original copies, one being kept by the security structure/officer and the other will be sent to ORNISS which shall inform the designated authority that conducted the vetting.
The individuals who are issued personnel security clearances or access authorizations shall be briefed, both at their awarding and periodically, on the regulations related to the protection of classified information. The briefing will be carried out by the security structure/officer.
The security structure/officer will note down the briefing in the individual’s training file (GD no. 585/2002, Annex no. 2).
Each individual who has been issued a personnel security clearance / access authorization shall sign a confidentiality commitment (GD no. 585/2002, Annex no.3).
The security structure/officer from the organization managing information classified as state secret ensures its safekeeping and sets out the inventory, permanently updated, of the personnel security clearances and access authorizations to classified information (GD no. 585/2002, Annex no.18).
The head of the organization endorses the lists with the vetted personnel, approved to manage information classified as state secret and the inventory of the holders of the personnel security clearances and access authorizations which are transmited to the authorities designated, according to the law, to coordinate the activity and the control of the protective measures for classified information.
The validity of the personnel security clearance / access authorization issued to an individual is up to four years; during this period the vetting procedures may be resumed at any time, in circumstances which require revalidation of the approval on the access to information classified as state secret. Revalidation of the access to classified information entails vetting the owner of the personnel security clearance/access authorization again for its maintenance or withdrawal.
At the request of the organization where the individual works or at ORNISS’ request revalidation is possible, under any of the following circumstances:
• when, in fulfilling his/her duties, the holder of PSC needs access to information of a higher level;
• when the validity period of the personnel security clearance /access authorization previously owned, expires;
• when there are changes in the identity data of the owner;
• when there are security risks as to the compatibility of the access to classified information.
When requesting the revalidation, a new personnel security clearance / access authority shall not be issued under the following circumstances:
• when there are disparities between the data declared in the special Personnel Security Forms and the real ones;
• when, during the validity period of the personnel security clearance/access authorization, security risks were noticed;
• when ORNISS specifically requires this.
The revalidation of the access to information classified as state secret involves the same activities as for the granting of the initial security confirmation, and the vetting shall be conducted only for the period of time elapsed since the issuance of the previous personnel security clearance or access authorization.
The personnel security clearance or the access authority is no more valid and shall be withdrawn under the following circumstances:
• at ORNISS’ request;
• upon decision of the head of the organization that issued the personnel security clearance /access authorization;
• at the request of the competent designated security authorities;
• when the owner leaves the organization or changes the job within the organization, if the new job does not involve handling information classified as state secret;
• when changing the level of access;
At the same time with the withdrawal of the personnel security clearance under the circumstances a) to d) above, the employee will also be denied access to information classified as state secret, with the notification of ORNISS by the head of the organization.
Having taken the decision of withdrawal, the organization shall request ORNISS to return the copy no. 2 of the personnel security clearance/access authorization; after drawing up a report, both copies will be destroyed.
Under exceptional circumstances, determined by crises, calamities or unforeseeable events, the head of the organization may grant temporary access to classified information to the individuals who do not hold personnel security clearance or access authorization, on condition that an appropriate accountability system is provided.
The individuals who are granted temporary access to information classified as state secret shall sign a confidentiality commitment and shall be notified at ORNISS as soon as possible, so that the vetting procedures should be carried out. In case of cosmic top secret information, temporary access shall be granted, as far as possible, to the individuals who already have personnel security clearance for access to secret and confidential information.
The foreign citizens, the Romanian citizens having double-citizenship, as well as the stateless individuals may have access to information classified as state secret with the observance of the need-to-know principle and of conventions, protocols, agreements and other arrangements concluded in compliance with the law.
The individuals from the above-mentioned categories shall be cleared and approved according to the provisions set out in GD no. 585/2002, at the request of the head of the organization where they are going to develop activities that require access to information classified as state secret.
The head of the organization shall issue to the individuals concerned an access authorization corresponding to the secrecy level of the information to which they are to have access, valid only for the period when the joint activities took place, based on ORNISS’ approval.
The individuals from the above-mentioned categories who develop activities of technical assistance, consultancy, scientific cooperation or specialization shall wear distinct badges from those of the personnel and shall be permanently accompanied by individuals specially designated by the management of the organization concerned.
The head of the organization is bound to strictly limit the areas and premises where the individuals concerned can have access and shall set up measures to prevent their presence in other places where information classified as state secret is managed.
Accesul personalului la informaţiile secrete de serviciu este permis numai în baza autorizaţiei scrise emise de conducătorul unităţii (HG nr. 781/2002, Anexa nr. 2).
Evidenţa autorizaţiilor de acces la informaţii secrete de serviciu se ţine centralizat de structura/funcţionarul de securitate în Registrul pentru evidenţa autorizaţiilor de acces la informaţii secrete de serviciu (HG nr. 781/2002, Anexa nr. 3).
In order to be issued an authorization for access to information classified restricted, the individual, who is to take a position involving access to such information, shall submit to the security structure/officer, in accordance with the law, recommendations and references on the honesty and professionalism from senior managers whom they report to directly or from authorized representatives of other legal bodies, as the case may be, and shall sign a confidentiality commitment.
After verifying the authenticity of the above mentioned documents, the security structure/officer submits to the head of the organization proposals related to the necessity of issuing the access authorization to information classified restricted.
Withdrawal of the access authorization to information classified restricted shall be done by the head of the organization holding it under the following circumstances:
• when the working relations cease between the organization and the owner of the authorization or when the owner is no more a public person;
• when the tasks specific to the position of the holder of the authorization do not involve access to such information any more;
• when the owner of the authorization has infringed the regulations on the protection of restricted information.
After the authorization for access to restricted information has been withdrawn, the security structure/officer will destroy it.
Access of foreign citizens, of Romanian citizens with dual-citizenship, as well as of stateless persons to restricted information is allowed under the provisions of the National Standards for the protection of classified information in Romania (GD no. 585/2002), based on a special access authorization.
This material was drawn up based on the provisions of the following legal documents:
• Law no. 182/12.04.2002 on the protection of classified information, published in the Official Journal of Romania, Part I, no. 248 of 12.04.2002;
• Government Decision no. 781/25.07.2002 on the protection of restricted information , published in the Official Journal of Romania, Part I, no.575of 05.08.2002;
• Government Decision no. 585/13.06.2002 on the endorsement of National Standards for the protection of classified information in Romania, published in the Official Journal of Romania, Part I, no.485 of 05.07.2002;