My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
WA ST Dept of Revenue 3/10/2022
>
Contracts
>
Agreement
>
Technology
>
WA ST Dept of Revenue 3/10/2022
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/1/2022 10:58:57 AM
Creation date
4/1/2022 10:58:36 AM
Metadata
Fields
Template:
Contracts
Contractor's Name
WA ST Dept of Revenue
Approval Date
3/10/2022
End Date
3/31/2027
Department
Finance
Department Project Manager
Susy Haugen
Subject / Project Title
Data Sharing for Tax/Licensing Information
Tracking Number
0003283
Total Compensation
$0.00
Contract Type
Agreement
Contract Subtype
Technology
Retention Period
6 Years Then Destroy
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
17
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DOR Contract No. K2052 <br /> B. Data storage on portable devices or media. <br /> 1) Department data stored on portable devices shall be given the following <br /> protections: <br /> a) Encrypt the data. <br /> b) Control access to portable devices with a unique user ID and complex password, <br /> passphrase, or stronger authentication method such as a physical token or <br /> biometrics. <br /> c) Control access to encrypted portable media with a unique complex password, <br /> passphrase, or stronger authentication method such as a physical token or <br /> biometrics. <br /> d) Manually lock devices whenever they are left unattended or set devices to lock <br /> automatically after a period of inactivity, if this feature is available. Maximum <br /> period of inactivity is 20 minutes. <br /> e) Physically protect the portable device(s) and/or media by: <br /> I. Keeping them in locked storage when not in use; <br /> II. Using check-in/check-out procedures when they are shared; and <br /> III. Taking periodic inventories. <br /> 2) When being transported outside of a secure physical location, portable devices and <br /> media with confidential Department data must be under the physical control of City <br /> staff with authorization to access the data. <br /> 3) Optical disks kept in secure physical locations do not require encryption. <br /> C. Cloud Storage <br /> 1) Encrypt the data at rest and in transit. <br /> 2) Control access to the cloud environment with a unique user ID and complex <br /> password, passphrase, or stronger authentication method such as a physical token <br /> or biometrics. <br /> 3) Cloud provider data center(s) and systems must be Service Organization Control <br /> (SOC) 2 Type II certified. <br /> D. Protection of Data in Transit <br /> The City agrees that any retransmission of Department data over a network, other than <br /> the City's internal business network, will be encrypted. <br /> XIV. Data Segregation <br /> Department data must be segregated or otherwise distinguishable from non-Department data. <br /> This is to ensure that if the data is breached through unauthorized access it can be reported to <br /> the Department and when the data is no longer needed by the City, all Department data can be <br /> identified for return or destruction. <br /> CITY DATA SHARING AGREEMENT Page 8 <br />
The URL can be used to link to this page
Your browser does not support the video tag.