(1) All data suppliers must submit data to the WA-APCD using a secure transfer protocol and transmission approach approved by the office of the state chief information security officer.
(2) All data suppliers must encrypt data using the latest industry standard methods and tools for encryption consistent with the data vendor's requirements for data encryption as required in WAC
182-70-410.
(3) The data vendor must provide a unique set of login credentials for each individual acting on behalf of or at the direction of an active data supplier.
(4) The data vendor must ensure that the data supplier can only use strong passwords consistent with the state standards when securely submitting data or accessing the secure site.
(5) The data vendor must automatically reject and properly dispose of any files from data suppliers that are not properly encrypted.
[Statutory Authority: RCW
41.05.021,
41.05.160 and
43.371.020. WSR 20-08-059, § 182-70-420, filed 3/25/20, effective 4/25/20. WSR 19-24-090, recodified as § 182-70-420, filed 12/3/19, effective 1/1/20. Statutory Authority: Chapter
43.371 RCW. WSR 17-08-079, § 82-75-420, filed 4/4/17, effective 5/5/17.]