PDFWAC 182-70-470

State oversight of compliance with privacy and security requirements.

In order to ensure compliance with privacy and security requirements and procedures, the authority or the office of chief information officer or both may request from the lead organization any or all of the following:
(1) Audit logs pertaining to accessing the WA-APCD data;
(2) Completion of a security design review as required by Washington state IT security standards;
(3) Documentation of compliance with OCIO security policy (OCIO policy 141.10 Securing information technology assets standards);
(4) All data use agreements.
[Statutory Authority: RCW 41.05.021, 41.05.160 and 43.371.020. WSR 20-08-059, § 182-70-470, filed 3/25/20, effective 4/25/20. WSR 19-24-090, recodified as § 182-70-470, filed 12/3/19, effective 1/1/20. Statutory Authority: Chapter 43.371 RCW. WSR 17-08-079, § 82-75-470, filed 4/4/17, effective 5/5/17.]