- (1) The commission shall provide a secure transfer method for an agency to send data to the commission.
- (2) The Commission shall implement and maintain administrative, technical, and physical safeguards necessary to protect the confidentiality of data and to prevent the unauthorized use or access of data.
- (3) The commission shall ensure that data is only accessible to individuals who have an actual and legitimate need to access or use data.
- (4) The commission shall require any agent or subcontractor who may need to access data to agree in writing to be subject to the same restrictions and conditions regarding data as the commission.
(5)(a) The commission shall promptly report to an agency any:
(i) unauthorized access, acquisition, disclosure, loss of access, or destruction of data; or
- (ii) interference with or compromise of the security, confidentiality, availability, or integrity of any computer systems involving data.
- (b) The commission shall take reasonable steps to mitigate the effects of an incident described in Subsection (5)(a).
- (c) The commission shall consult and cooperate with the agency regarding appropriate steps for remediation and any applicable reporting requirements.
KEY: public safety portal, data reporting
Date of Last Change: February 7, 2025
Authorizing, and Implemented or Interpreted Law: 63A-16-1002