- (1) All data suppliers must submit data to the WA-APCD using a secure transfer protocol and transmission approach approved by the office of the state chief information security officer.
- (2) All data suppliers must encrypt data using the latest industry standard methods and tools for encryption consistent with the data vendor's requirements for data encryption as required in WAC 182-70-410.
- (3) The data vendor must provide a unique set of login credentials for each individual acting on behalf of or at the direction of an active data supplier.
- (4) The data vendor must ensure that the data supplier can only use strong passwords consistent with the state standards when securely submitting data or accessing the secure site.
- (5) The data vendor must automatically reject and properly dispose of any files from data suppliers that are not properly encrypted.
[Statutory Authority: RCW 41.05.021, 41.05.160 and 43.371.020. WSR 20-08-059, § 182-70-420, filed 3/25/20, effective 4/25/20. WSR 19-24-090, recodified as § 182-70-420, filed 12/3/19, effective 1/1/20. Statutory Authority: Chapter 43.371 RCW. WSR 17-08-079, § 82-75-420, filed 4/4/17, effective 5/5/17.]