Laserfiche WebLink
City of Tukwila My WebLink |HelpSearch Tips |About |Sign Out
DOR Contract Number: K1687 <br />EXHIBIT A <br />CONFIDENTIALITY AND DATA SHARING <br />AGREEMENT <br />I. Purpose and Scope <br />The following provisions establish the terms under which the Department of Revenue ("Revenue") and <br />Partner will share confidential data pursuant to the Business Licensing Services Agreement (the <br />"Agreement"). <br />II. Definitions <br />A. "Confidential Licensing Information" (CLI) has the same meaning as "Licensing Information" <br />under Revised Code of Washington (RCW) 19.02.115(1)(b). CLI is classified as at least Category <br />3 data under Washington's Standard for Securing Information Technology Assets, Office of the <br />Chief Information Officer (OCIO) Standard No. 141.10. <br />B. "Confidential Tax Information" (CTI) has the same meaning as "Return," "Tax Information," and <br />"Taxpayer Identity" under RCW 82.32.330(b), (c), & (e). CTI is classified as at least Category 3 <br />data under Washington's Standard for Securing Information Technology Assets, OCIO Standard <br />No. 141.10. <br />C. "Confidential" refers to data classified as at least Category 3 data under Washington's Standard <br />for Securing Information Technology Assets, OCIO Standard No. 141.10. <br />D. "Portable Devices" refers to small portable computing devices. Examples of portable devices <br />include, but are not limited to handhelds/PDAs, Ultramobile PCs, flash memory devices (e.g., <br />USB flash drives, personal media players), portable hard disks, and laptop/notebook computers. <br />E. "Portable Media" refers to small portable digital storage media. Examples of portable media <br />include, but are not limited to optical media (e.g., CDs, DVDs, Blu-Rays), magnetic media (e.g., <br />floppy disks, tape, Zip or Jaz disks), or flash media (e.g., CompactFlash, SD, MMC). <br />F. "Data" refers to individual pieces of information. <br />G. "Cloud" refers to a non -Partner data center(s) offering infrastructure, operating system platform, <br />or software services. A more complete definition of "cloud" can be found in the National Institute <br />of Standards (NIST) Special Publication 800-145. <br />H. "Encryption" refers to enciphering data with a NIST-approved algorithm or cryptographic module <br />using a NIST-approved key length. <br />I. "Complex Password" or "Complex Passphrase" refers to a secret phrase, string of characters, <br />numbers, or symbols used for authentication that is not easily guessable and meets an <br />established industry guideline for complexity and length, such as NIST Special Publication 800- <br />118. <br />III. Data Classification, Authorized Use, Access, and Disclosure <br />A. Data Classification: Data shared under this Agreement is considered confidential and classified <br />as at least Category 3 data under Washington's Standard for Securing Information Technology <br />Assets, OCIO Standard No. 141.10. <br />B. Permitted Uses: Business licensing information may be used for official purposes only. <br />C. Permitted Access: Business licensing information may be accessed only by Partner's employees <br />and agents that have a bona fide need to access such information in carrying out their official <br />duties. <br />D. Permitted Disclosure: Business licensing information received under the Agreement must not be <br />disclosed to non-parties unless the disclosure is: <br />1) Ordered under any judicial or administrative proceeding; or <br />2) Otherwise expressly authorized by Revenue in writing. <br />86 <br />Page 6 of 10 <br />