A. The Department shall maintain ImmuNet in accordance with system security requirements for federal information processing systems, including National Institute of Standards and Technology (NIST) 800-53 Special Publication, and prevailing agency information technology security policy standards and requirements.
B. ImmuNet Security.
(1) The Department shall:
(a) Maintain ImmuNet information on a server protected by a firewall; and
(b) Encrypt information traveling to and from authorized users.
(2) The Department shall maintain encryption keys in a secure location.