.09 Security and Reliability Standards.

A. The Department shall maintain ImmuNet in accordance with system security requirements for federal information processing systems, including National Institute of Standards and Technology (NIST) 800-53 Special Publication, and prevailing agency information technology security policy standards and requirements.

B. ImmuNet Security.

(1) The Department shall:

(a) Maintain ImmuNet information on a server protected by a firewall; and

(b) Encrypt information traveling to and from authorized users.

(2) The Department shall maintain encryption keys in a secure location.