Florida Administrative Code (Last Updated: November 11, 2024) |
60. Department of Management Services |
60DD. State Technology Office |
60DD-2. Florida Information Resource Security Policies And Standards |
1(1)(a) Use of State Information Resources.
7(b) Standard. Access to data files and programs shall be limited to those individuals authorized to view, process, or maintain particular systems.
29(2) Access to and Handling of Confidential or Exempt Information.
39(a) Standard. Confidential or exempt information shall be accessible only to personnel who are authorized by the agency on the basis of the performance of responsibilities or as authorized by law. Data containing any confidential or exempt information shall be readily identifiable.
81(b) Standard. An auditable, continuous chain of custody shall record the transfer of confidential or exempt information. When confidential or exempt information from an agency is received by another agency in connection with the transaction of official business, the receiving agency shall maintain the confidentiality of the information in accordance with the applicable law.
135(3)(a) Audit Trails.
138(b) Standard. Audit trails shall be maintained to provide accountability for all accesses to confidential and exempt information and software, for all modifications to records that control movement of funds or fixed assets, and for all changes to automated security or access.
180Specific Authority 282.102(2), (6), (16) FS. Law Implemented 188282.318 FS. 190History–New 8-10-04.