nd.gov - The Official Portal for North Dakota State Government
North Dakota: Legendary. Follow the trail of legends

E-Services Security

Policy Code: 
EGT002-04.1
Effective Date: 
July 19, 2005
Revision Number: 
1
Last Reviewed: 
October 28, 2013

Purpose

Ensure agencies that engage in online activities or electronic commerce use due diligence to protect customer information from misuse or unauthorized access.

Standard

  1. Agencies requesting customer information shall provide a secure method for collection.
  2. Credit card numbers collected via e-services will not be stored electronically. 
  3. Credit card transactions shall be processed securely and must use Bank of North Dakota (BND) approved vendors. 

Policy

Ensure customer information is handled securely.

Applicability

This standard applies to all executive branch state agencies excluding the University Systems Office and other higher education institutions, i.e campuses and agricultural and research centers.

Definition

Customer information
Any recorded information that identifies the person, such as but not limited to: account number, social security number, user ID/ PIN number/password, driver’s license number. Other information to be considered based on agency business, such as but not limited to: name, mailing address, e-mail address.
E-Services
Services provided electronically via media that is interactive. For example but not limited to:
  • Interactive Voice Response (IVR)
  • World Wide Web
Customer
Any entity doing business with the state of ND on their own or another’s behalf.

Non-Compliance

Non-compliance with this standard shall be reported to the Office of the State Auditor.

Version Control: 
This is a new standard.
 

What Our Customers Are Saying

Thank you for taking care of this on a holiday weekend!

Protection & Advocacy Project
July 5, 2014
 
 

Copyright © 2014 North Dakota Information Technology Department - ITD
Use Adobe Reader to view, print and collaborate on PDF files.