Cal. Code Regs. tit. 11 § 999.137

Current through Register 2024 Notice Reg. No. 49, December 6, 2024
Section 999.137 - Encryption Requirements
(a) All ERDS shall employ encryption, both in transmission and at-rest, until decrypted by the intended recipient to protect the confidentiality of ERDS payloads. Once decrypted by the intended recipient, the security of the contents shall become the responsibility of the intended recipient.
(b) Encryption shall be a minimum of 128 bit.
(c) When encryption is employed, the cryptographic modules shall be certified to meet FIPS 140-2, Security Requirements for Cryptographic Modules (publication date May 2001, as amended by change notice issued December 2002).

Cal. Code Regs. Tit. 11, § 999.137

1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)-(a)(1), (b) and (c) filed 8-11-2014; operative 10-1-2014 (Register 2014, No. 33).
3. Amendment of section heading and section filed 10-7-2019; operative 1-1-2020 (Register 2019, No. 41).

Note: Authority cited: Section 27393, Government Code. Reference: Sections 27393(b) and 27397.5, Government Code.

1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)-(a)(1), (b) and (c) filed 8-11-2014; operative 10/1/2014 (Register 2014, No. 33).
3. Amendment of section heading and section filed 10-7-2019; operative 1/1/2020 (Register 2019, No. 41).