307.13—Security and confidentiality for computerized support enforcement systems in operation after October 1, 1997.
The State IV-D agency shall:
(a) Information integrity and security.
Have safeguards on the integrity, accuracy, completeness of, access to, and use of data in the computerized support enforcement system. These safeguards shall include written policies concerning access to data by IV-D agency personnel, and the sharing of data with other persons to:
(1)
Permit access to and use of data to the extent necessary to carry out the State IV-D program under this chapter; and
(2)
Specify the data which may be used for particular IV-D program purposes, and the personnel permitted access to such data; and
(3)
Permit access to and use of data for purposes of exchanging information with State agencies administering programs under titles IV-A and XIX of the Act to the extent necessary to carry out State agency responsibilities under such programs in accordance with section 454A(f)(3) of the Act.
(b) Monitoring of access.
Monitor routine access to and use of the computerized support enforcement system through methods such as audit trails and feedback mechanisms to guard against, and promptly identify unauthorized access or use;
(c) Training and information.
Have procedures to ensure that all personnel, including State and local staff and contractors, who may have access to or be required to use confidential program data in the computerized support enforcement system are:
(1)
Informed of applicable requirements and penalties, including those in section 6103 of the Internal Revenue Service Code and section 453 of the Act; and
(d) Penalties.
Have administrative penalties, including dismissal from employment, for unauthorized access to, disclosure or use of confidential information.
[63 FR 44816, Aug. 21, 1998]
Code of Federal Regulations
Code of Federal Regulations
307