Statutes, codes, and regulations
California Code Of Regulations
Title 11 - LawDivision 1 - Attorney GeneralChapter 18 - Electronic Recording Delivery System
Article 5 - Baseline Requirements and Technology Standards
Section 999.137 - Encryption Requirements

Cal. Code Regs. tit. 11 § 999.137

Download
PDF
Current through Register 2024 Notice Reg. No. 37, September 13, 2024
Section 999.137 - Encryption Requirements
(a) All ERDS shall employ encryption, both in transmission and at-rest, until decrypted by the intended recipient to protect the confidentiality of ERDS payloads. Once decrypted by the intended recipient, the security of the contents shall become the responsibility of the intended recipient.
(b) Encryption shall be a minimum of 128 bit.
(c) When encryption is employed, the cryptographic modules shall be certified to meet FIPS 140-2, Security Requirements for Cryptographic Modules (publication date May 2001, as amended by change notice issued December 2002).

Cal. Code Regs. Tit. 11, § 999.137

1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)-(a)(1), (b) and (c) filed 8-11-2014; operative 10-1-2014 (Register 2014, No. 33).
3. Amendment of section heading and section filed 10-7-2019; operative 1-1-2020 (Register 2019, No. 41).

Note: Authority cited: Section 27393, Government Code. Reference: Sections 27393(b) and 27397.5, Government Code.

1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)-(a)(1), (b) and (c) filed 8-11-2014; operative 10/1/2014 (Register 2014, No. 33).
3. Amendment of section heading and section filed 10-7-2019; operative 1/1/2020 (Register 2019, No. 41).