The official seal of the state of Washington

Privacy Notice

Thank you for visiting SecureAccess Washington and reviewing our Privacy Notice. This notice addresses collection, use and security of and access to information that may be obtained through use of SecureAccess Washington. This notice covers the following topics:

Section A. Information Collected and How it is Used

If you do nothing during your visit to our web site but browse, read pages, or download information, we will gather and store certain information about your visit. This information does not identify you personally. We automatically collect and store the following information about your visit:

  1. The Internet Protocol Address and domain name used. The Internet Protocol address is a numerical identifier assigned either to your Internet service provider or directly to your computer. We use the Internet Protocol Address to direct Internet traffic to you. This address can be translated to determine the domain name of your service provider (e.g. xcompany.com or yourschool.edu);
  2. The type of browser and operating system you used;
  3. The date and time you visited this site;
  4. The web pages or services you accessed at this site; and
  5. The web site you visited prior to coming to this web site.

The information we automatically collect or store is logged and used by CTS only to improve the content of our web services and to help us understand how people are using our services. CTS analyzes this information/the web site logs to determine how our web site is being used, so that we may continually improve the site's usefulness to the public.

What we collect if you volunteer information.

If during your visit to our web site you participate in a survey, send an email, register for an account or perform some other transaction on-line, the following additional information will be collected:

  1. The email address, and contents of email, for those who communicate with us via email.
  2. Information volunteered through an on-line form for any other purpose.
  3. A User ID, password, name, email address, secret question and secret answer.
  4. Historical information about logins which is kept for transactional analysis and system debugging.

Information provided on the online form is used to complete the online transaction and perform the service requested. The information collected is not limited to text characters and may include audio, video, and graphic information formats you send us. The information is retained in accordance with Chapter 40.14 RCW, Preservation and Destruction of Public Records.

The information you volunteer may be used:

  • to operate and improve SecureAccess Washington;
  • to fulfill your requests for services; and
  • to communicate with you and respond to your inquiries.

We use your email to respond appropriately. This may be to respond to you, to address issues you may identify, to further improve our web site, or to forward the email to another agency for appropriate action.

LexisNexis Instant Authenticate

CTS has contracted with LexisNexis to provide Instant Authenticate services to assure only the people who are allowed have access to sensitive systems. The following questions you will answer are part of this LexisNexis service. LexisNexis pulls these questions for your authentication from more than 20 billion public and proprietary records. LexisNexis' service aggregates and reports data that is provided by public records and commercially available data sources. Neither LexisNexis, nor CTS, is the source of the data. CTS does not retain a comprehensive compilation of the data. Additionally, CTS does not have access to the information you will submit to LexisNexis during the next few screens. Answering these questions is necessary to help ensure that your identity is properly authenticated. If you would like additional information about LexisNexis, please visit http://www.lexisnexis.com/risk/solutions/instantid-qa.aspx

LexisNexis Privacy Vision

LexisNexis is committed to the responsible use of information and protecting individual privacy rights. LexisNexis strives to provide services to businesses, consumers, nonprofit organizations and government agencies that help reduce fraud, mitigate risk, facilitate more informed decisions, and make society safer, in ways that protect consumer privacy. We aspire to protect consumer privacy through the design of our products, by credentialing, monitoring, and auditing our customers as appropriate, and through other information security safeguards. We also strive to promote transparency through consumer education initiatives, privacy principles and policies, and appropriate opportunities for consumer choice, access, and correction with respect to personal information about the consumer.

Data Privacy Principles

The LexisNexis Data Privacy Principles speak to the personally identifiable information including sensitive personally identifiable information, collected, maintained, used or disseminated in connection with services offered by LexisNexis, a division of Reed Elsevier Inc., or by its affiliates in the LexisNexis Risk Solutions business group (all hereinafter "LexisNexis").

LexisNexis applies these Principles to our domestic U.S. products and services where appropriate. In addition, other uses or disclosures may occur as required by applicable law, such as the Fair Credit Reporting Act and its state analogues (FCRA), the Driver's Privacy Protection Act and its state analogues (DPPA), and the Gramm-Leach-Bliley Act (GLB). If the law requires or upon request of law enforcement, or, if necessary, to prevent fraud or to protect our computer systems, these principles may not apply. LexisNexis also, from time to time, may revise our Data Privacy Principles by posting chnges on its Web site.

1. SECURITY
Data security is a company imperative. LexisNexis strives to protect personally identifiable information that we maintain or disseminate, including through the use of appropriate administrative, physical, and technical safeguards, so it is not obtained by unauthorized individuals or used impermissibly.

2. DISTRIBUTION OF PERSONALLY IDENTIFIABLE INFORMATION
LexisNexis seeks to limit the distribution of personally identifiable information consistent with the nature and sensitivity of the information. In its services, LexisNexis also strives to make available personally identifiable information from sources other than public records or publicly available information only to its authorized users or customers. Similarly, where applicable, LexisNexis strives to restrict access to information in accordance with privacy laws such as the FCRA, the GLB, and the DPPA and comparable state statutes. In the case of public record information available to the general public (such as bankruptcy, liens, judgments, criminal records and Uniform Commercial Code filings) and publicly available information (such as telephone directory information or personal information available through widely available media), we may make this information available to the general public unless applicable law operates to limit our distribution of such information to authorized users.

If, upon investigation, LexisNexis finds that personally identifiable information has been used or accessed inappropriately or unlawfully, LexisNexis strives to take reasonable steps to stop the misuse or access, educate the user concerning the appropriate use of the information, and prevent similar future misuses. Such steps may include measures up to and including discontinuation of the user's access to LexisNexis information products and services, pursuit of other legal remedies, and the referral of misuse to the appropriate authorities.

3. ACCURACY
LexisNexis strives to accurately report information in its products. LexisNexis also strives to accurately report information that it receives from its data sources. LexisNexis recognizes, however, that reporting errors may occur and offers consumers opportunities, where applicable, to dispute and correct information that we report as discussed further in Principle 9 on Access and Correction.

4. PROTECTION OF SOCIAL SECURITY NUMBERS AND DRIVER'S LICENSE NUMBERS
LexisNexis strives to provide additional safeguards for sensitive personally identifiable information, such as Social Security numbers and driver's license numbers. LexisNexis strives to limit the availability and access to full Social Security Numbers ("SSNs"), Driver's License Numbers and State Identification Numbers. LexisNexis strives to protect the confidentiality of SSNs by limiting access to SSNs to certain legitimate and authorized users, such as: state, local and federal government entities; financial institutions; insurers; employers; creditors; debt collectors and other user types to which LexisNexis may decide to provide such access. A limited number of public records may contain SSNs that are already available to the public and, if such public records are accessed through LexisNexis services, our services may provide access to such SSNs. LexisNexis prohibits the unlawful disclosure of SSNs. LexisNexis also takes steps to limit the availability of Driver's License Numbers ("DLNs") and state identification card numbers.

5. EDUCATION
LexisNexis strives to inform its employees, users and the general public about appropriate use of LexisNexis products and services. LexisNexis strives to inform its users and employees about:
-Privacy and security issues associated with LexisNexis information products and services; and
-The responsible use of personally identifiable information.

LexisNexis strives to inform the public about:
-The responsible use of personally identifiable information;
-Measures LexisNexis has undertaken to enhance consumer privacy; and choices available to consumers regarding information access and the ability to opt-out of certain products and services which utilize personally identifiable information.

6. REPUTABLE SOURCES
LexisNexis strives to acquire personally identifiable information from established, reputable sources in the government and private sectors. In support of this Principle, LexisNexis takes reasonable steps to assess the reputation and reliability of its private sector data sources before incorporating personally identifiable information from the source into its products and services. LexisNexis also strives to obtain assurances from its data suppliers that they have the legal right to license or sell the data to LexisNexis.

7. NOTICE
LexisNexis strives to make its Data Privacy Principles publicly known. LexisNexis publicly posts these Data Privacy Principles.
1. Security;
2. Distribution of Personally Identifiable Information;
3. Accuracy;
4. Protection of Social Security Numbers and Driver's License Numbers;
5. Education;
6. Reputable Sources;
7. Notice;
8. Choice;
9. Access and Correction;
10. Accountability;
11. Online Privacy;
12. Identity Theft; and
13. Compliance

For additional information about the LexisNexis Data Privacy Principles, contact the LexisNexis Privacy Manager at 1-800-831-2578 or by mailing to:
Privacy Manager
LexisNexis
PO Box 933
Dayton, Ohio 45401

LexisNexis strives to allow consumers to opt-out of the dissemination of personally identifiable information from certain LexisNexis owned databases used solely for marketing services. We also strive to allow individuals to opt-out of LexisNexis' public-facing product, KnowX, as required by law and permitted by LexisNexis policy.

9. ACCESS AND CORRECTION
LexisNexis strives to provide consumers with a central point of contact regarding their questions about LexisNexis and its commitment to the responsible use of personally identifiable information. LexisNexis strives to inform individuals about the nature of the public records, nonpublic information, and publicly available information that LexisNexis makes available in its information products and services. LexisNexis also strives, whenever practicable, to provide consumers, upon request, with meaningful opportunities to review personally identifiable information we maintain about them. LexisNexis also strives, as appropriate and practicable, to provide opportunities for consumers to dispute and correct information by assisting them in identifying the potential information sources at which corrections should be made. LexisNexis strives to direct individuals to the government and private entities that collect and maintain public records and publicly available information to correct any claimed inaccuracies found in that data, and to direct individuals to consumer reporting agencies where such agency is the source of the information about the individual and where the individual seeks to correct claimed inaccuracies found in that data.

10. ACCOUNTABILITY
LexisNexis supports accountability of information industry standards and practices, responsible and effective federal regulation of the data industry, and legislation governing the practices of all data providers. LexisNexis also supports industry oversight and active engagement with the privacy community. LexisNexis believes that strong privacy and information security protections are vital for an effective and trusted data industry.

11. ONLINE PRIVACY
LexisNexis strives to protect the privacy of personally identifiable information obtained over the Internet and strives to apply our Data Privacy Principles and evolving standards to the online environment.

12. IDENTITY THEFT
LexisNexis strives to prevent the acquisition of information from its products and services for improper purposes, such as identity theft. LexisNexis believes that it is important that individuals who may have had their sensitive personally identifiable information acquired by an unauthorized individual be notified as follows: Where a state law requires notice, LexisNexis complies with the law. In those states where notification laws do not exist, LexisNexis follows its Information Security Breach Response and Notification Policy, which provides that affected individuals will be notified when sensitive personally identifiable information owned or licensed by LexisNexis is acquired by an unauthorized individual and whenever LexisNexis has a reasonable basis to believe the breach has resulted in, or there is a significant risk that it will result in, identity theft to the consumer to whom the information relates.

13. COMPLIANCE
LexisNexis will obtain assessments from a qualified, objective, independent third-party, who uses procedures and standards generally accepted in the profession to assess LexisNexis' administrative, technical, and physical safeguards, as appropriate.
-Contact LexisNexis directly to Request Opt-Out or to Get Copies of Information About Yourself

Latest Revision: 05.13.10

Section B. Personal Information and Choice.

You may choose whether to provide personal information online.

"Personal information" is information about a natural person that is readily identifiable to that specific individual. Personal information includes such things as an individual's name, address, and phone number.

We collect no personal information about you unless you voluntarily provide it to us by sending us email or completing an online form. You may choose not to contact us by email or not to provide any personal information using an online form; however your choice not to provide the registration information will impair your ability to perform certain activities or transactions online.

If personal information is requested on the Website or volunteered by the user, state law and the federal Privacy Act of 1974 may protect it. However, this information is a public record once you provide it, and may be subject to public inspection and copying if not protected by federal or state law.

If you believe that your personal/private information is being used for a purpose other than what was intended when submitted, you may contact the agency contact person or position as shown in the Contact Information Section of this statement.

The Children's Online Privacy Protection Act (COPPA) governs information gathering online from or about children under the age of 13. SecureAccess Washington is especially concerned about protecting children's privacy. SecureAccess Washington does not require children to reveal any information that could personally identify them. If a child chooses to provide personally identifying information to us then the child must get his/her parents' permission before providing any information on line -- at our site or any other site.

Section C. Public Access to Information

In the State of Washington, laws exist to ensure that government is open and that the public has a right to access appropriate records and information possessed by state government. At the same time, there are exceptions to the public's right to access public records that serve various needs including the privacy of individuals. Exceptions are provided by both state and federal laws. All information collected at this site becomes public record that may be subject to inspection and copying by the public, unless an exemption in law exists. RCW 42.56.070 states that:

Each agency, in accordance with published rules, shall make available for public inspection and copying all public records, unless the record falls within the specific exemptions of the Public Records Act or other statute which exempts or prohibits disclosure of specific information or records.

In the event of a conflict between this Privacy Notice and the Public Records Act or other law governing the agency's disclosure of records, the Public Records Act or other applicable law will control.

To the extent required to prevent an unreasonable invasion of personal privacy interests protected by RCW 42.56.210 and 42.56.320, an agency shall delete identifying details in a manner consistent with RCW 42.56.310 and 42.56.320 when it makes available or publishes any public record; however, in each case, the justification for the deletion shall be explained fully in writing.

Section D. Nondisclosure of Certain Personal Information.

CTS may require you to provide certain personal information in order to register and have access to certain on-line services. The information is required in order to grant or deny your request to access an on-line service. You may choose not to provide this information, but if you choose not to provide it we will be unable to process your request, and you will have to conduct the transaction in person or by mail.

The following laws may prevent SecureAccess Washington from disclosing the personal/private information about you except as necessary to process the transaction:

  1. The residential address and residential telephone number of employees of a public agency which are held by the agency in personnel records, employment or volunteer rosters, or mailing lists of employees. RCW 42.56.250(3)
  2. Personal information in files maintained for employees of any public agency to the extent that disclosure would violate their right to privacy. RCW 42.56.230
  3. All applications for public employment, including the names of applicants, resumes, and other related materials submitted with respect to an applicant. 42.56.250(2)

Section E. Review and Correction of Personally Identifiable Information.

You can review any personally identifiable information we collect about you by using the information in the Contact Information section at the end of this Notice. You may recommend changes to your personally identifiable information you believe to be inaccurate by submitting a written request that credibly shows the inaccuracy. We will take reasonable steps to verify your identity before granting access or making corrections. Read RCW 43.105.310

Section F. Cookies.

Cookies

To better serve our users we use "cookies" to customize your browsing experience with SecureAccess Washington. Cookies are simple text files stored on your computer by your web browser.

Cookies created on your computer by using this Website do not contain personally identifying information and do not compromise your privacy or security. We use the cookie feature only to store a randomly generated identifying tag on your computer.

Applets

Applets, when used, are tools downloaded to your computer to work with the software you have. They are intended to enhance your browsing experience by enabling you to view information in a unique manner and/or to enable access to information that your computer would otherwise be unable to access without the applet.

SecureAccess Washington does not use applets, so you are not required to use applets to browse this site.

Section G. Security

CTS, as developer and manager of CTS SecureAccess, has taken several steps to safeguard the integrity of its data and prevent unauthorized access to information maintained by CTS. For site security purposes and to ensure that this website remains available to all users, CTS employs software to monitor traffic to identify unauthorized attempts to upload or change information or otherwise cause damage to this website. These measures are designed and intended to prevent corruption of data, block unknown or unauthorized access to our systems and information, and to provide reasonable protection of private information in our possession. This information should not be construed in any way as giving business, legal, or other advice, or warranting as fail proof, the security of information provided via CTS web sites.

Section H. Disclaimer.

The CTS SecureAccess web site has many links to other web sites. These include links to web sites operated by other government agencies, nonprofit organizations and private businesses. When you link to another site, you are no longer on the CTS SecureAccess web site and this Privacy Notice will not apply. When you link to another web site, you are subject to the privacy policy of that new site. Reference in this web site to any specific commercial products, processes, or services, or the use of any trade, firm, or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favoring by the State of Washington, CTS, or its officers, employees or agents. Neither the State of Washington, nor any agency, officer, or employee of the State of Washington warrants the accuracy, reliability or timeliness of any information published by this system, nor endorses any content, viewpoints, products, or services linked from this system, and shall not be held liable for any losses caused by reliance on the accuracy, reliability or timeliness of such information. Portions of such information may be incorrect or not current. Any person or entity that relies on any information obtained from this system does so at its own risk. CTS reserves the right to revise and update this Privacy Notice at any time without notice by posting such revised Privacy Notice at the CTS SecureAccess log in page.

Section I. CTS Contact Information.

You may contact CTS as follows. For general questions, technical issues about SecureAccess Washington: CTS Service Desk Phone: (360) 753-2454 / (888) 241-7597 To access your personally identifiable information we collect, if any, or to request correction of factual errors in your personally identifiable information you can contact us

To review your personal information, or request correction of your personal information:

CTS Public Disclosure Officer PO Box 41501 Olympia, WA 98504-2445 Phone: (360) 407-8765 Fax: (360) 586-1414 Email: PublicDisclosure@cts.wa.gov

To offer comments about SecureAccess Washington or the information presented in this notice:

CTS Privacy Officer

PO Box 41501 Olympia, WA 98504-2445 Phone: (360) 407-8818 Fax: (360) 586-1414 Email: PrivacyOfficer@cts.wa.gov

Last Modified: September 2013