HTML has links - PDF has Authentication

Chapter 192-810 WAC

Last Update: 11/14/23

PUBLIC DISCLOSURE AND PRIVACY FOR PAID FAMILY AND MEDICAL LEAVE

WAC Sections

HTMLPDF192-810-010Definitions.
HTMLPDF192-810-030How do individuals and entities request records from the department?
HTMLPDF192-810-040Misuse or unauthorized disclosure.
DISPOSITION OF SECTIONS FORMERLY CODIFIED IN THIS TITLE
192-810-020Purpose. [Statutory Authority: RCW 50A.05.60 [ 50A.05.060] and 50A.25.030. WSR 20-01-087, § 192-810-020, filed 12/12/19, effective 1/12/20.] Repealed by WSR 23-23-095, filed 11/14/23, effective 1/1/24. Statutory Authority: RCW 50A.05.060, 50A.10.030, and 50A.25.040.


PDF192-810-010

Definitions.

(1) The definitions set forth in RCW 42.56.010 and WAC 192-02-020 apply to this chapter unless the context clearly indicates otherwise.
(2) An employer's "own records" as used in RCW 50A.25.040 means records and information provided to the department by the employer or the employer's predecessor in interest.
[Statutory Authority: RCW 50A.05.060, 50A.10.030, and 50A.25.040. WSR 23-23-095, § 192-810-010, filed 11/14/23, effective 1/1/24. Statutory Authority: RCW 50A.05.60 [ 50A.05.060] and 50A.25.030. WSR 20-01-087, § 192-810-010, filed 12/12/19, effective 1/12/20.]



PDF192-810-030

How do individuals and entities request records from the department?

(1) The department will manage records requests as outlined in chapter 192-02 WAC.
(2) If an individual requests records or information concerning that individual held by the department under RCW 50A.25.040, those records must be released only to the requesting individual.
(3) If an individual submits a records request and asks that the requested records be sent to a third party directly, the individual must follow the provisions of RCW 50A.25.040.
[Statutory Authority: RCW 50A.05.060, 50A.10.030, and 50A.25.040. WSR 23-23-095, § 192-810-030, filed 11/14/23, effective 1/1/24. Statutory Authority: RCW 50A.05.060. WSR 21-04-067, § 192-810-030, filed 1/29/21, effective 3/1/21. Statutory Authority: RCW 50A.05.60 [ 50A.05.060] and 50A.25.030. WSR 20-01-087, § 192-810-030, filed 12/12/19, effective 1/12/20.]



PDF192-810-040

Misuse or unauthorized disclosure.

(1) If misuse or an unauthorized disclosure of records or information deemed private and confidential under chapter 50A.25 RCW occurs, each party involved in the data-sharing that is aware of the misuse or unauthorized disclosure must inform the department within two business days of the discovery of the data security breach.
(2) In addition to informing the department of the misuse or unauthorized disclosure, the party responsible for the disclosure must take all reasonably available actions to rectify the disclosure to the department's standards. In most cases, these actions will include, at a minimum:
(a) Ceasing any continued release;
(b) Informing all individual whose data may have been released improperly of the situation; and
(c) Providing identity protection mechanisms at no charge to the individuals whose data may have been released.
[Statutory Authority: RCW 50A.05.60 [50A.05.060] and 50A.25.030. WSR 20-01-087, § 192-810-040, filed 12/12/19, effective 1/12/20.]