Security Policy

April 19th, 2016

SECURITY POLICY

As part of our continuing commitment to the security of electronic content as well as the electronic transmission of information, the Commonwealth has taken steps to safeguard the submission of information by implementing detailed technology and security policies. These policies can be viewed at the Office of Administration, Office for Information Technology website.

Security measures have been integrated into the design, implementation and day-to-day operations of the entire operating environment. Tools, policies, and protocols are used to safeguard the submission of information through Commonwealth websites. Security measures have been integrated into the design, implementation, and day-to-day operations of the entire operating environment as part of our continued commitment to the security of electronic content as well as the electronic transmission of information.

For services requiring online financial or sensitive transactions, PA.gov uses the Secure Sockets Layer (SSL) encryption protocol to safeguard your sensitive personal information, including your credit card number during online transactions. Information is encrypted from your computer to the servers processing your request. To further secure your privacy, do not divulge any passwords or sensitive information (e.g. credit card number) to anyone in a phone call or e-mail. When you are finished with applications that are password protected or required the input of your credit card information or other Personally Identifiable Information (PII), it is always recommended that you close or otherwise exit the browser page.

In certain instances, you may receive or create a password to access or submit PII. You should not divulge your password to anyone. The Commonwealth will never ask you for your password in an unsolicited phone call or e-mail. When completed with browsing any commonwealth websites, it is strongly recommended that the user logout (where applicable) and quit the web browser to remove any temporary data that may have been stored in the browser.

When contacting the Commonwealth through any method of communication (phone call, email, web form, etc.) you must determine whether the method of communication is adequately secure for your purposes prior to providing any PII or other confidential information. Any PII or confidential information sent by the user is sent at the users own risk.

Was this Helpful ?

TOP