Pennsylvania Code
Pennsylvania Code & Bulletin
COMMONWEALTH OF PENNSYLVANIA

• No statutes or acts will be found at this website.

The Pennsylvania Code website reflects the Pennsylvania Code changes effective through 54 Pa.B. 488 (January 27, 2024).

58 Pa. Code § 810a.6. Software authentication.

§ 810a.6. Software authentication.

 The acquisition and development of new software must follow defined processes in accordance with the information security policy.

   (1)  The production environment must be logically and physically separated from the development and test environments.

   (2)  Development staff shall be precluded from having access to promote code changes into the production environment. If, due to staffing limitations, this requirement cannot be met by the entity, the internal controls submitted to the Board shall describe what measures will be implemented to ensure the integrity of interactive games in the production environment.

   (3)  There must be a documented method to verify that test software is not deployed to the production environment.

   (4)  To prevent leakage of personal identifiable information, there must be a documented method to ensure that raw production data is not used in testing.

   (5)  All documentation relating to software and application development should be available and retained for the duration of its lifecycle.


No part of the information on this site may be reproduced for profit or sold for profit.


This material has been drawn directly from the official Pennsylvania Code full text database. Due to the limitations of HTML or differences in display capabilities of different browsers, this version may differ slightly from the official printed version.