1 / 33

John A. Coates, P.E., Administrator Wastewater Compliance Evaluation Section,

Florida’s Electronic Discharge Monitoring Report (EDMR) System Preserving Data Credibility. John A. Coates, P.E., Administrator Wastewater Compliance Evaluation Section, Office of Wastewater Management. Florida Department of Environmental Protection. Present paper based system.

leal
Download Presentation

John A. Coates, P.E., Administrator Wastewater Compliance Evaluation Section,

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Florida’s Electronic Discharge Monitoring Report (EDMR) System Preserving Data Credibility John A. Coates, P.E., Administrator Wastewater Compliance Evaluation Section, Office of Wastewater Management Florida Department of Environmental Protection

  2. Present paper based system... • ~4,500 individually permitted wastewater facilities • 3 parts to DMRs • Part A, Summary statistics • Part B, Daily Values • Part D, Groundwater wells

  3. ... can be burdensome! • Implementation Approach • Specify Functionality • balance technology vs. administrative process • reduce unforeseen risks by keeping control within system • build in administrative controls • enfoTech & Consulting, Inc. www.enfoTech.com

  4. System Description... • Web-enabled “Thin Client” application • X.12 EDI protocol text file • Data encryption during Internet submission • Registered Users with access control via user names and passwords • PIN-based electronic signature for submitters

  5. Registration Process... “Who are you?” • Existing legacy system tracks permittees & “Authorized Representatives” • Notarized Application Forms for: • Permittee request for permit modification & designation of “Viewers” or “Certifiers” • Electronic Signature Agreement for Certifiers

  6. Registration Process... “PINs & Electronic Signatures” • “Electronic Signature Act of 1996,” in Part II, Chapter 282, F.S. (§ 282.70-282.75, F.S.) • Confidentiality & PIN compromise issues addressed in ESA and minor permit revision • Preliminary (non functional) PIN issued via certified mail in confidential envelope • Certifiers obtain Functioning PIN via system (being built)

  7. EDMR Status “Ready, Set, Verify, Go” • Initial Trial Status • Review period during which paper DMRs are submitted for “verifying” file compatibility & accuracy • Information is not automatically transferred to legacy system • Functions for suspension, etc. • Manual status changes and historical tracking • Automatic after repeated failures in password or PIN entry

  8. Submission Process “Mail that Report” • SSL encrypted connection • Steps • File selection • PIN entry (& verification) • Required Check for Certification Statement • Submit • Enhanced Certification Statement • “Return Receipt” submittal response (being added)

  9. EDMR Submission Logs “While you were submitting...” • EDMR Submission Log • user name, password, PIN • submission date/time for File Selection, Submit, Received, & Acknowledgement Sent. • IP address captured and stored • Checksum

  10. Copy of Record “While you were submitting...” • Copy of Record • X.12 EDMR file • self-monitoring data • limits/requirements • Submission Log (with forensic information)

  11. EDMR Storage and Access “The EDMR Afterlife...” • X.12 EDMR file stored as Binary Large Object in Oracle 8i • Processed for online viewing and data transfer • EDMR Status/error messages and human readable views/download provided • Revisions allowed, but, each submission maintains records of revisions

  12. Database Functionality... “enhancing credibility” • PIN & Password instances encrypted • Database constraints set to “Insert Only” for Key fields • submission file (X.12) • password, PIN, & checksum • rest of Submission Log • Audit Trail feature • records any changes to selected tables/fields

  13. Fundamentals for Credible and Enforceable Data • Authentication • Report Integrity • Nonrepudiation

  14. Authentication Identifying the Submitter • Reliance on Notary laws • Person must be permittee or authorized representative • ESA and Permit confidentiality requirements • Functional PIN issuance procedure • preface to certification statement • forensic data (e.g., IP address)

  15. Report Integrity Securing the Data • During Transmission • SSL and TCP/IP protection during transmission • Capturing Checksum as received • After Receipt • general system security • Department roles • database design (e.g., Insert Only and Audit Trail features) • Permanent Copy of Record

  16. Nonrepudiation Verifying Intent • Design of Submission Steps • Proximity of PIN to Certification statement • Certification statement language • System requires active “check” of Certification statement for each submission to demonstrate intent to be bound by the content of the data • “Data” file includes data & limits

  17. Demonstrating Credibility “The Persuasive Expert” • Well documented system design and operating procedures • Generation of Log Reports • System Access • Electronic Signature • Submission • Record Integrity Report • reproduces copy of record • compares original checksum with current • provides related Audit Trail records

  18. Summary • Credible Data ? • Administrative (procedural) & technological solutions • reduce unforeseen risks • Reasonable to build, implement & maintain • Contacts or questions • John.Coates@dep.state.fl.us • tony_jeng@enfotech.com

More Related