How we give access to data
Records we have shared
From July 1, 2018 through June 30, 2019 we provided:
- 75,439,188 in bulk requests by private and government entities.
- 794,514 through our Contracted Plate Search system, used mostly by parking lot operators.
A data breach is any time data is taken without permission, compromising the:
- confidentiality, and
- integrity of personal information we maintain.
It's not considered a breach when:
- The person who takes the personal information works for DOL or represents us,
- It's used for official DOL business, and
- The personal information isn't used or shared for other purposes.
Notifying you of a data breach
The law says we must notify you as soon as possible. We must not wait more than 45 calendar days after we learn of a breach unless law enforcement asks us to delay.
We'll notify you any time your personal information is breached. This means your first name or first initial and last name in combination with any of the following:
- Social Security number or the last 4 digits of the Social Security number.
- Driver license number or Washington identification card number.
- Bank account, credit or debit card number.
- Any code, password, or other information that would give access to your financial account.
- Full date of birth.
- Private key that is unique to you that you use to authenticate or sign an electronic record.
- Student, military, or passport identification number.
- Health insurance policy number or health insurance identification number.
- Any information about your medical history or mental or physical condition.
- Any information about your health care professional's medical diagnosis or treatment.
- Biometric data. For example, your fingerprint, voiceprint, eye retinas, irises, or other unique biological patterns or characteristics that could identify you
We must notify you of a breach of any of the above information combined with your last name if:
- We didn't encrypt or redact the information enough to make it unusable.
- The information would enable someone to commit identity theft against you.
We must also notify you of a breach involving your user name or email address along with:
- Security questions and answers that would give access to an online account.
Washington law ensures:
- Our government is transparent.
- The public has access to records and information we store.
Our laws include exceptions to balance:
- Government transparency.
- Individual privacy.
All our information is governed by laws such as Washington's Public Records Act, RCW 42.56. Information you send us may become a public record. It may be subject to public inspection and copying if not protected by federal or state law.
If there’s ever a conflict between this privacy statement and the Public Records Act, or laws governing our disclosure of records, the Public Records Act or other applicable law will control.
We use facial recognition technology to make sure a person only has one driver license or identification card. Learn more about how we use facial recognition.
Data stewardship framework
DOL has adopted a Data stewardship framework based on:
- Our principles as an agency.
- Best practices from the Office of Privacy and Data Protection.
- Guidance from international organizations such as the United Nations.
Our Framework helps us explain and think through new privacy challenges. It shows how our principles link to our commitments and our actions. It’s a living document and gets updated as the privacy world changes.
We wrote a report for the legislature explaining how our framework relates to our ongoing Data Stewardship project.
Internal data governance policy
These are the rules we hold ourselves to. Read our Data governance policy.
Laws governing how we share personal information
The main federal law governing drivers license data is the Driver Privacy Protection Act.
Vehicle and vessel owner information
Driver and plate search (DAPS) and driver information and adjudication system (DIAS)
We have a policy that limits access to these systems.
For DAPS, we limit access to:
- Law enforcement agencies.
- Other government agencies.
- 911 dispatch communications and records centers.
- Government agency detectives and investigators.
For DIAS, we limit access to:
- Municipal, district, and superior courts.
- Local and state government agencies.
- Prosecuting attorneys.
Social Security Numbers
Release prohibited except as required by law.
Organ donor information
Prohibition of sharing information.
Voter registration data
Release prohibited except as required by law.
Questions? Need help?
Email us: DOLPrivacyOfficer@dol.wa.gov