Information Security

Digital image of circuits and paths

The City is committed to protecting the public's informational assets and providing essential resources to create an accountable, security-conscious culture. 

The City's approach is derived from industry best practices and established frameworks such as those from the Center for Internet Security (CIS) and the National Institute of Standards and Technologies (NIST), which is outlined in our Information System and Security Policy. City systems are managed to ensure compliance with all applicable federal, state, and local laws and ordinances. This framework governs most City systems and processes to secure the public's data, including, but not limited to, emergency response, data classification, and security auditing.  

Report a Vulnerability 

Do you think you have spotted a vulnerability in one of our City systems? Let us know! Contact Security@seattle.gov with reports of information security issues or vulnerabilities.  

For more information, please reference the City’s Vulnerability Disclosure Standard

Data Classification 

The City classifies data for collection, transmission, storage, and use, using the following categorizations: 

Public information can be or currently is released to the public. It does not need protection from unauthorized disclosure but does need integrity and availability protection controls. This would include general public information, published reference documents (within copyright restrictions), open-source materials, approved promotional information, and press releases. ·         

Sensitive information may not be specifically protected from disclosure by law and is for official use only. Sensitive information is generally not released to the public unless specifically requested. Although most of this information is subject to disclosure laws because of the City's status as a public entity, it still requires careful management and protection to ensure the integrity and obligations of the City's business operations and compliance requirements. 

Confidential information is information that is specifically protected in all or in part from disclosure under the State of Washington Public Disclosure Laws. 

Confidential information requiring special handling is specifically protected from disclosure by law and subject to strict handling requirements dictated by statutes, regulations, or legal agreements.  

For more information on how your data is used by the City, please visit our Privacy Program.

Emergency Response 

Seattle IT works with the Office of Emergency Management to ensure critical systems are managed in alignment with the City's emergency management plan.   

Security Auditing 

The City conducts various forms of audits to assess and improve security protections consistent with industry best practices, regulatory and legal requirements, and continuous monitoring principles. 
 

Information Technology

Rob Lloyd, Chief Technology Officer
Address: 700 5th Ave, Suite 2700, Seattle, WA, 98104
Mailing Address: PO Box 94709, Seattle, WA, 98124-4709
Phone: (206) 684-0600
Phone Alt: Cable TV & Internet Discount Information: (206) 684-8498
SeattleIT@seattle.gov

Newsletter Updates

Subscribe

Sign up for the latest updates from Information Technology

Seattle IT is a trusted partner that provides secure, reliable, and compliant technologies enabling the City to deliver equitable and responsive services to the public.