CDXCentral Data Exchange

About CDX

About Navigation

Regulation

Regulation Information

The CDX registration site supports the requirements and procedures set forth under the EPA's proposed Cross-Media Electronic Reporting Regulation. The following language about registering for Central Data Exchange comes from Part D (i.e. "Submitter registration process") of the Section 3.2000 (i.e. "What are the criteria for acceptable electronic document receiving systems?"):

An acceptable electronic document receiving system must require that anyone who submits an electronic document to the system first register with the agency to which the document is to be submitted. The registration process must establish the identities of both the registrant, who is the prospective submitter, and any entity that the registrant is authorized to represent, and must establish that the registrant is authorized to submit the document in question for the entity being represented. In addition, where the documents to be received will require signature, the registration process must:

  1. (1) Establish the registrant's identity, and the registrant's relation to any entity for which the registrant will submit electronic documents, with evidence that can be verified by information sources that are independent of the registrant and the entity or entities in question and that would be sufficient to identify the registrant as the signature holder for purposes of supporting litigation consistent with paragraph (b) of this section;

  2. (2) Establish and document a unique correlation between the registrant and the code or device that will constitute or create the electronic signature of the registrant as a submitter;

  3. (3) Require that the registrant sign on paper, or in such other manner or medium as the Administrator in his or her discretion may determine as appropriate for a category of electronic reports, an electronic signature agreement specifying at a minimum that the registrant agrees to:
    1. (i) Protect the electronic signature from unauthorized use, and follow any procedures specified by the agency for this purpose;
    2. (ii) Be held as legally bound, obligated, or responsible by use of the assigned electronic signature as by hand-written signature;
    3. (iii) Where the signature method is based on a secret code or key, maintain the confidentiality of each component of the electronic signature;
    4. (iv) In any case, never to delegate the use of the electronic signature, or in any other way intentionally provide access to its use, to any other individual for any reason; and
    5. (v) Report to the entity specified in the electronic signature agreement, within twenty-four hours of discovery, any evidence of the loss, theft, or other compromise of any component of an electronic signature;
  4. (4) Provide for the automatic and immediate revocation of an electronic signature in the event of:
    1. (i) Any actual or apparent violation of the electronic signature agreement;
    2. (ii) Any evidence that the signature has been compromised, whether or not this is reported by the registrant to whom the signature was issued; or
    3. (iii) Notification from an entity that the registrant is no longer authorized by the entity to submit electronic documents on its behalf;
  5. (5) Require that the registrant renew his or her electronic signature agreement at least once every two years, or upon request by EPA, with a renewal agreement that:
    1. (i) Complies with the provisions listed in paragraph (d)(3) of this section; and
    2. (ii) Includes the registrant's certification that he or she has complied with provisions listed in paragraph (d)(3) of this section since issuance of the signature, and that all reports submitted under the signature since the electronic signature agreement was last signed were reviewed and submitted by the registrant;
  6. (6) Provide for a registrant who is surrendering his or her electronic signature to certify that he or she has complied with provisions listed in paragraph (d)(3) of this section since issuance of the signature and that all reports submitted under the signature since the electronic signature agreement was last signed were reviewed and submitted by the registrant.