JA7.7     Data Exchange Requirements

Compliance documents required by the Administrative Regulations (Title 24, Part 1, §10-103) shall be based on standardized data structures that define their informational content and graphical layout. These data structures shall be represented using the XML data exchange standard developed by the World Wide Web Consortium. The XML data that represents the information entered by users and subsequently displayed in information fields on compliance document images shall be validated against an XML schema that is published in the Data Registry Requirements Manual that is approved by the Energy Commission. The XML schema(s) shall standardize the organization of the data, the terminology, and the data types, thus support data integrity and provide built-in data validation. All electronic data transmittals used for producing compliance documents in Data Registries shall be based on XML technology.

The compliance document images rendered from XML data submitted to the Data Registry shall be consistent with the informational content, graphical layout, and graphical formatting for the compliance documents approved by the Energy Commission.

Detailed Guidance for use of the data definitions defined in the XML schema, and the data formats used to render each of the registered compliance documents shall be provided in the Data Registry Requirements Manual. Consideration shall be given to use of two complimentary XML technologies, Extensible Stylesheet Language Transformation (XSLT) and Extensible Stylesheet Language Formatting Objects (XSL-FO) which shall work directly with the data in the Compliance Data Exchange File to transform the data into the required graphical layout and formatting for the completed compliance document image.

Data registries shall provide web-based services to authorized users to enable user data exchange in accordance with JA7.7.1.

JA7.7.1 Data Exchange for Document Registration Procedures

Data exchange transactions with a Data Registry for document registration procedures shall utilize keyed-in data entry as described in Section JA7.7.1.1; output from approved Title 24, Part 6 Performance Compliance Software as described in Section JA7.7.1.6; or data exchange from an external digital data source as described in Section JA7.7.1.2 that has been approved by the Energy Commission in accordance with applicable requirements specified in Section JA7.8.

Data exchange utilizing software tools/technology or external digital data sources (EDDS) that have not been approved by the Energy Commission shall not be used for the document registration processes required by Title 24, Part 6.

JA7.7.1.1    Keyed-in Data Entry

Data Registries shall have the capability to receive data entry from an authorized user's personal computing device when the authorized user has logged-on to the Data Registry web service using the personal computing device.

JA7.7.1.2    Digital Data Sources External to a Data Registry

As an alternative to the data entry described in JA7.7.1.1, digital data sources external to a Data Registry may be used by an authorized user of a Data Registry for transmitting information to a Data Registry during document registration procedures. External Digital Data Sources (EDDS) shall be approved by the Energy Commission in accordance with the applicable requirements specified in Sections JA7.8.

RA1.1.1.1.1           JA7.7.1.2.1 EDDS Data Exchange Requirements

The data uploads to an EDDS, and the data exchange between a Data Registry and an EDDS shall conform to the following:

(a)  The data exchange from an EDDS to a Data Registry shall be initiated only by an authorized user of the Data Registry; only while the user is logged into his Title 24, Part 6 Data Registry user account; and only by use of a data exchange feature managed and made available to the user by the Data Registry user interface.

(b)  The data exchange from an EDDS to a Data Registry shall not be an unattended automatic electronic data exchange transaction.

(c)  The Registration Provider shall ensure the authorized user has the opportunity to review and revise the information transmitted to the data registry by use of an EDDS prior to making electronic signature controls available to the user.

(d)  The Registration Provider shall be responsible for managing the security and integrity of the data exchange with the EDDS.

(e)  The Registration Provider shall ensure that user data uploads to the EDDS, and subsequent storage and maintenance of compliance data in the EDDS are done using best practices for secure data exchange and secure data storage.

(f)   The Registration Provider shall ensure that the data exchange processes that import data into the Data Registry from the EDDS are performed using best practices for secure data exchange.

(g)  The user's compliance data may be uploaded automatically to an EDDS datastore, such as by network-connected diagnostic field verification instruments, or it may be keyed in by the user using an EDDS services software user interface.

(h)  The data transmitted from an EDDS to a Data Registry shall conform to the XML schema for each respective Title 24, Part 6 compliance document for which the data is to be used. All data provided to complete compliance documents shall be subjected to data validation by the Data Registry software after the data is transmitted to the Data Registry.

(i)   The current compliance document schemas approved by the Energy Commission shall be made available to the EDDS services providers as needed in order to clarify the Title 24 Part 6 compliance document data requirements.

(j)   Additional guidance for interfacing with and managing EDDS technical features may be given in the Data Registry Requirements Manual.

RA1.1.1.1.2          JA7.7.1.2.2 EDDS Types

EDDS types may include but are not limited to:

(a) Diagnostic instrument manufacturer services that incorporate wireless or web-based data logging capabilities into their products, capture and store relevant information from field diagnostic testing procedures, and provide digital access to the stored data to the diagnostic tool owners and other parties to the field verification procedure.

(b) Third party quality control programs (TPQCP) that verify the work of participating installers, collect and evaluate more detailed data than necessary for compliance, identify in real-time during the installation invalid and inaccurate installer testing and noncompliant installations, and enable corrected testing with the goal of bringing installations into compliance before the installer leaves the job site. TPQCP descriptions and requirements are specified in Appendix RA2.7.

(c) Internet-based datastores that are administered to ensure the security and integrity of data input to the datastore by authorized users of Title 24, Part 6 Data Registries, who subsequently transmit the stored data to a Title 24, Part 6 Data Registry while logged-in to the Data Registry during Title 24, Part 6 document registration procedures.

 

JA7.7.1.3 Image File Format Specification for Document Registration

Image files transmitted to a Data Registry that originate from an Energy Commission-managed compliance Report Generator or approved compliance software as part of document registration procedures shall be non-editable "flat" image files in PDF format. Registered compliance document images produced by a Data Registry shall be non-editable "flat" image files in PDF format. The PDF image of a registered compliance document shall not be recreated from data when a user subsequently wishes to view a copy of the registered document or download a PDF file copy of the document. Thus the image shall be generated only once, and stored in the Data Registry as a "non-editable" image file.

JA7.7.1.4 Export to Commission Compliance Document Repository

Contingent upon approval of a document repository by the Commission, upon conclusion of the registration of a document, the Data Registry shall immediately and automatically export a copy of the registered compliance document transmission package to the Energy Commission Document Repository.

The transmission package export shall conform to the specifications for data exchange described in JA7.6 and JA7.7.

Compliance Transmission Package exports to the Commission Compliance Document Repository shall contain the data representation of the information displayed on the registered compliance document, and the Registration Provider's digitally signed image file that represents the completed registered compliance document.

Detailed guidance for data and document exports to the document repository may be included in the Data Registry Requirements Manual.

JA7.7.1.5 Electronic Copies of Registered Compliance Documents for Submittals

Registered document files retained by a Data Registry shall be made available to authorized users of the Data Registry for download for use for electronic submittals. These electronic copies of the registered compliance documents shall have the Registration Provider's digital signature which provides for automatic electronic verification of the authenticity of the document. Refer to Section JA7.5.5 for more information about automatic verification of document authenticity using digital certificates.

JA7.7.1.6 Security and Authentication for the Performance Certificate of Compliance

The Title 24, Part 6 residential and nonresidential compliance manager-based performance compliance software (compliance software) utilizes digital signing when generating analysis data for submission to the Compliance Report Generator (RG) for creating the Certificate of Compliance. Subsequently, the RG utilizes digital signing of the Certificate of Compliance Registration Package returned to the compliance software user making available the capability for Data Registries to verify the authenticity of the compliance software output and confirm the data has not been tampered with.

Data Registries shall digitally inspect all Certificate of Compliance Registration Packages submitted for registration to ensure both the Certificate of Compliance data and PDF image components of the compliance software output are authentic and have not been tampered with. Data Registries shall ensure that Certificate of Compliance Registration Packages that are not authentic or have been tampered with shall not be used for document registration for demonstrating compliance with Title 24 Part 6.

Detailed guidance for Data Registry use of the digital signing technologies employed by the compliance software and the RG shall be given in the Data Registry Requirements Manual.