Enter email address

Disclaimer

Nothing contained in this blog or on www.keytlaw.com is legal advice. This is just a website that provides information about the law designed to help people deal with their legal needs. Legal information provided on this website is not the same as legal advice, i.e., the application of the law to a person’s specific circumstances.

We try to make our legal information accurate and useful, but we recommend that you consult a lawyer if you want professional assurance that our information and your interpretation of it is appropriate to your particular situation and legal needs.

Our blog and website is also an indirect advertisement for legal services by our attorneys who are licensed to practice law in Arizona. Neither KEYTLaw, LLC, nor any of its attorneys are your attorney and you are not our client unless you enter into a written agreement with us to provide legal services.

ARS § 36-2807

Arizona Revised Statutes Section 36-2807 – Verification system

A. Within one hundred twenty days of the effective date of this chapter, the department shall establish a secure, password-protected, web-based verification system for use on a twenty-four hour basis by law enforcement personnel and nonprofit medical marijuana dispensary agents to verify registry identification cards.

B. The verification system must allow law enforcement personnel and nonprofit medical marijuana dispensary agents to enter a registry identification number and verify whether the number corresponds with a current, valid identification card.

C. The system shall disclose:

1. The name of the cardholder, but must not disclose the cardholder’s address.

2. The amount of marijuana that each registered qualifying patient received from nonprofit medical marijuana dispensaries during the past sixty days.

D. The verification system must include the following data security features:

1. Any time an authorized user enters five invalid registry identification numbers within five minutes, that user cannot log in to the system again for ten minutes.

2. A users log-in information shall be deactivated after 5 incorrect login attempts until the authorized user contacts the department and verifies his identity.

3. The server must reject any log-in request that is not over an encrypted connection.

Caution: 1998 Prop. 105 applies.  This text is current as of 12/26/10.  Check here for updates.