My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Sub-Contract between Yakima Neighborhood Halth Services and KCPHD
>
Meetings
>
2017
>
10. October
>
2017-10-17 10:00 AM - Commissioners' Agenda
>
Sub-Contract between Yakima Neighborhood Halth Services and KCPHD
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/16/2018 3:25:05 PM
Creation date
1/16/2018 12:26:44 PM
Metadata
Fields
Template:
Meeting
Date
10/17/2017
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Alpha Order
d
Item
Request to Approve a Sub-Contract between Yakima Neighborhood Health Services and the Kittitas County Public Health Department
Order
4
Placement
Consent Agenda
Row ID
40001
Type
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
45
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Download electronic document
View images
View plain text
DocuSign Envelope ID: 62955F1D-7A37-4CB0-A8D8-2BA7ADB5515E <br />EXHIBIT D — DATA SECURITY REQUIREMENTS <br />1. Definitions. <br />a. "Authorized User(s)" means an individual or individuals with an authorized business <br />requirement to access EXCHANGE Confidential Information. <br />b. "Hardened Password" means a string of at least eight characters including 1 upper case, 1 <br />lower case, one number and 1 special character (i.e., nonalphanumeric characters). The <br />administrator and privileged user password must change every 60 days and other user <br />password once every 90 days. Previous 6 consecutive passwords cannot be reused. The <br />passwords must not allow User IDs, First Name or the last name of the user. "Transmitting" <br />means the transferring of data electronically, such as via email. <br />c. "Transmitting" means the transferring of data electronically, such as via email. <br />d. "Transporting" means the physical transferring of data that has been stored. <br />"Unique User ID" means a string of characters that identifies a specific user and which, in <br />conjunction with a password, passphrase, or other mechanism, authenticates a user to an <br />information system. <br />2. Data Transmitting. When transmitting EXCHANGE Confidential Information electronically, <br />including via email, the Data shall be protected by: <br />Transmitting the Data within the (State Governmental Network) SGN, Health Benefit <br />Exchange network or Contractor's internal network, or; <br />b. Encrypting any Data that will be transmitted outside the SGN or Contractor's internal <br />network with 128 -bit Advanced Encryption Standard (AES) encryption or better. This <br />includes transit over the public Internet. <br />3. Protection of Data. The Contractor agrees to store Data on one or more of the following media <br />and protect the Data as described: <br />a. Hard disk drives. Data stored on local workstation hard disks. Access to the Data will be <br />restricted to Authorized User(s) by requiring logon to the local workstation using a Unique <br />User ID and Hardened Password or other authentication mechanisms which provides equal <br />or greater security, such as biometrics or smart cards. The data on the drive will only be <br />accessible to authenticated individuals that need to access it. That is, the data will be <br />secured on the disk in such a way that other authenticated individuals that do not need <br />access to the data will not have the ability to access it. Workstations with sensitive data <br />stored on them will be tracked and their movements documented until the sensitive data is <br />removed from the workstation. When the data is removed the date of its removal and <br />method of its removal will be documented. Hard drives that have contained sensitive data <br />will be wiped with a method that will render the deleted information irretrievable. <br />b. Network server disks. Data stored on hard disks mounted on network servers and made <br />available through shared folders. Access to the Data will be restricted to Authorized Users <br />through the use of access control lists which will grant access only after the Authorized User <br />has authenticated to the network using a Unique User ID and Hardened Password or other <br />authentication mechanisms which provide equal or greater security, such as biometrics or <br />HBE-349 YNHS Exhibit D — Data Security Requirements Page 24 of 41 <br />
The URL can be used to link to this page
Your browser does not support the video tag.