My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Sub-Contract between Yakima Neighborhood Halth Services and KCPHD
>
Meetings
>
2017
>
10. October
>
2017-10-17 10:00 AM - Commissioners' Agenda
>
Sub-Contract between Yakima Neighborhood Halth Services and KCPHD
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/16/2018 3:25:05 PM
Creation date
1/16/2018 12:26:44 PM
Metadata
Fields
Template:
Meeting
Date
10/17/2017
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Alpha Order
d
Item
Request to Approve a Sub-Contract between Yakima Neighborhood Health Services and the Kittitas County Public Health Department
Order
4
Placement
Consent Agenda
Row ID
40001
Type
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
45
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Download electronic document
View images
View plain text
DocuSign Envelope ID: 62955F1D-7A37-4CB0-A8D8-2BA7ADB5515E <br />smart cards. Data on disks mounted to such servers must be located in an area which is <br />accessible only to authorized personnel, with access controlled through use of a key, card <br />key, combination lock, or comparable mechanism. <br />For EXCHANGE Confidential Information stored on these disks, deleting unneeded Data is <br />sufficient as long as the disks remain in a Secured Area and otherwise meet the <br />requirements listed in the above paragraph. Destruction of the Data as outlined in Section <br />5. Data Disposition may be deferred until the disks are retired, replaced, or otherwise taken <br />out of the Secured Area. <br />c. Removable Media, including Optical discs (CDs or DVDs) in local workstation optical disc <br />drives and which will not be transported out of a secure area. Sensitive or Confidential Data <br />provided by HBE on removable media, such as optical discs or USB drives, which will be used <br />in local workstation optical disc drives or USB connections shall be encrypted with 128 -bit <br />AES encryption or better. When not in use for the contracted purpose, such discs must be <br />locked in a drawer, cabinet or other container to which only authorized users have the key, <br />combination or mechanism required to access the contents of the container. Workstations <br />which access EXCHANGE Data on optical discs must be located in an area which is accessible <br />only to authorized personnel, with access controlled through use of a key, card key, <br />combination lock, or comparable mechanism. <br />d. Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers and which will not be <br />transported out of a secure area. Data provided by HBE on optical discs which will be <br />attached to network servers shall be encrypted with 128 -bit AES encryption or better. <br />Access to Data on these discs will be restricted to authorized users through the use of access <br />control lists which will grant access only after the authorized user has been authenticated to <br />the network using a unique user ID and complex password or other authentication <br />mechanisms which provide equal or greater security, such as biometrics or smart cards. <br />Data on discs attached to such servers must be located in an area which is accessible only to <br />authorized personnel, with access controlled through use of a key, card key, combination <br />lock, or comparable mechanism. <br />e. Paper documents. All paper records must be protected by storing the records in a secure <br />area which is only accessible to authorized personnel. When not in use, such records must <br />be stored in a locked container, such as a file cabinet, locking drawer, or safe, to which only <br />authorized persons have access. <br />f. Access via remote terminal/workstation over the State Governmental Network (SGN) or WA <br />Health Benefit Exchange network (EXCHANGE Network). Data accessed and used interactively <br />over the SGN or EXCHANGE Network. Access to the Data will be controlled by EXCHANGE staff <br />who will issue authentication credentials (e.g. a unique user ID and complex password) to <br />authorized contractor staff. Contractor shall have established and documented access <br />termination procedures for existing staff with access to EXCHANGE Data. These procedures <br />shall be provided to EXCHANGE staff upon request. The Contractor will notify EXCHANGE staff <br />immediately whenever an authorized person in possession of such credentials is terminated or <br />otherwise leaves the employment of the contractor, and whenever a user's duties change <br />such that the user no longer requires access to perform work for this Contract. <br />g. Access via remote terminal/workstation over the Internet through Secure Access <br />Washington. Data accessed and used interactively over the Internet. Access to the Data will <br />be controlled by EXCHANGE staff who will issue remote access authentication credentials <br />(e.g. a unique user ID and complex password) to authorized contractor staff. Contractor will <br />HBE-349 YNHS Exhibit D — Data Security Requirements Page 25 of 41 <br />
The URL can be used to link to this page
Your browser does not support the video tag.