Laserfiche WebLink
Special Terms and Conditions <br />authentication mechanisms which provide equa l or greater se c urity, such as biometrics or smart <br />cards. Data on disks mounted to such servers must be located in an area which is accessible only <br />to auth orized perso nnel ,_w ith access controlled through use of a key, card key, combinatl on lock, or <br />compa rabl e mecha nism. <br />For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as <br />long as the disks remain in a Secure Area and otherwise meet the requirements listed in the above <br />para graph. Destruction of the Data, as outli ned below in Section 8 Data Dispos ition , may be <br />defe rred until the disks are ret ired, replaced , or otherwise taken out of the Secu re A rea. <br />c. Optical discs (CDs or DVDs) in local workstation optical disc d rives. Data provided by DSHS <br />on optical discs which will be used in local workstation o ptica l disc d rives and wh ich will not be <br />tran sported out of a Secu re Area. When not in use for the contracted purpose, such discs must be <br />Stored in a Secure Area. Workstations which access DSHS Data on optical discs must be located <br />in an area which is accessible only to authorize d pers onnel, with access controlled through use of a <br />key, card key, combination lock, or comparable mechanism. <br />d. Optical d iscs (CDs o r DVDs) in drives or jukeboxes attached to servers. Data provided by <br />DSHS on optical discs which w ill be attac he d to network servers and which will not be transported <br />out of a Secure Area. Access to Data on these discs will be restricted to Authorized Users through <br />the use of access control lists which wm grant access only after the Authorized User has <br />authenticated to the network using a Unique User ID and Hardened Password or other <br />authentication mechanisms which provide equal or greater security, such as biometrics or smart <br />cards. Data on discs attached to such servers m ust be located in an area which is accessible only <br />to auth orized personnel, with access controlled through use of a key, card key, combi nation lock, or <br />compa rabl e mechanism. <br />e . Paper documents. Any paper records must be protected by stori ng the records in a Secure Area <br />which is on ly accessible to authorized personnel. When not in use, such records must be stored in <br />a Secure A rea . <br />f . Remote Acces s. Access to and use of the Data over the State Go vernmen tal Network (SGN) or <br />Secure Access Was hingto n (SAW) will be controlled by DSHS staff who w ill issue authentication <br />credentials (e .g. a Unique Us er ID and Hardened Password) to Authorized Users on Contractor's <br />staff. Contractor will notify DSHS staff i mmediately whe n~ve r an Authorized User in possess ion of <br />such crede ntials is terminated ot otherwise leaves the e mplo y of the Cont ractor, and whenever an <br />Authorized User's duties change such that the A uthorized User no longer requires access to <br />perform work for this Contract. <br />g. Data storage on portable devices or media. <br />(1) Except where otherwise specified herein, DSHS Data shall not be stored by the Contractor on <br />portab le d evices or m edia unless specifica lly authorized with in t he terms and conditions of the <br />Contra ct. If so authorize.d, the Data shall be given the followi ng protectio ns: <br />(a) Encrypt the Data . <br />(b) Control access to devi ces with a Un ique User ID and Hardened Password or stronger <br />authe ntication me thod such as a ph ysical token Qr bi ometrics . <br />(c) Manually lock devices whenever they are left unattended and set devices to lock <br />aut0matica lly after a period of inactivity, if this feature is available . Maximum period of <br />inactivity is 20 min utes. <br />DSHS Cen tral Contract Services <br />5048CF County Program Agre ement (11-22-2011) Page 10