My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Washington State DOH Data Information Sharing Agreement
>
Meetings
>
2018
>
08. August
>
2018-08-21 10:00 AM - Commissioners' Agenda
>
Washington State DOH Data Information Sharing Agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
8/16/2018 1:09:24 PM
Creation date
8/16/2018 1:08:13 PM
Metadata
Fields
Template:
Meeting
Date
8/21/2018
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Alpha Order
m
Item
Request to Approve a Sharing Agreement with the Washington State Department of Health
Order
13
Placement
Consent Agenda
Row ID
47235
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
20
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
APPENDIX B <br />DATA SECUTUTY REQUIREMENTS <br />Protection of Data <br />The Information Recipient agrees to store information received under this Agreement (the data) <br />within the United States on one or more of the following media, and to protect it as described <br />below: <br />A. Passwords — <br />1. Passwords must always be encrypted. When stored outside of the authentication <br />mechanism, passwords must be in a secured environment that is separate from the data <br />and protected in the same manner as the data. For example passwords stored on mobile <br />devices or portable storage devices must be protected as described under section F. Data <br />Kl age on mobile devices or portable slara�e media. <br />2. Complex Passwords are: <br />• At least 8 characters in length <br />• Contain at least three of the following character classes: uppercase letters, lowercase <br />letters, numerals, special characters. <br />• Do not contain the user's name, user ID or any form of their full name <br />• Do not consist of a single complete dictionary word, but can include a passphrase <br />• Changed at least every 120 days. <br />B. Hard disk drives - Data stored on workstation hard disks: <br />a. The data must be encrypted as described under section F. Data stonM on mobile devices <br />or� portable storage media. Encryption is not required when Potentially Identifiable <br />Information is stored temporarily on local workstation hard disks. Temporary storage is <br />thirty (30) days or less. <br />b. Access to the data is restricted to authorized users by requiring logon to the local <br />workstation using a unique user ID and Complex Password, or other authentication <br />mechanisms which provide equal or greater security, such as biometrics or smart cards. <br />Accounts must lock after 5 unsuccessful access attempts and remain locked for at least 15 <br />minutes, or require administrator reset. <br />C. Network server and storage area networks (SAN): <br />1. Access to the data is restricted to authorized users through the use of access control lists <br />which will grant access only after the authorized user has authenticated to the network. <br />a. Authentication must occur using a unique user ID and Complex Password, or other <br />authentication mechanisms which provide equal or greater security, such as <br />biometrics or smart cards. Accounts must lock after 5 unsuccessful access attempts, <br />and remain locked for at least 15 minutes, or require administrator reset. <br />Page 12 of 16 <br />rev 07/02/2013 <br />
The URL can be used to link to this page
Your browser does not support the video tag.