My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Washington State DOH Data Information Sharing Agreement
>
Meetings
>
2018
>
08. August
>
2018-08-21 10:00 AM - Commissioners' Agenda
>
Washington State DOH Data Information Sharing Agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
8/16/2018 1:09:24 PM
Creation date
8/16/2018 1:08:13 PM
Metadata
Fields
Template:
Meeting
Date
8/21/2018
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Alpha Order
m
Item
Request to Approve a Sharing Agreement with the Washington State Department of Health
Order
13
Placement
Consent Agenda
Row ID
47235
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
20
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
The data must not be stored by the Information Recipient on mobile devices or portable <br />storage media unless specifically authorized within the terms of this Agreement. If so <br />authorized: <br />a) The devices/media must be encrypted with a key length of at least 128 bits, using <br />industry standard mechanisms validated by the National Institute of Standards and <br />Technologies (NIST). <br />■ Encryption keys must be stored in a secured environment that is separate from the <br />data and protected in the same manner as the data. <br />b) Access to the devices/media is controlled with a user ID and a Complex Password (of <br />at least 6 characters), or a stronger authentication method such as biometrics. <br />c) The devices/media must be set to automatically wipe or be rendered unusable after no <br />more than 10 failed access attempts. <br />d) The devices/media must be locked whenever they are left unattended and set to lock <br />automatically after an inactivity activity period of 3 minutes or less. <br />e) The data must not be stored in the Cloud. This includes backups. <br />f) The devices/ media must be physically protected by: <br />■ Storing them in a secured and locked environment when not in use. <br />■ Using check-in/check-out procedures when they are shared, and <br />is Taking frequent inventories <br />4. When passwords and/or encryption keys are stored on mobile devices or portable storage <br />media they must be encrypted and protected as described in this section. <br />G. Backup Media <br />The data may be backed up as part of Information Recipient's normal backup process <br />provided that the process includes secure storage and transport, and the data is encrypted as <br />described under F. Data storage on mobile devices or portable storage media. <br />H. Paper documents <br />Paper records that contain data classified as Confidential or Restricted must be protected by <br />storing the records in a secure area which is only accessible to authorized personnel. When <br />not in use, such records is stored in a locked container, such as a file cabinet, locking drawer, <br />or safe, to which only authorized persons have access. <br />I. Data Segregation <br />1. The data must be segregated or otherwise distinguishable from all other data. This is to <br />ensure that when no longer needed by the Information Recipient, all of the data can be <br />identified for return or destruction. It also aids in determining whether the data has or <br />may have been compromised in the event of a security breach. <br />2. When it is not feasible or practical to segregate the data from other data, then all <br />commingled data is protected as described in this Exhibit. <br />Page 14 of 16 <br />rev 07/02/2013 <br />
The URL can be used to link to this page
Your browser does not support the video tag.