My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
i-ACT program agreement
>
Meetings
>
2021
>
07. July
>
2021-07-06 10:00 AM - Commissioners' Agenda
>
i-ACT program agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
8/2/2021 12:04:57 PM
Creation date
8/2/2021 12:04:37 PM
Metadata
Fields
Template:
Meeting
Date
7/6/2021
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Alpha Order
p
Item
Request to Approve a County Program Agreement - i-ACT Program Development
Order
16
Placement
Consent Agenda
Row ID
78209
Type
Grant
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
21
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
a. All federal and state laws and regulations, as currently enacted or revised, regarding the protection, <br />security, and electronic interchange of Confidential lnformation, Data, Category 4 Data, Sensitive <br />Personal lnformation, and Materials; and <br />b. All federal and state laws and regulations, as currently enacted or revised, regarding the use, <br />disclosure, modification or loss of Confidential lnformation, Data, Category 4 Dala, Sensitive <br />Personal lnformation, and Materials. <br />5. Administrative Controls. The Contractor must have the following controls in place: <br />a. A documented security policy governing the secure use of its computer network, mobile devices, <br />portable devices, as well as, any form of paper/hard copy documents, and which defines sanctions <br />that may be applied to Contractor staff for violating that policy. <br />b. Security awareness training for all staff, presented annually, as follows: <br />(1). Contractor staff responsibilities under the Contractor's security policy, <br />(2). Contactor staff responsibilities as outlined under contract Exhibit A; and <br />(3). Must successfully complete the DCYF lnformation Security Awareness Training, which can be <br />taken on this web page: httpq:l/W-Wyv,dqvf.wA.govisitggldelault/files/pdf/Sgcuritv.:in-Contracts.pdl <br />6. Authorization, Authentication, and Access. ln order to ensure that access to the Data is limited to <br />authorized staff, the Contractor must: <br />a. Have documented policies and procedures that: <br />(1). Govern access to systems; and <br />(2). Govern access to paper/hard copy documents and files. <br />b. Restrict access through administrative, physical, and technical controls to authorized staff; <br />c. Ensure that user accounts are unique and that any given user account logon lD and password <br />combination is known only to the one staff member to whom that account is assigned. For <br />purposes of non-repudiation, it must always be possible to determine which stafimember <br />performed a given action on a system housing the Data based solely on the logon lD used to <br />perform the action; <br />d. Ensure that only authorized users are capable of accessing the Data; <br />e. Ensure that an employee's access to Data is removed within twenty-four (24) hours: <br />(1). Upon suspected compromise of the user credentials; <br />(2). When their employment, or the contract under which the Data is made available to them, is <br />terminated; <br />(3).When they no longer need access to the Data to fulfillthe requirements of the Contract; and <br />(a), when the staff member has been suspended from performing services under this Contract. <br />f. Have a process to review and verify, quarterly, that only authorized users have access to systems <br />Department of Children, Youth & Families <br />2017CF County Program Agreement 6-24-20 Page 11
The URL can be used to link to this page
Your browser does not support the video tag.