My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
SH22-011 - WA STATE HCA MOUD IN JAILS PSA - Amendment 1 - partially executed
>
Meetings
>
2022
>
07. July
>
2022-07-19 10:00 AM - Commissioners' Agenda
>
SH22-011 - WA STATE HCA MOUD IN JAILS PSA - Amendment 1 - partially executed
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/14/2022 1:24:17 PM
Creation date
7/14/2022 1:22:58 PM
Metadata
Fields
Template:
Meeting
Date
7/19/2022
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Alpha Order
h
Item
Request to Approve a Resolution Authorizing an Amendment to the Professional Services Agreement Between Kittitas County and Washington State Healthcare Authority
Order
8
Placement
Consent Agenda
Row ID
91496
Type
Resolution
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
25
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
4. Data Segregation <br />HCA's Data received under this DSA must be segregated or otherwise distinguishable from non -HCA <br />Data. This is to ensure that when no longer needed by the Contractor, all of HCA's Data can be <br />identified for return or destruction. It also aids in determining whether HCA's Data has or may have been <br />compromised in the event of a security breach. <br />a. HCA's Data must be kept in one of the following ways: <br />on media (e.g. hard disk, optical disc, tape, etc.) which will contain only HCA Data; or <br />in a logical container on electronic media, such as a partition or folder dedicated to RCA's <br />Data; or <br />ii. in a database that will contain only HCA Data; or <br />iii. within a database and will be distinguishable from non -HCA Data by the value of a <br />specific field or fields within database records; or <br />iv. when stored as physical paper documents, physically segregated from non -HCA Data in <br />a drawer, folder, or other container. <br />b. When it is not feasible or practical to segregate HCA's Data from non -HCA data, then both HCA's <br />Data and the non -HCA data with which it is commingled must be protected as described in this <br />Attachment. <br />c. Contractor must designate and be able to identify all computing equipment on which they store, <br />process and maintain HCA Data. No Data at any time may be processed on or transferred to any <br />portable storage medium. Laptop/tablet computing devices are not considered portable storage <br />medium devices for purposes of this DSA provided it is installed with end-point encryption. <br />5. Data Disposition <br />Consistent with Chapter 40.14 RCW, Contractor shall erase, destroy, and render unrecoverable all HCA <br />Confidential Data and certify in writing that these actions have been completed within thirty (30) days of <br />the disposition requirement or termination of this DSA, whichever is earlier. At a minimum, media <br />sanitization is to be performed according to the standards enumerated by NIST SP 800-88r1 Guidelines <br />for Media Sanitization. <br />a. For HCA's Confidential Information stored on network disks, deleting unneeded Data is sufficient <br />as long as the disks remain in a Secured Area and otherwise meet the requirements listed in <br />Section 3, above. Destruction of the Data as outlined in this section of this Attachment may be <br />deferred until the disks are retired, replaced, or otherwise taken out of the Secured Area. <br />6. Network Security <br />Contractor's network security must include the following: <br />a. Network firewall provisioning; <br />b. Intrusion detection; <br />c. Quarterly vulnerability assessments; and <br />Washington State <br />Health Care Authority Page 19 HCA Contract No. K5885-1 <br />
The URL can be used to link to this page
Your browser does not support the video tag.