My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
RES-2022-148
>
Meetings
>
2022
>
07. July
>
2022-07-19 10:00 AM - Commissioners' Agenda
>
RES-2022-148
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/26/2022 12:13:33 PM
Creation date
7/26/2022 12:13:13 PM
Metadata
Fields
Template:
Meeting
Date
7/19/2022
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Alpha Order
h
Item
Request to Approve a Resolution Authorizing an Amendment to the Professional Services Agreement Between Kittitas County and Washington State Healthcare Authority
Order
8
Placement
Consent Agenda
Row ID
91496
Type
Resolution
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
27
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
4. Data Segregation <br />HCA's Data received under this DSA must be segregated or otherwise distinguishable from non-HCA <br />Data. This is to ensure that when no longer needed by the Contractor, all of HCA's Data can be <br />identified for return or destruction. lt also aids in determining whether HCA's Data has or may have been <br />compromised in the event of a security breach. <br />a. HCA's Data must be kept in one of the following ways <br />i. on media (e.9. hard disk, optical disc, tape, etc.) which will contain only HCA Data; or <br />i. in a logical container on electronic media, such as a partition or folder dedicated to HCA's <br />Data; or <br />ii. in a database that will contain only HCA Data; or <br />iii. within a database and will be distinguishable from non-HCA Data by the value of a <br />specific field or fields within database records; or <br />iv. when stored as physical paper documents, physically segregated from non-HCA Data in <br />a drawer, folder, or other container. <br />b. When it is not feasible or practicalto segregate HCA's Data from non-HCA data, then both HCA's <br />Data and the non-HCA data with which it is commingled must be protected as described in this <br />Attachment. <br />c. Contractor must designate and be able to identify all computing equipment on which they store, <br />process and maintain HCA Data. No Data at any time may be processed on or transferred to any <br />portable storage medium. Laptopltablet computing devices are not considered portable storage <br />medium devices for purposes of this DSA provided it is installed with end-point encryption. <br />5. Data Disposition <br />Consistent with Chapter 4Q.14 RCW Contractor shall erase, destroy, and render unrecoverable all HCA <br />Confidential Data and certify in writing that these actions have been completed within thirty (30) days of <br />the disposition requirement or termination of this DSA, whiehever is earlier. At a minimum, media <br />sanitization is to be performed according to the standards enumerated by NIST SP 800-8811 Guidelines <br />for Media Sanitization. <br />a. For HCA's Confidential lnformation stored on network disks, deleting unneeded Data is sufficient <br />as long as the disks remain in a Secured Area and otherwise meet the requirements listed in <br />Section 3, above. Destruction of the Data as outlined in this section of this Attachment may be <br />deferred until the disks are retired, replaced, or otherwise taken out of the Secured Area. <br />6. Network Security <br />Contractor's network security must include the following <br />a. Network firewall provisioning; <br />b. lntrusion detection; <br />c. Qua(erly vulnerability assessments; and <br />Washington State <br />Health Care Authority Page 19 HCA Contract Na. K5885-1
The URL can be used to link to this page
Your browser does not support the video tag.