|
n. "Portable Media" means any machine readable media that may routinely be stored or moved
<br />independently of computing devices. Examples include magnetic tapes, optical discs (CDs or
<br />DVDs), flash memory (thumb drive) devices, external hard drives, and internal hard drives that have
<br />been removed from a computing device.
<br />o. "Physically Secure" means that access is restricted through physical means to authorized
<br />individuals only.
<br />p. "Secure Area" means an area to which only authorized representatives of the entity possessing the
<br />Confidential Information have access, and access is controlled through use of a key, card key,
<br />combination lock, or comparable mechanism. Secure Areas may include buildings, rooms or
<br />locked storage containers (such as a filing cabinet or desk drawer) within a room, as long as access
<br />to the Confidential Information is not available to unauthorized personnel. In otherwise Secure
<br />Areas, such as an office with restricted access, the Data must be secured in such a way as to
<br />prevent access by non -authorized staff such as janitorial or facility security staff, when authorized
<br />Contractor staff are not present to ensure that non -authorized staff cannot access it.
<br />q. "Sensitive Personal Information" means personally identifying information including, but not limited
<br />to: names, addresses, health information, GPS [Global Positioning System] coordinates, telephone
<br />numbers, email addresses, social security numbers, driver's license numbers, or other personally
<br />identifying information, and any financial identifiers.
<br />r. "Staff' means the Contractor's directors, officers, employees, and agents who provide goods or
<br />services pursuant to this Contract. "Staff' also means Subcontractors' directors, officers,
<br />employees, and agents who provide goods or services on behalf of the Contractor. The term "Staff'
<br />also means the Subcontractors' directors, officers, employees, and agents who provide goods or
<br />services on behalf of the Subcontractor and Contractor.
<br />s. Trusted Network" means a network operated and maintained by the Contractor, which includes
<br />security controls sufficient to protect DCYF Data on that network. Controls would include a firewall
<br />between any other networks, access control lists on networking devices such as routers and
<br />switches, and other such mechanisms which protect the confidentiality, integrity, and availability of
<br />the Data.
<br />t. "Unique User ID" means a string of characters that identifies a specific user and which, in
<br />conjunction with a password, passphrase or other mechanism, authenticates a user to an
<br />information system.
<br />2. Authority. The security requirements described in this document reflect the applicable requirements of
<br />Standard 141.10 (http_s://ocio.wa.gov/policies) of the Office of the Chief Information Officer for the State
<br />of Washington, and of the DCYF Information Security Policy and Standards Manual.
<br />3. Scope of Protection. Applies to Confidential Information, Data, Category 4 Data, Sensitive Personal
<br />Information, and Materials related to the subject matter of this Contract that is delivered, received,
<br />used, shared, acquired, created, developed, revised, modified, or amended by DCYF, the Contractor,
<br />or Subcontractors.
<br />4. Compliance with Laws, Rules, Regulations, and Policies. For Confidential Information, Data,
<br />Category 4 Data, Sensitive Personal Information, and Materials that is delivered, received, used,
<br />shared, acquired, created, developed, revised, modified, or amended in connection with this Contract
<br />the parties shall comply with the following:
<br />Department of Children, Youth & Families
<br />2017CF County Program Agreement 6-24-20
<br />Page 10
<br />
|