Laserfiche WebLink
prevent access by non-authorized staff such as janitorial or facility security stafl when authorized <br />Contractor staff are not present to ensure that non-authorized staff cannot access it. <br />p. "Staff" means the Contracto/s directors, officers, employees, and agents who provide goods or <br />services pursuant to this Contract. "Staff'also means Subcontractors' directors, officers, <br />employees, and agents who provide goods or services on behalf of the Contractor. The term "Stafr' <br />also means the Subcontractors' directors, officers, employees, and agents who provide goods or <br />services on behalf of the Subcontractor and Contractor. <br />q. "Trusted Network" means a network operated and maintained by the Contractor, wlrich includes <br />security controls sufficientto protect DCYF Data on that network. Controls would include a firewall <br />between any other networks, access controllists on networking devices such as routers and <br />switches, and other such mechanisms wtrich protect the confidentiality, integrity, and availability of <br />the Data. <br />r "Unique User lD" means a string of characters that identifies a specific user and wtrich, in <br />conjunction with a password, passphrase or other mechanism, authenticates a user to an <br />information system. <br />3 <br />4 <br />2. Authority <br />The security requirements described in this contract reflect the applicable requirements of Standard <br />141 .10 (https://ocio.wa.gov/policies) of the Office of the Chief lnformation Officer for the state of <br />Washington, and of the DCYF lnformation Security Policy and Standards Manual. <br />Scope of Protection <br />The requirements described in this Contract apply to Confidential lnformation and Data related to the <br />subject matter of this Contract that is delivered, received, used, shared, acquired, created, developed, <br />revised, modified, or amended by DCYF, the contractor, or subcontractors. <br />Data Classification <br />The Washington State Office of the Chief lnformation Officer (OCIO) has established policies that <br />classify data into categories based on the data's sensitivity. The categories described in Section 4 <br />of OCIO policy No. 141 .10 are adopted and incorporated by reference in this Agreement. pursuant <br />to section 4 of oclo policy No. 141 .10 the categories are as follows: <br />(1) Category 1 - Public lnformation <br />Public information is information that can be or currenfly is released to the public. lt does not <br />need protection from unauthorized disclosure, but does need integrity and availability protection <br />controls. <br />(2) Category 2 - Sensitive lnformation <br />Sensitive information may not be specifically protected from disclosure by lawand is for official <br />use only. Sensitive information is generally not released to the public unl-ess specifically <br />requested. <br />(3) Category 3 - Confidential lnformation <br />Confidential information is information that is specifically protected from either release ordisclosure by law. This includes, but is not limited to: <br />Departmentof Children, Youth & Families <br />2017CF County Program Agreement 6-24-20 <br />a <br />Page 17