My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
DDA and KCPHD Service Agreement
>
Meetings
>
2021
>
08. August
>
2021-08-03 10:00 AM - Commissioners' Agenda
>
DDA and KCPHD Service Agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/5/2023 3:25:09 PM
Creation date
10/5/2023 3:24:46 PM
Metadata
Fields
Template:
Meeting
Date
8/3/2021
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Item
Request to Approve County Program Agreement with the Department of Social and Health Services for DDA County Services
Order
11
Placement
Consent Agenda
Row ID
79309
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
28
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Special Terms and Conditions <br />Exhibit A - Data Security Requirements <br />1 Definitions. The words and phrases listed below, as used in this Exhibit, shall each have the following <br />definitions: <br />a. "AES' means the Advanced Encryption Standard, a specification of Federal lnformation Processing <br />Standards Publications for the encryption of electronic data issued by the National lnstitute of <br />Standards and Technology (http://nvlpubs.nist.gov/nistpubs/FIPS/NlST.FlPS.197.pdfl. <br />b, "Authorized Users(s)" means an individual or individuals with a business need to access DSHS <br />Confidential lnformation, and who has or have been authorized to do so. <br />"Category 4 Data" is data that is confidential and requires special handling due to statutes or <br />regulations that require especially strict protection of the data and from which especially serious <br />consequences may arise in the event of any compromise of such data. For purposes of this <br />contract, data classified as Category 4 refers to data protected by: the Health lnsurance Portability <br />and Accountability Act (HIPAA). <br />d. "Cloud" means data storage on servers hosted by an entity other than the Contractor and on a <br />network outside the control of the Contractor. Physical storage of data in the cloud typically spans <br />multiple servers and often multiple locations. Cloud storage can be divided between consumer <br />grade storage for personal files and enterprise grade for companies and governmental entities. <br />Examples of consumer grade storage would include iCloud, Dropbox, Box.com, and many other <br />entities, Enterprise cloud vendors include Microsoft Azure, Amazon Web Services, 0365, and <br />Rackspace. <br />e "Encrypt" means to encode Confidential lnformation into a format that can only be read by those <br />possessing a "key", a password, digital certificate or other mechanism available only to authorized <br />users. Encryption must use a key length of at least 128 bits (256 preferred) for symmetric keys, or <br />2048 bits for asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard <br />(AES) must be used if available. <br />f. "Hardened Password" means a string of at least eight characters containing at least three of the <br />following four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special <br />characters such as an asterisk, ampersand, or exclamation point. <br />g. "Mobile Device" means a computing device, typically smaller than a notebook, which runs a mobile <br />opgraung system, sucn as tub, /\nqroto, or vvtnoows Fnone. tvtooile uevtces rncruae sman pnones, <br />most tablets, and other form factors. <br />h. "Multi-factor Authentication" means controlling access to computers and other lT resources by <br />requiring two or more pieces of evidence that the user is who they claim to be. These pieces of <br />evidence consist of something the user knows, such as a password or PIN; something the user has <br />such as a key card, smart card, or physicaltoken; and something the user is, a biometric identifier <br />such as a fingerprint, facial scan, or retinal scan. "PlN" means a personal identification number, a <br />series of numbers which act as a password for a device. Since PiNs are typicaiiy oniy fbur to six <br />characters, PlNs are usually used in conjunction with another factor of authentication, such as a <br />fingerprint. <br />"Portable Device" means any computing device with a smallform factor, designed to be transported <br />from place to place. Portable devices are primarily battery powered devices with base computing <br />resources in the form of a processor, memory, storage, and network access. Examples include, but <br />Page 18 <br />DSHS Central Contract Services <br />1 769CS County Agreement 06-08-2021 <br />c
The URL can be used to link to this page
Your browser does not support the video tag.