My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
DDA County Services 27582
>
Meetings
>
2023
>
08. August
>
2023-08-01 10:00 AM - Commissioners' Agenda
>
DDA County Services 27582
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/17/2024 9:35:37 AM
Creation date
1/17/2024 9:35:14 AM
Metadata
Fields
Template:
Meeting
Date
8/1/2023
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Item
Request to Approve the Program Agreement with the Department of Social & Health Services for DDA Services
Order
19
Placement
Consent Agenda
Row ID
106478
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
29
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Special Terms and Gonditions <br />a' Have documented policies and procedures governing access to systems with the shared Data <br />b' Restrict access through administrative, physical, and technical controls ro authorized staff. <br />c' Ensure that user accounts are unique and that any given user account logon lD and passwordcombination is known only to the one employee to rninom that account is issigneJ. For purposes ofnon-repudiation, it must always be possible io determine which emplov"u puioired a given actionon a system housing the Data based solely on the logon lD used to perform the action <br />d. Ensure that onry authorized users are capable of accessing the Data. <br />e. Ensure that an employee's access to the Data is removed immediately: <br />(1) Upon suspected compromise of the user credentials. <br />(2) When their employment, or the contract under which the Data is made available to them, isterminated. <br />(3) When they no longer need access to the Data to fulfill the requirements of the contract. <br />f' Have a process to periodically review and verify that only authorized users have access to systemscontaining DSHS Confidential tnformation <br />s' Whgn accessing the Data from within the Contractor's network (the Data stays within thecontraclor's network at alltimes), enforce password and logon requirements for users within theContractor's network, including: <br />(1) A minimum length of B characters, and containing at least three of the following characterclasses: uppercase letters, lowercase letters, nuil"rals, ind special cfraracteii such as anasterisk, ampersand, or exclamation point. <br />(2) That a password does not contain a user's name, logon lD, or any form of their full name. <br />(3) That a password does not consist of a sjngle dictionary word. A password may be formed as apassphrase which consists of multiple dictionary words. <br />(a) That passwords are significantly different from the previous four passwords, passwords thatincrement by simply adding a number are not considered significanily diffeient <br />- <br />h' W,h"n accessing Confidential lnformation from an external location (the Data will traverse thelnternet or otheruvise traveloutside the contractors networkJ, mitigate risk and enforce passwordand logon requirements for users by emproying measures inttuoing: <br />(f ) Ensuring mitigations applied to the system don't allow end-user modification. <br />(2) Not allowing the use of dial-up connections. <br />(s) !:i!g industry standard protocols and solutions for remote access. Examples would includeRADIUS and Citrix. <br />(4) Encrypting all remote access traffic from the external workstation to Trusted Network or to acomponent within the Trusted Network. The traffic musl be encrypted at all times whiletraversing any network, including the lnternet, which is not a Trusted Network. <br />DSHS Central Contract Services <br />1 769CS County Agreement 05-16-2023 <br />Page 21
The URL can be used to link to this page
Your browser does not support the video tag.