My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Grants & Contract Agreement (3)
>
Meetings
>
2024
>
11. November
>
2024-11-05 10:00 AM - Commissioners' Agenda
>
Grants & Contract Agreement (3)
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
11/26/2024 9:29:19 AM
Creation date
11/26/2024 9:29:09 AM
Metadata
Fields
Template:
Meeting
Date
11/5/2024
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Item
Request to Approve an Agreement on the Department of Social & Health Services, STW Department of Vocational Rehab Contract
Order
11
Placement
Consent Agenda
Row ID
123866
Type
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
19
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
,l <br />Special Terms and Conditions <br />Exhibit A - Data Security Requirements <br />Definitions. The words and phrases listed below, as used in this Exhibit, shall each have the following <br />definitions: <br />a. .AES'means the Advanced Encryption Standard, a specification of Federal lnformation Processing <br />Standards Publications for the encryption of electronic data issued by the National lnstitute of <br />Standards and Technology (http://nvlpubs.nist.gov/nistpubs/FIPS/NlST.FlPS.197.pdf). <br />b. "Authorized Users(s)" means an individual or individuals with a business need to access DSHS <br />Confidential lnformation, and who has or have been authorized to do so. <br />c. "Business Associate Agreement" means an agreement between DSHS and a contractor who is <br />receiving Data covered underthe Privacy and Security Rules of the Health lnsurance Portability <br />and Accountability Act of 1996. The agreement establishes permitted and required uses and <br />disclosures of protected health information (PHl) in accordance with HIPAA requirements and <br />provides obligations for business associates to safeguard the information. <br />d. "Category 4 Dala" is data that is confidential and requires special handling due to statutes or <br />regulations that require especially strict protection of the data and from which especially serious <br />consequences may arise in the event of any compromise of such data. Data classified as Category <br />4 includes but is not limited to data protected by: the Health lnsurance Portability and Accountability <br />Act (HIPAA), Pub. L. 104-191 as amended by the Health lnformation Technology for Economic and <br />Clinical Health Act of 2009 (HITECH), 45 CFR Parts 160 and 164; the Family Educational Rights <br />and Privacy Act (FERPA), 20 U.S.C. $12329; 34 CFR Part 99; lnternal Revenue Service <br />Publication 1075 (https://www.irs.gov/pub/irs-pdf/p1075.pdf); Substance Abuse and Mental Health <br />Services Administration regulations on Confidentiality of Alcohol and Drug Abuse Patient Records, <br />42 CFR Part2; and/or CriminalJustice lnformation Services, 28 CFR Parl20. <br />e. "Cloud" means data storage on servers hosted by an entity other than the Contractor and on a <br />network outside the control of the Contractor. Physical storage of data in the cloud typically spans <br />multiple servers and often multiple locations. Cloud storage can be divided between consumer <br />grade storage for personal files and enterprise grade for companies and governmental entities. <br />Examples of consumer grade storage would include iTunes, Dropbox, Box.com, and many other <br />entities. Enterprise cloud vendors include Microsoft Azure, Amazon Web Services, and Rackspace <br />f. "Encrypt" means to encode Confidential lnformation into a format that can only be read by those <br />possessing a "key"; a password, digital certificate or other mechanism available only to authorized <br />users. Encryption must use a key length of at least 256 bits for symmetric keys, or 2048 bits for <br />asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard (AES) must <br />be used if available. <br />g "FedRAMP" means the Federal Risk and Authorization Management Program (see <br />www.fedramp.gov), which is an assessment and authorization process that federal government <br />agencies have been directed to use to ensure security is in place when accessing Cloud computing <br />products and services. <br />h. "Hardened Password" means a string of at least eight characters containing at least three of the <br />following four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special <br />characters such as an asterisk, ampersand, or exclamation point. <br />DSHS Central Contract Services <br />6017CF County Program Agreement (10-31-2017)Page 9
The URL can be used to link to this page
Your browser does not support the video tag.