My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Amendment 1 to DVR Agreement
>
Meetings
>
2025
>
04. April
>
2025-04-15 10:00 AM - Commissioners' Agenda
>
Amendment 1 to DVR Agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/10/2025 12:15:18 PM
Creation date
4/10/2025 12:09:37 PM
Metadata
Fields
Template:
Meeting
Date
4/15/2025
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Item
Request to Approve a Resolution Authorizing an Amendment to the Agreement between Kittitas County and DSHS Division of Vocational Rehabilitation
Order
10
Placement
Consent Agenda
Row ID
129782
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
45
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Special Terms and Conditions <br />Exhibit A — Data Security Requirements <br />Definitions. The words and phrases listed below, as used in this Exhibit, shall each have the following <br />definitions: <br />a. "AES" means the Advanced Encryption Standard, a specification of Federal Information Processing <br />Standards Publications for the encryption of electronic data issued by the National Institute of <br />Standards and Technology (hftp://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf). <br />b. "Authorized Users(s)" means an individual or individuals with a business need to access DSHS <br />Confidential Information, and who has or have been authorized to do so. <br />c. "Business Associate Agreement" means an agreement between DSHS and a contractor who is <br />receiving Data covered under the Privacy and Security Rules of the Health Insurance Portability <br />and Accountability Act of 1996. The agreement establishes permitted and required uses and <br />disclosures of protected health information (PHI) in accordance with HIPAA requirements and <br />provides obligations for business associates to safeguard the information. <br />d. "Category 4 Data" is data that is confidential and requires special handling due to statutes or <br />regulations that require especially strict protection of the data and from which especially serious <br />consequences may arise in the event of any compromise of such data. Data classified as Category <br />4 includes but is not limited to data protected by: the Health Insurance Portability and Accountability <br />Act (HIPAA), Pub. L. 104-191 as amended by the Health Information Technology for Economic and <br />Clinical Health Act of 2009 (HITECH), 45 CFR Parts 160 and 164; the Family Educational Rights <br />and Privacy Act (FERPA), 20 U.S.C. §1232g; 34 CFR Part 99; Internal Revenue Service <br />Publication 1075 (https:lhA.,jvj.irs.gov/pub/irs-pdf/p1075.pdf); Substance Abuse and Mental Health <br />Services Administration reguia'.ions on Confidentiality of Alcohol and Drug Abuse Patient Records, <br />42 CFR Part 2; and/or Criminal Justice Information Services, 28 CFR Part 20. <br />e. "Cloud" means data storage on servers hosted by an entity other than the Contractor and on a <br />network outside the control of the Contractor. Physical storage of data in the cloud typically spans <br />multiple servers and often multiple locations. Cloud storage can be divided between consumer <br />grade storage for personal files and enterprise grade for companies and governmental entities. <br />Examples of consumer grade storage would include iTunes, Dropbox, Box.com, and many other <br />entities. Enterprise cloud vendors include Microsoft Azure, Amazon Web Services, and Rackspace. <br />f. "Encrypt" means to encode Confidential Information into a format that can only be read by those <br />possessing a "key"; a password, digital certificate or other mechanism available only to authorized <br />users. Encryption must use a key length of at least 256 bits for symmetric keys, or 2048 bits for <br />asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard (AES) must <br />be used if available. <br />g. "FedRAMP" means the Federal Risk and Authorization Management Program (see <br />www. redramp.gov), which is an assessment and authorization process that federal government <br />agencies have been directed to use to ensure security is in place when accessing Cloud computing <br />products and services <br />h. "Hardened Password" means a string of at least eight characters containing at least three of the <br />following four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special <br />characters such as an asterisk, ampersand, or exclamation point. <br />DSHS Central Contract Services <br />6017CF County Program Agreement (10-31-2017) Page 9 <br />
The URL can be used to link to this page
Your browser does not support the video tag.