My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Resolution 2025-084
>
Meetings
>
2025
>
04. April
>
2025-04-15 10:00 AM - Commissioners' Agenda
>
Resolution 2025-084
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
5/15/2025 9:20:27 AM
Creation date
5/15/2025 9:20:04 AM
Metadata
Fields
Template:
Meeting
Date
4/15/2025
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Item
Request to Approve a Resolution Authorizing an Amendment to the Agreement between Kittitas County and DSHS Division of Vocational Rehabilitation
Order
10
Placement
Consent Agenda
Row ID
129782
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
46
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
t Special Terms and Conditions <br />Exhibit A - Data Security Requirements <br />The words and phrases listed below, as used in this Exhibit, shall each have the following <br />1 Definitions <br />definiiions: <br />a. <br />e <br />b. <br />c <br />d <br />t <br />g <br />h <br />"AES'means the Advanced Encryption Standard, a specification of Federal lnformation Processing <br />Standards Publications for the encryption of electronic data issued by the National ln_stitute of <br />Standards and Technology (http://nvipubs.nlst.gov/nistpubs/FIPS/NlST.FlPS.197.pdf). <br />"Authorized Users(s)" means an individual or individuals with a business need to access DSHS <br />Confidential Information, and who has or have been authorized to do so. <br />"Business Associate Agreement" means an agreement between DSHS and a contractor who is <br />receiving Data cove.red under the Privacy and Security Rules of the Health lnsurance Portability <br />and Acc-ountabiliiy Act of '1996. The agreement establishes permitted and required uses and <br />disclosures of protected health information (PHl) in accordance with HIPAA requirements and <br />provides obligations for business associates to safeguard the information. <br />"Category 4 Data" is data that is confidential and requires special handling due to statutes or <br />regutjiions that require especially strict protection of the data and from which especially serious <br />consequences may arise in the event of any compromise of such data. Data classified as Category <br />4 includes but is not limited to data protected by:the Health lnsurance Portability and Accountability <br />Act (HtpAA), pub. L. 104-'19',1 as amended by the Health lnformation Technology for Economic and <br />Clinicat Heatth Act of 2009 (HITECH), 45 Cfi? parts 160 and 164;the Family Educational Rights <br />andPrivacyAct(FERPA),20U.S.C.51232g;34CFRPart99;lnternalRevenueService <br />Pubtication 1075 (https:liwww.irs.gov/pub/irs-pdf/p1075.pdf); Substance Abuse and MentalHealth <br />Services Administration regulations on Confidentiality of Alcohoi and Drug Abuse Patient Records, <br />42CFRParl2; and/or CriminalJustice lnformation Services, 28 CFR Part 20. <br />"Cloud" means data storage on servers hosted by an entity other than the Contractor and on a <br />network outside tne contrJl of the Coniractor. Physical storage of data in the cloud typically spans <br />multiple servers and often multiple locations. Cloud storage can be divided between consumer <br />grade storage for personal files and enterprise grade for companies and governmental entities. <br />Examples oi conrumer grade storage would include iTunes, Dropbox, Box'com' and many other <br />entities. Enterprise clou-d vendors include Microsoft Azure, Amazon Web Services, and Rackspace' <br />"Encrypt" means to encode Confidential lnformation into a format that can only be read by those <br />possessing a "key", a password, digital certificate or other mechanism available only to authorized <br />users. Encryption must use a key Gngth of at least 256 bits for symmetric keys, or 204.8 bits for <br />asymmetric'keys. When a symmetric-t<ey is used, the Advanced Encryption Standard (AES) must <br />be used if available. <br />"FedRAMP" means the Federal Risk and Authorization Management Program (see <br />www.fedramp gov), which is an assessmeni and authorization process thatfederal government <br />agencies have-been directed to use to ensure security is in place when accessing Cloud computing <br />products and services. <br />"Hardened password" means a string of at least eight characters containing at least three of the <br />followrng four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special <br />characters such as an asterisk, ampersand, or exclamation point' <br />DSHS Cenl!-al Contract Services <br />6A17CF Courrty Program Agreement (10-31 -2417)Page 9
The URL can be used to link to this page
Your browser does not support the video tag.