My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Resolution 2025-084
>
Meetings
>
2025
>
04. April
>
2025-04-15 10:00 AM - Commissioners' Agenda
>
Resolution 2025-084
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
5/15/2025 9:20:27 AM
Creation date
5/15/2025 9:20:04 AM
Metadata
Fields
Template:
Meeting
Date
4/15/2025
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Fully Executed Version
Supplemental fields
Item
Request to Approve a Resolution Authorizing an Amendment to the Agreement between Kittitas County and DSHS Division of Vocational Rehabilitation
Order
10
Placement
Consent Agenda
Row ID
129782
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
46
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
1 Definitions <br />definitions: <br />Special Terms and Conditions <br />Exhibit A - Data Security Requirements <br />The words and phrases listed below, as used in this Exhibit, shall each have the following <br />a. .AES" means the Advanced Encryption Standard, a speciflcation of Federal lnformation processing <br />Standards Publications for the encryption of eleclronic data issued by the National lnstitute of <br />Standards and Technology (http:/invlpubs.nist.gov/nistpubs/FIPS/NlST.FlpS.197.pdf): <br />b. "Authorized Users(s)" means an individual or individuals with a business need to access DSHS <br />confidential lnformation, and who has or have been authorized to do so. <br />c. "Business Associate Agreement" means an agreement between DSHS and a contractor who is <br />receiving Data covered under the Privacy and Security Rules of the Health lnsurance Portability <br />and Accountability Act of 1996. The agreement es{ablishes permitted and required uses and <br />disclosures of protected health information (PHl) in accordance with HIPAA requirements and <br />provides obligations for business associates to safeguard the information. <br />d- "Category 4 Data" is data that is confidential and requires special handling due to statutes or <br />regulations that require especially strict protection of the data and from which especially serious <br />consequences may arise in the event of any compromise of such data. Data classified as Category <br />4 includes but is not limited to data protected by:the Health lnsurance Portability and AccountaUitity <br />Act (HIPAA), Pub. L. 104-191 as amended by the Health lnformation Technotogy for Economic and <br />Clinical Health Act of 2009 (H|TECH), 45 CFR parts 160 and 164; the Famity Educationat Rights <br />and Privacy Act (FERPA), 20 U.S.C. $1232g; 34 CFR Part 99; lnternal Revenue Service <br />Publicalion 1075 (https://www.irs.gov/pub/irs-pdfip1075.pdf); Substance Abuse and MentalHealth <br />Services Administration regulations on Confldentiality of Alcohol and Drug Abuse Patient Records, <br />42 CFR Part2; and/or Criminal Justice lnformation Services, 28 CFR part ZO. <br />e. ''Cloud" means data storage on servers hosted by an entity other than the Contractor and on a <br />network outside the control of the Contractor. Physical storage of data in the cloud typically spans <br />muitiple servers and often multiple locations. Cloud storage can be divided between consumer <br />grade storage for personal files and enterprise grade for companies and governmental entities. <br />Examples of consumer grade storage would include iTunes, Dropbox, Box.com, and many other <br />entities. Enterprise cloud vendors inctude Microsoft Azure, Amazon Web Services, and Rackspace. <br />f. "Encrypt" means to encode Confidential lnformation inio a format that can only be read by those <br />possessing a "key"; a password, digital certificate or other mechanism available only to authorized <br />users. Encryption must use a key length of at least 256 bits for symmetric keys, or 2048 bits for <br />asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard (AES) must <br />be used if available. <br />g "FedRAMP" means the Federal Risk and Authorization Management program (see <br />www.fedramp.gov), which is an assessment and authorization process that federal government <br />agencies have been directed to use to ensure security is in place when accessing Cloud computing <br />products and services. <br />h "Hardened Password" means a string of at least eight characters containing at least three of the <br />following four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special <br />characters such as an asterisk, ampersand, or exclamation point. <br />DSHS Central Contracl Services <br />6A 17 CF Ccunly Prog r-am Agreernent ( 1 C -3 1, -2O1 7 )Page I
The URL can be used to link to this page
Your browser does not support the video tag.