My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
DSHS-DVR School to Work Contract
>
Meetings
>
2025
>
07. July
>
2025-07-15 10:00 AM - Commissioners' Agenda
>
DSHS-DVR School to Work Contract
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/10/2025 12:11:42 PM
Creation date
7/10/2025 12:04:10 PM
Metadata
Fields
Template:
Meeting
Date
7/15/2025
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Item
Request to Approve Public Health Director Signature on the DSHS/DVR School to Work Direct Service Pilot Contract
Order
17
Placement
Consent Agenda
Row ID
133196
Type
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
65
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Special Terms and Conditions <br />a. A documented security policy governing the secure use of its computer network and systems, and <br />which defines sanctions that may be applied to Contractor staff for violating that policy. <br />b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware <br />of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. <br />c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor <br />must have a documented risk assessment for the system(s) housing the Category 4 Data. <br />4. Authorization, Authentication, and Access. In order to ensure that access to the Data is limited to <br />authorized staff, the Contractor must: <br />a. Have documented policies and procedures governing access to systems with the shared Data. <br />b. Restrict access through administrative, physical, and technical controls to authorized staff. <br />c. Ensure that user accounts are unique and that any given user account logon I❑ and password <br />combination is known only to the one employee to whom that account is assigned. For purposes of <br />non -repudiation, it must always be possible to determine which employee performed a given action <br />on a system housing the Data based solely on the logon ID used to perform the action. <br />d. Ensure that only authorized users are capable of accessing the Data. <br />e. Ensure that an employee's access to the Data is removed immediately: <br />(1) Upon suspected compromise of the user credentials. <br />(2) When their employment, or the contract under which the Data is made available to them, is <br />terminated. <br />(3) When they no longer need access to the Data to fulfill the requirements of the contract. <br />Have a process to periodically review and verify that only authorized users have access to systems <br />containing DSHS Confidential Information. <br />g. When accessing the Data from within the Contractor's network (the Data stays within the <br />Contractor's network at all times), enforce password and logon requirements for users within the <br />Contractor's network, including: <br />(1) A minimum length of 8 characters, and containing at least three of the following character <br />classes: uppercase letters, lowercase letters, numerals, and special characters such as an <br />asterisk, ampersand, or exclamation point. <br />(2) That a password does not contain a user's name, logon ID, or any form of their full name. <br />(3) That a password does not consist of a single dictionary word. A password may be formed as a <br />passphrase which consists of multiple dictionary words. <br />(4) That passwords are significantly different from the previous four passwords. Passwords that <br />increment by simply adding a number are not considered significantly different. <br />When accessing Confidential Information from an external location (the Data will traverse the <br />Internet or otherwise travel outside the Contractor's network), mitigate risk and enforce password <br />and logon requirements for users by employing measures including: <br />DSHS Central Contract Services <br />6017CF County Program Agreement (10-31-2017) Page 19 <br />
The URL can be used to link to this page
Your browser does not support the video tag.