2. Are there any restrictions on when the work can be performed (e.g. only at night, only during business hours, only on weekends)? No.

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "2. Are there any restrictions on when the work can be performed (e.g. only at night, only during business hours, only on weekends)? No."

Transcription

1 HIPAA Technical Risk Security Assessment 1. Will yu be issuing additinal directins fr the frmatting f the final prpsal due Nvember 21 st? There is nt specific frmatting requirements, just submit the prpsal per Sectin 4.0 f the RFP. 2. Are there any restrictins n when the wrk can be perfrmed (e.g. nly at night, nly during business hurs, nly n weekends)? N. 3. When d yu estimate the start and cmpletin f this prject? Open with vendr s timeframe. 4. What is the budget? Open, as part f a larger prject. 5. Can yu please define the scpe f this prject in greater detail? Scpe t include the fllwing: Cnduct an accurate and thrugh identificatin f all relevant threats, identificatin f vulnerabilities, cntrl analysis, likelihd determinatin, impact analysis, risk determinatin, cntrl recmmendatins, and results dcumentatins. The prpser shall priritize risk areas based n results and make recmmendatins fr remediatin. 6. If we plan n incurring travel r ther expenses relating t the perfrmance f the HIPAA risk assessment activities, wuld the Cunty like these expenses included in the lump sum amunt r nted as a separate line item within the fee estimate? All expenses are t be included in the lump sum. 7. Is the intent f the RFP t secure a firm fixed price engagement r time and materials? Fixed price. 8. Will there be a single pint f cntact crdinating amng the three facilities?. 9. Des Outagamie Cunty have a self funded health plan? N. 10. Des Outagamie Cunty currently have a HIPAA Security & Privacy Officer respnsible and accuntable fr the Cunty s HIPAA cmpliance? Please specify name and title. Security Officer Jan Mitchell, Technical Manager Privacy Officer Tm Strattn, ALTS Manager Privacy Officer Karen Spielmann, Health Infrmatin Crdinatr

2 11. Can yu describe in mre detail the HIPAA cmpliance initiatives that are already in place? Currently writing and implementing Plicies/Prcedures 75 % cmplete 12. Are yur HIPAA plicies and prcedures up t date with yur practices? N 13. When were the HIPAA plicies and prcedures last updated? nging updates 14. Will yu prvide us with a list f HIPAA security related plicies and prcedures that yu have in place? Will yu supply them t the prpsars? N nly t Awarded Vendr 15. Will the assessment reprts and remediatin checklists frm the previus HIPAA cmpliance audit/assessment be made available t the successful cnsultant wh wins this prject?. 16. The title f this RFP, HIPAA Security Technical Risk Assessment. Fr clarificatin purpses, is the cunty lking fr an assessment that measures cmpliance with the HIPAA Security Rule r is there als an expectatin that this assessment will include a technical aspect that includes such things as a vulnerability assessment f the netwrk perimeter, testing (white hat hacking) f internal technical cntrls, etc.? If s, please prvide an estimate f externally accessible systems and internal systems. Just HIPAA Security Rule 17. When was the last HIPAA review/assessment cnducted? Nvember Wh did the last assessment? Awarded Vendr 19. When was the last HIPAA security awareness training prgram delivered t the 3 department s emplyees, cntractrs, and authrized users that wrk fr thse departments? Brewster Village perfrms rutine nging, thers are nly at new hire.

3 20. Has Outagamie Cunty and the 3 departments ever been cited fr a vilatin f HIPAA Security r Privacy Law mandates by a cunty citizen? If yes, specify fr what and if this has since been remediated. Never been cited. 21. Are yu lking t cmplete the privacy review/evaluatin fr (DHHS and Brewster Village)? N 22. The American Recvery Reinvestment Act required implementatin in What wuld be cnsidered in scpe included fr this review? (Privacy and Security Breach Ntificatin Interim Final Rule) N. 23. Are Business Assciate Agreements in place and have they been updated since the changes in 2009?. 24. Is the scpe f the HIPAA Security Technical Risk Assessment limited t HIPAA Security Law requirements and mandates as defined in Sectins , , r des the scpe include HIPAA Privacy Law as defined in Sectins , , ? Just the security laws. 25. T help quantify the scpe f the HIPAA risk assessment, can yu prvide sme additinal details regarding the size (e.g., number f emplyees, number f physical ffices) and business functins fr each f the in scpe departments (e.g., Department f Health and Human Services, Brewster Village Nursing Hme, MIS Department)? Brewster Village: 272 emplyees 65 physical ffices Our nn-cntracted general business functins include: Patient accunts Accunts receivable Administrative services Nursing Scial services Dietary Envirnmental services Human Services ~350 emplyees ~350 physical ffices general business divisins include:

4 Mental Health Public Health Yuth & Family Services WIC/Maternial Child Health Fiscal Lng Term Supprt Ecnmic Supprt Child Supprt Children, Yuth & Families Child Suprt Aging & Disability Resurce Administrative MIS Department 17 emplyees 17 physical ffices general business functins include: IT Helpdesk Functins Servers Netwrk Security Telecmmuncatins LAN/Phne PC Technicians Prgramming Reprgraphics Print Shp Micrgraphics Mailing/Recrds Strage Recrds Management 26. The Cunty mentined in the RFP that they were pen t different ptins n hw the risk assessment can be perfrmed. Hwever, are there a minimum set f deliverables that the Cunty wuld like t be prvided at the cnclusin f the prject? Identify which HIPAA Security Laws are nt in cmpliance 27. Is the scpe f this HIPAA cmpliance audit/assessment merely t identify the gaps that the 3 departments have based n ur interviews, findings, and plicy/prcedure review and then t prvide recmmendatins fr gap remediatin, man hur estimates, and cst magnitude estimates t remediate the gaps r des Outagamie Cunty want us t fill the identified gaps as part f this scpe f wrk effrt? Just identify the gaps nly. 28. Des Outagamie Cunty and the 3 departments have a PHI and ephi mapping that identifies pints f entry fr receiving/cllecting PHI r ephi and where the PHI and ephi traverses thrugh the department internally and externally t utside entities (i.e., requires a Business Assciate Agreement be in place, etc.)? Will this mapping be

5 available t the selected cnsultant r must we identify and dcument PHI and ephi flw thrughut these 3 departments and Outagamie Cunty as part f the scpe f service? Nthing frmally dcumented 29. Hw many sftware applicatins stre r transmit ephi? 2 Majr applicatins and several web based, and database applicatins and interfaces. 30. Are all ephi related systems hsted n the Cunty's internal netwrk? If nt, please specify the applicatins that are hsted by an utside vendr and the purpse f the applicatin. 31. Des Outagamie Cunty and the 3 departments have a cmplete list f internal and external recipients f PHI r ephi frm that department? If yes, can yu specify hw many Business Assciate Agreements (BAAs) are currently in place fr each f the 3 departments? Nt ne cmplete list per depts 32. D all three facilities fall under the same plicy guidelines? Same general with a few minr exceptins 33. Are physical site surveys a part f the risk assessment (designed t prvide a snapsht f facility physical security psture and practices)? If s, hw many facilities and are they lcated within 15 miles r the primary site? Campus lcatin dwntwn, Nursing Hme facility 6 miles frm campus. Temprary relcatin 1 mile frm campus. 34. We cnduct interviews with 3 grups (management, peratinal, technical). Wuld multiple interview sessins per grup be invlved? Pssibly 35. Des Outagamie Cunty currently have in place updated HIPAA Business Plan Dcuments? Specify the last revisin dates fr the fllwing elements: Business Impact Analysis (BIA) Risk Management Plan Cnfiguratin Management Plan Incident Respnse Plan Business Cntinuity Plan Disaster Recvery Plan

6 Physical Envirnment Security Plan N 36. Des the scpe f the risk assessment include technical scans? 37. Will the scans be perfrmed internally, externally r bth? Bth 38. Hw many internal IP addresses will be scanned? All f them 39. Hw many external IP addresses will be scanned? all f them 40. In additin t assessing vulnerabilities, will we be asked t penetrate the vulnerabilities (external, internal, r bth)? 41. Hw many physical lcatins r data centers will be invlved in the vulnerability scan? Tw Lcatins OneMain and ne Backup Site 42. Are netwrk assets invlved in the security assessment accessible frm a single lcatin? 43. Hw many (apprximate) IP addresses and systems are in each lcatin? N/A scan all 44. Will Web applicatin assessments be included in the scpe f this assessment? If s hw many, are they accessible n the internet (if nt hw many are nt), hw many pages n each applicatin and hw many user levels / rlls will be tested? N we dn t have any web applicatin 45. Describe the technlgy in use including firewalls, netwrking equipment, servers, wrkstatins, and applicatins in use. Wireless used? Prtable devices (smartphnes, ipads)? Estimated cunts fr each f these items? OC uses firewalls, netwrking equipment, servers, wrkstatins, and SQL and Wireless. Checkpint, PalAlt Netwrks, Frtinet, Cisc, HP, Extreme Netwrks, VMWare Envirnment, Dell, HP Lefthand SAN, AS400, etc.

7 46. Hw many databases supprt the in scpe applicatins? List all database platfrms that stre credit card data. Nne 48. What are the perating systems fr the servers? Win 2003, Win 2008, SQL 49. Is there segmentatin between the systems string ephi and the rest f the netwrk? Sme and Sme N 50. Hw many Internet, DMZ, r segmentatin firewalls are in place? Hw is segmentatin achieved? Firewall, VLans 52. Is wireless technlgy in use anywhere n the netwrk? If s, hw many lcatins?, al 53. Is ephi data transmitted ver wireless devices at any pint? 54. Are ephi data transactins accepted thrugh a web server? N 55. Hw many data centers stre and/r transmit ephi data? Tw 56. Is any part f the envirnment utsurced t a 3 rd party? N 57. Are there third parties, utsurcers, r business partners cnnected t the netwrk?, as needed cnsultants/vendrs 58. Is there a netwrk diagram and data flw diagram f the ephi data envirnment? Netwrk Diagram = yes Data flw = n 59. Is the Cunty's netwrk segmented t islate electrnic prtected health infrmatin (ephi) frm systems and users that have n need t access it? N

8 60. Can the Cunty prvide sme details arund the IT systems that supprt the in scpe departments? This may include the number f systems, platfrms (Windws, UNIX, etc.), architecture (virtual, physical, etc.) r anther key system attributes that wuld assist with the scping f the assessment activities. Windws/Linux, Virtual, Physical Servers 61. Regarding the IT infrastructure and MIS rles, respnsibilities, and accuntabilities, des the Outagamie Cunty MIS Department take wnership f the IT systems, applicatins, and supprt fr the Department f Health & Human Services and the Brewster Village Nursing Hme?, MIS takes wnership and supprt fr hardware and sme applicatins. 62. What plicies and prcedures are currently dcumented and in place fr the Outagamie Cunty MIS Department regarding hw MIS emplyees, cntractrs, and authrized users are t access, handle, and transfer/mve PHI r ephi within IT systems, servers, and databases? N frmal plicies 63. What web applicatins and n line services des Outagamie Cunty and the Department f Health & Human Services and Brewster Village Nursing Hme currently ffer its citizens? Please prvide the URL link fr these nline, web applicatins and services. nne 64. Please describe r prvide a shrt summary f the IT systems, applicatins, and services that the Outagamie Cunty MIS Department prvides and supprts n behalf f the Department f Health & Human Services and Brewster Village Nursing Hme. One Cluster Server fr BV and One Cluster Server fr HHS 65. Please describe r prvide an Org Chart f the MIS Department s IT rganizatin and the individuals that are respnsible and accuntable fr managing and supprting the IT systems, applicatins, and services fr the Department f Health & Human Services and Brewster Village Nursing Hme. MIS Department staff: 14 emplyees supprting IT general business functins include: IT Helpdesk Functins Servers Netwrk Security Telecmmuncatins LAN/Phne PC Technicians Prgramming Recrds Management

9 And including HHS MIS Crdinatr and Brewster Village Infrmatin Services Crdinatr 66. Please indicate whether r nt the fllwing plans are develped, implemented, tested and the last date f their review: Name f the Plan Develped X Implemented X Tested X Overall Security Plan Disaster Recvery Plan Cntinuity f Care Plan Risk Management Plan Emergency Mde f Operatin N frmal plans develped yet 67. Is the current disaster recvery, cntinuity and risk management plan a part f the HIPAA evaluatin/review? N 68. Have any f the systems had penetratin testing? 69. Have yu identified a Security Official? Last Review Date 70. Fr each f the cvered cmpnents (DHHS, Brewster Village, and MIS) please address the fllwing: 1. Hw many systems are utilized t access, create, mdify, stre r transmit prtected health infrmatin fr each f the cvered cmpnents? asked this earlier 2. Are these systems supprted by a vendr r managed by internal IT resurces? Bth 3. Des the rganizatin share health infrmatin with ther health rganizatins electrnically? 4. Is the rganizatin using an electrnic health recrd? 5. What ther system related prjects are planned that may impact this review? Nne 6. Are yu currently billing electrnically fr the billable services ffered by the cvered entities?

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

1)What hardware is available for installing/configuring MOSS 2010?

1)What hardware is available for installing/configuring MOSS 2010? 1)What hardware is available fr installing/cnfiguring MOSS 2010? 2 Web Frnt End Servers HP Prliant DL 380 G7 2 quad cre Intel Xen Prcessr E5620, 2.4 Ghz, Memry 12 GB, 2 HP 146 GB drives RAID 5 2 Applicatin

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

System Business Continuity Classification

System Business Continuity Classification System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality

More information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

Health Insurance Portability and Accountability Act

Health Insurance Portability and Accountability Act Health Insurance Prtability and Accuntability Act Frm Wikipedia, the free encyclpedia. (Redirected frm HIPAA) Jump t: navigatin, search The Health Insurance Prtability and Accuntability Act (HIPAA) was

More information

IT CHANGE MANAGEMENT POLICY

IT CHANGE MANAGEMENT POLICY IT CHANGE MANAGEMENT POLICY Effective Date May 19, 2016 Crss-Reference 1. IT Operatins and Maintenance Plicy 2. IT Security Incident Management Plicy Respnsibility Apprver Review Schedule 1. Plicy Statement

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

State of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)

State of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD) State f Wiscnsin Divisin f Enterprise Technlgy (DET) Distributed Database Hsting Service Offering Definitin (SOD) Distributed Database Hsting SOD Page 1 12/9/2010 Dcument Revisin Histry (Majr Pst Publishing

More information

Cloud Services Frequently Asked Questions FAQ

Cloud Services Frequently Asked Questions FAQ Clud Services Frequently Asked Questins FAQ Revisin 1.0 6/05/2015 List f Questins Intrductin What is the Caradigm Intelligence Platfrm (CIP) clud? What experience des Caradigm have hsting prducts like

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

System Business Continuity Classification

System Business Continuity Classification Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required

More information

In addition to assisting with the disaster planning process, it is hoped this document will also::

In addition to assisting with the disaster planning process, it is hoped this document will also:: First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business

More information

COUNTY OF SACRAMENTO PLANNING AND ENVIRONMENTAL REVIEW

COUNTY OF SACRAMENTO PLANNING AND ENVIRONMENTAL REVIEW COUNTY OF SACRAMENTO PLANNING AND ENVIRONMENTAL REVIEW REQUEST FOR PROPOSAL fr ON-CALL CULTURAL RESOURCE SERVICES Release Date: Tuesday, March 10, 2015 Submittal Deadline: Mnday, April 13, 2015 by 5:00

More information

Security in Business and Applications. Madison Hajeb Stefan Hurst Benjamin Von Slade

Security in Business and Applications. Madison Hajeb Stefan Hurst Benjamin Von Slade Security in Business and Applicatins Madisn Hajeb Stefan Hurst Benjamin Vn Slade Intrductin Prject Cncept - Implement security in a small business setting Original Plan - D sme security audits fr small

More information

The ADVANTAGE of Cloud Based Computing:

The ADVANTAGE of Cloud Based Computing: The ADVANTAGE f Clud Based Cmputing: A Web Based Slutin fr: Business wners and managers that perate equipment rental, sales and/r service based rganizatins. R M I Crpratin Business Reprt RMI Crpratin has

More information

Software and Hardware Change Management Policy for CDes Computer Labs

Software and Hardware Change Management Policy for CDes Computer Labs Sftware and Hardware Change Management Plicy fr CDes Cmputer Labs Overview The cmputer labs in the Cllege f Design are clsely integrated with the academic needs f faculty and students. Cmputer lab resurces

More information

Process of Setting up a New Merchant Account

Process of Setting up a New Merchant Account Prcess f Setting up a New Merchant Accunt Table f Cntents PCI DSS... 3 Wh t cntact?... 3 Bakcgrund n PCI... 3 Why cmply?... 3 Hw t cmply?... 3 PCI DSS Scpe... 4 Des PCI DSS Apply t Me?... 4 What if I am

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

expertise hp services valupack consulting description security review service for Linux

expertise hp services valupack consulting description security review service for Linux expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS

More information

Request for Proposal Technology Services

Request for Proposal Technology Services Avca Schl District 37 Wilmette, IL Request fr Prpsal Technlgy Services Netwrk and Systems Infrastructure Management Services December 5, 2013 Avca Schl District 37 is seeking an IT cnsulting firm t manage

More information

Environmental, Health & Safety Management System (EHSMS) Training, Awareness and Competency Procedure Revision Number: 7

Environmental, Health & Safety Management System (EHSMS) Training, Awareness and Competency Procedure Revision Number: 7 Envirnmental, Health & Safety Management System (EHSMS) Dcument Number: 00122 Issue Date: 05/07/2014 Training, Awareness and Cmpetency Prcedure Revisin Number: 7 Prepared By: Stalcup, Bryce Apprved By:

More information

Unified Communications

Unified Communications Office f Infrmatin Technlgy Services Service Level Agreement Unified Cmmunicatins Nvember 7, 2013 v2.2 Service Descriptin Unified Cmmunicatins Service Descriptin ITS Unified Cmmunicatins ffers a number

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

Avaya Business Continuity Plan Overview

Avaya Business Continuity Plan Overview Avaya Business Cntinuity Plan Overview 1 Crprate Business Cntinuity Prgram Mdel at Avaya At Avaya the versight f the Business Cntinuity Prgram belngs t the Crprate Business Cntinuity Management Team. This

More information

IT Help Desk Service Level Expectations Revised: 01/09/2012

IT Help Desk Service Level Expectations Revised: 01/09/2012 IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+

More information

SaaS Listing CA Cloud Service Management

SaaS Listing CA Cloud Service Management SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters

More information

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S Service Level Agreement (SLA) Hsted Prducts Netp Business Slutins A/S Cntents 1 Service Level Agreement... 3 2 Supprt Services... 3 3 Incident Management... 3 3.1 Requesting service r submitting incidents...

More information

Chapter 7 Business Continuity and Risk Management

Chapter 7 Business Continuity and Risk Management Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity

More information

Integrating With incontact dbprovider & Screen Pops

Integrating With incontact dbprovider & Screen Pops Integrating With incntact dbprvider & Screen Pps incntact has tw primary pints f integratin. The first pint is between the incntact IVR (script) platfrm and the custmer s crprate database. The secnd pint

More information

Electronic and Information Resources Accessibility Compliance Plan

Electronic and Information Resources Accessibility Compliance Plan Electrnic and Infrmatin Resurces Accessibility Cmpliance Plan Intrductin The University f Nrth Texas at Dallas (UNTD) is cmmitted t prviding a wrk envirnment that affrds equal access and pprtunity t therwise

More information

PROTIVITI FLASH REPORT

PROTIVITI FLASH REPORT PROTIVITI FLASH REPORT The PCI Security Standards Cuncil Releases PCI DSS Versin 3.2 May 9, 2016 On April 28, 2016, the PCI Security Standards Cuncil (PCI SSC) released PCI Data Security Standard (PCI

More information

Service Level Agreement Distributed Hosting and Distributed Database Hosting

Service Level Agreement Distributed Hosting and Distributed Database Hosting Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service

More information

Oakland County Department of Information Technology Project Scope and Approach

Oakland County Department of Information Technology Project Scope and Approach Oakland Cunty Department f Infrmatin Technlgy Prject Scpe and Apprach Prject Name: Web-Based Permanency Database Prject ID: DB1314PD Leadership Grup: Curts Department: Circuit Curt Divisin: Family Prject

More information

ITIL Release Control & Validation (RCV) Certification Program - 5 Days

ITIL Release Control & Validation (RCV) Certification Program - 5 Days ITIL Release Cntrl & Validatin (RCV) Certificatin Prgram - 5 Days Prgram Overview ITIL is a set f best practices guidance that has becme a wrldwide-adpted framewrk fr Infrmatin Technlgy Services Management

More information

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1 Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues

More information

Agency Operations Plan 2015-17

Agency Operations Plan 2015-17 Agency Operatins Plan 2015-17 Agency: Nrth Dakta Public Emplyees Retirement System (NDPERS) Line f Business: (ptinal) The Public Emplyees Retirement System is the administratr f several emplyee benefit

More information

COUNTY OF SONOMA AGENDA ITEM SUMMARY REPORT

COUNTY OF SONOMA AGENDA ITEM SUMMARY REPORT COUNTY OF SONOMA AGENDA ITEM SUMMARY REPORT Department: General Services Cntact: Phne: Dave Head (707) 565-2809 Bard Date: May 12, 2009 Clerk f the Bard Use Only Meeting Date Held Until / / / / Agenda

More information

April 29, 2013 INTRODUCTION ORGANIZATIONAL OVERVIEW PROJECT OVERVIEW

April 29, 2013 INTRODUCTION ORGANIZATIONAL OVERVIEW PROJECT OVERVIEW April 29, 2013 INTRODUCTION The Mid-Atlantic Reginal Air Management Assciatin, Inc (MARAMA) is seeking t engage a cntractr t assist in updating f MARAMA s current website sftware and mve the website t

More information

Corporate Profile, 2014

Corporate Profile, 2014 Cpyright 2014 IT-Serve.cm All rights reserved. IT-Serve.cm Crprate Prfile, 2014 Internatinal experience, Reginal reach, Lcal understanding Dubai Abu Dhabi Sharjah Oman Qatar Saudi Arabia IT-Serve.cm PO

More information

2008 BA Insurance Systems Pty Ltd

2008 BA Insurance Systems Pty Ltd 2008 BA Insurance Systems Pty Ltd BAIS have been delivering insurance systems since 1993. Over the last 15 years, technlgy has mved at breakneck speed. BAIS has flurished in this here tday, gne tmrrw sftware

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

MEDICAID ENTERPRISE CERTIFICATION TOOLKIT Appendix B: Required Artifacts List

MEDICAID ENTERPRISE CERTIFICATION TOOLKIT Appendix B: Required Artifacts List MEDICAID ENTERPRISE CERTIFICATION TOOLKIT Appendix B: Required s List March 2016 Issued by Divisin f State Systems Data and Systems Grup Centers fr Medicaid and CHIP Services Centers fr Medicare & Medicaid

More information

REQUEST FOR PROPOSAL FOR SHAREPOINT LEGISLATIVE MANAGEMENT SERVICES

REQUEST FOR PROPOSAL FOR SHAREPOINT LEGISLATIVE MANAGEMENT SERVICES REQUEST FOR PROPOSAL FOR SHAREPOINT LEGISLATIVE MANAGEMENT SERVICES The Wyming Legislature is at a pivtal pint in the management f its infrmatin and we are lking fr an accmplished firm with SharePint technlgy

More information

Zimbra Professional Services Portfolio, Purchasing Guide & Price List

Zimbra Professional Services Portfolio, Purchasing Guide & Price List In- Tuitin Netwrks Ltd Zimbra Prfessinal Services Prtfli, Purchasing Guide & Price List This dcument prvides an verview f In- Tuitin Netwrks Limited s range f Zimbra Prfessinal Services available n the

More information

Service Continuity Plan for Desktop Services

Service Continuity Plan for Desktop Services Service Cntinuity Plan fr Desktp Services Service Cntinuity Plan fr Desktp Services Versin 3.0 10/13/2015 The fficial versin f this dcument is in the CS Dcument Database (DcDB). Fermi Natinal Acceleratr

More information

IN-HOUSE OR OUTSOURCED BILLING

IN-HOUSE OR OUTSOURCED BILLING IN-HOUSE OR OUTSOURCED BILLING Medical billing is ne f the mst cmplicated aspects f running a medical practice. With thusands f pssible cdes fr diagnses and prcedures, and multiple payers, the ability

More information

Change Management Process For [Project Name]

Change Management Process For [Project Name] Management Prcess Fr [Prject Name] i 1 Intrductin The is fllwed during the Executin phase f the Prject Management Life Cycle, nce the prject has been frmally defined and planned. 1.1 What is a Management

More information

Managed Services. Request for Proposal. February 19, 2014. Version 1.1

Managed Services. Request for Proposal. February 19, 2014. Version 1.1 Managed Services Request fr Prpsal February 19, 2014 Versin 1.1 1 Cntents 1 Overview...3 Abut Cnnect fr Health Clrad (C4HCO)...3 Overview and backgrund infrmatin:...3 List f remte managed services bth

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act

More information

Médecins Sans Frontières Australia Job Description

Médecins Sans Frontières Australia Job Description Médecins Sans Frntières Australia Jb Descriptin POSITION DESCRIPTION Psitin Lcatin: Reprting t: Supervising: Status: Service Centre Technical Crdinatr Sydney (Bradway) Service Centre Manager N/A 6-mnths

More information

S&T IT Change Management Policy and Procedure

S&T IT Change Management Policy and Procedure S&T IT Change Management Plicy and Prcedure 5/1/2016 Page 2 f 10 Executive Summary S&T IT Change Management All IT & Ed Tech staff are respnsible t fllw the Change Management Prcess when intrducing changes

More information

SECTION 5: EVALUATION METHODOLOGY

SECTION 5: EVALUATION METHODOLOGY SECTION 5: EVALUATION METHODOLOGY The State f Oklahma will cnduct a cmprehensive, fair, and impartial evaluatin f bids received in respnse t this ITB. Technical and Cst Bids will be evaluated and scred

More information

Texas Woman's University University Policy Manual

Texas Woman's University University Policy Manual Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

AHLA. C. Big Data, Cloud Computing and the New World Order for Health Care Privacy

AHLA. C. Big Data, Cloud Computing and the New World Order for Health Care Privacy AHLA C. Big Data, Clud Cmputing and the New Wrld Order fr Health Care Privacy Marti Arvin Chief Cmpliance Officer UCLA David Geffen Schl f Medicine Ls Angeles, CA Kirk J. Nahra Wiley Rein LLP Washingtn,

More information

Customer Support & Software Enhancements Policy

Customer Support & Software Enhancements Policy Custmer Supprt & Sftware Enhancements Plicy Welcme t Manhattan Assciates Custmer Supprt Organizatin (CSO). Staying current n Custmer Supprt & Sftware Enhancements and n a supprted versin f the licensed

More information

Information Technology Department REQUEST FOR PROPOSALS

Information Technology Department REQUEST FOR PROPOSALS Infrmatin Technlgy Department REQUEST FOR PROPOSALS Identity and Access Management Service Design and Technlgy Implementatin January 11, 2013 Prpsals due by 4 p.m. n February 1 st, 2013 Attachment 2 Prject

More information

Request for Proposal. Saskatchewan Arts Board. Database Development. RFP Reference Number S AB-ADMIN001. Release Date Februar y 9, 2016

Request for Proposal. Saskatchewan Arts Board. Database Development. RFP Reference Number S AB-ADMIN001. Release Date Februar y 9, 2016 Request fr Prpsal Saskatchewan Arts Bard Database Develpment RFP Reference Number S AB-ADMIN001 Release Date Februar y 9, 2016 Clsing Date March 1, 2016 Clsing Time 2:00 pm, Lcal Sask. Time Page 2 f 7

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

OR 2) Implement and customize an off the shelf product that would suit the requirements

OR 2) Implement and customize an off the shelf product that would suit the requirements CRM Custmer Relatinship Management Request fr Prpsal (RFP) Created by : Gayathri Jaganathan Rle : Prject Manager Prpsal Date: 10/02/06 Organizatin: AIM Alliance Inspectin Management Cmpany Lcatin : 28235

More information

Research Report. Abstract: Data Center Networking Trends. January 2012. By Jon Oltsik With Bob Laliberte and Bill Lundell

Research Report. Abstract: Data Center Networking Trends. January 2012. By Jon Oltsik With Bob Laliberte and Bill Lundell Research Reprt Abstract: Data Center Netwrking Trends By Jn Oltsik With Bb Laliberte and Bill Lundell January 2012 2012 Enterprise Strategy Grup, Inc. All Rights Reserved. Intrductin Research Objective

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

ViPNet VPN in Cisco Environment. Supplement to ViPNet Documentation

ViPNet VPN in Cisco Environment. Supplement to ViPNet Documentation ViPNet VPN in Cisc Envirnment Supplement t ViPNet Dcumentatin 1991 2015 Inftecs Americas. All rights reserved. Versin: 00121-04 90 02 ENU This dcument is included in the sftware distributin kit and is

More information

REQUEST FOR PROPOSAL FOR PROGRAMMING ASSISTANCE

REQUEST FOR PROPOSAL FOR PROGRAMMING ASSISTANCE REQUEST FOR PROPOSAL FOR PROGRAMMING ASSISTANCE The Bahamas Custms administratin wishes t engage external sftware prgramming resurces t assist the Custms IT department upgrade sme cmpnents f its existing

More information

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013

Cloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013 Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies

More information

Database Services - Extended

Database Services - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and Database Services t dcument: The technlgy services Database Services prvides t the custmer. The targets fr respnse times, service

More information

Configuring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp

Configuring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp Cnfiguring, Mnitring and Deplying a Private Clud with System Center 2012 Bt Camp Length: 5 Days Technlgy: Micrsft System Center 2012 Delivery Methd: Instructr-led Hands-n Audience Prfile This curse is

More information

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This

More information

Southeast Michigan Disaster Recovery Talking Points

Southeast Michigan Disaster Recovery Talking Points Sutheast Michigan Disaster Recvery Talking Pints DR-4195-MI, The majr federal disaster declaratin signed by President Obama n September 25, 2014, ffers Individual and Public Assistance t Sutheast Michigan,

More information

(DRAFT) WISHIN DIRECT MARKETING PLAN Prepared by Kim Johnston June, 2011

(DRAFT) WISHIN DIRECT MARKETING PLAN Prepared by Kim Johnston June, 2011 Prepared by Kim Jhnstn Purpse Prvide a review f the market Give an verview f the market segments fr WISHIN Direct Outline the marketing and cmmunicatin activities fr WISHIN Direct Identify the cmmunicatin

More information

2010 AT&T Business Continuity Study CENTRAL REGION (Missouri) Results

2010 AT&T Business Continuity Study CENTRAL REGION (Missouri) Results 2010 Business Cntinuity Study: Missuri 2010 AT&T Business Cntinuity Study CENTRAL REGION (Missuri) Results Key Findings IT Plans fr 2010 IT budgets fr 2010 are abut the same r higher than thse f the previus

More information

MigrationWiz HIPAA Compliant Migration. Focus on data migration, not regulation. BitTitan Global Headquarters: 3933 Lake Washington Blvd NE Suite 200

MigrationWiz HIPAA Compliant Migration. Focus on data migration, not regulation. BitTitan Global Headquarters: 3933 Lake Washington Blvd NE Suite 200 MigratinWiz HIPAA Cmpliant Migratin Fcus n data migratin, nt regulatin. BitTitan Glbal Headquarters: 3933 Lake Washingtn Blvd NE Suite 200 Table f Cntents Kirkland, WA 98033 www.bittitan.cm sales@bittitan.cm

More information

This document provides instructions on how to complete the Cheque Requisition Form.

This document provides instructions on how to complete the Cheque Requisition Form. Office f the Cmptrller Accunts Payable Divisin f Finance and Administratin Standard Operating Prcedure Cheque Requisitin Effective Date: July 19, 2010 Descriptin: This dcument prvides instructins n hw

More information

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents

More information

Project Startup Report Presented to the IT Committee June 26, 2012

Project Startup Report Presented to the IT Committee June 26, 2012 Prject Name: SOS File 2.0 Agency: Secretary f State Business Unit/Prgram Area: Secretary f State Prject Spnsr: Al Jaeger Prject Manager: Beverly Maitland Prject Startup Reprt Presented t the IT Cmmittee

More information

Nuance Healthcare Services Project Delivery Methodology

Nuance Healthcare Services Project Delivery Methodology NUANCE PROFESSIONAL SERVICES Nuance Healthcare Services 2008 Nuance Cmmunicatins, Inc. All rights reserved. Nuance Healthcare Services 1 INTRODUCTION This dcument describes the prject management methdlgy

More information

SECTION I.4 AUDIT ENGAGEMENT WORKING PAPERS

SECTION I.4 AUDIT ENGAGEMENT WORKING PAPERS SECTION I.4 AUDIT ENGAGEMENT WORKING PAPERS Ref. Plicy and Practice Requirements IIA Standards references I.4 1 Plicy: Wrking papers shall be prepared fr each audit engagement t recrd wrk perfrmed and

More information

BES12 Jumpstart Program Description ( Jumpstart Program Description )

BES12 Jumpstart Program Description ( Jumpstart Program Description ) BES12 Jumpstart Prgram Descriptin ( Jumpstart Prgram Descriptin ) This dcument includes all attached Annexes, is prvided fr infrmatinal purpses nly, and des nt in itself cnstitute a binding legal dcument.

More information

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance

More information

Good Secure Collaboration Suite Quickstart Program Description ( Quickstart Program Description )

Good Secure Collaboration Suite Quickstart Program Description ( Quickstart Program Description ) Gd Secure Cllabratin Suite Quickstart Prgram Descriptin ( Quickstart Prgram Descriptin ) This dcument includes all attached Annexes, is prvided fr infrmatinal purpses nly, and des nt in itself cnstitute

More information

Help Desk Level Competencies

Help Desk Level Competencies Help Desk Level Cmpetencies Level 1 Take user calls and manage truble tickets Ability t staff and manage the rganizatins helpdesk and effectively respnd t rutine custmer calls Ability t use prper grammar

More information

OITS Service Level Agreement

OITS Service Level Agreement OITS Service Level Agreement Objective A Service Level Agreement (SLA) describes the IT Service, dcuments Service Level Targets, and specifies the respnsibilities f the IT Service Prvider and the Custmer.

More information

Understand Business Continuity

Understand Business Continuity Understand Business Cntinuity Lessn Overview In this lessn, yu will learn abut: Business cntinuity Data redundancy Data availability Disaster recvery Anticipatry Set What methds can be emplyed by a system

More information

Oracle Cloud Enterprise Hosting and Delivery Policies

Oracle Cloud Enterprise Hosting and Delivery Policies Oracle Clud Enterprise Hsting and Delivery Plicies Statement f Changes Versin 1.5, 6/01/2015 This dcument utlines changes made t the Oracle Clud Enterprise Hsting and Delivery Plicies dated December 1,

More information

Consolidated Edison of New York: Residential Direct Install Program: Process Evaluation Summary

Consolidated Edison of New York: Residential Direct Install Program: Process Evaluation Summary Cnslidated Edisn f New Yrk: Residential Direct Install Prgram: Prcess Evaluatin Summary Evaluatin Cnducted by: DNV KEMA as subcntractr t Navigant Cnsulting PROGRAM SUMMARY March 13, 2013 Cn Edisn designed

More information

ACTIVITY MONITOR Real Time Monitor Employee Activity Monitor

ACTIVITY MONITOR Real Time Monitor Employee Activity Monitor ACTIVITY MONITOR Real Time Mnitr Emplyee Activity Mnitr This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it is a library

More information

Virtual Meetings and Virtual Teams Using Technology to Work Smarter

Virtual Meetings and Virtual Teams Using Technology to Work Smarter http://www.psu.edu/president/pia/innvatin/ INNOVATION INSIGHT SERIES NUMBER 9 Virtual Meetings and Virtual Teams Using Technlgy t Wrk Smarter Yu need t have a meeting. Sme f the peple yu d like t include

More information

HP ValuPack Consulting Description OpenVMS Engineering Change Order (ECO) Patch List

HP ValuPack Consulting Description OpenVMS Engineering Change Order (ECO) Patch List HP ValuPack Cnsulting Descriptin OpenVMS Engineering Change Order (ECO) Patch List HP ValuPacks are standardized cnsulting services, prvided by HP Slutin Center Service Prfessinals, with pre-defined custm

More information

GUIDELINES ON MANAGEMENT OF CYBER RISK SC-GL/2-2016

GUIDELINES ON MANAGEMENT OF CYBER RISK SC-GL/2-2016 GUIDELINES ON MANAGEMENT OF CYBER RISK SC-GL/2-2016 1 st Issued: 31 Octber 2016 1 GUIDELINES ON MANAGEMENT OF CYBER RISK Effective Date upn 1 st Issuance: 31 Octber 2016 2 CONTENTS Page PART A: GENERAL...

More information

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012 Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.

More information

Appendix H. Annual Risk Assessment and Audit Plan 2013/14

Appendix H. Annual Risk Assessment and Audit Plan 2013/14 Annual Risk Assessment and Audit Plan 2013/14 Internal Audit Department September 25, 2013 Table f Cntents Intrductin.. 3 Risk Assessment Prcess... 4 Page 2 Intrductin Each year, the Internal Audit Department

More information

Changes to Stark Regulations: A Refresher. Elizabeth E. Hogue, Esq. Office: Fax:

Changes to Stark Regulations: A Refresher. Elizabeth E. Hogue, Esq. Office: Fax: Changes t Stark Regulatins: A Refresher Elizabeth E. Hgue, Esq. Office: 877-871-4062 Fax: 877-871-9739 E-Mail: ElizabethHgue@ElizabethHgue.net As many prviders already knw, the s-called "Stark law" prhibits

More information

CSC IT practix Recommendations

CSC IT practix Recommendations CSC IT practix Recmmendatins CSC Healthcare 28th January 2014 Versin 3 www.csc.cm/glbalhealthcare Cntents 1 Imprtant infrmatin 3 2 IT Specificatins 4 2.1 Wrkstatins... 4 2.2 Minimum Server with 1-5 wrkstatins

More information