2. Are there any restrictions on when the work can be performed (e.g. only at night, only during business hours, only on weekends)? No.
|
|
- Natalie Waters
- 7 years ago
- Views:
Transcription
1 HIPAA Technical Risk Security Assessment 1. Will yu be issuing additinal directins fr the frmatting f the final prpsal due Nvember 21 st? There is nt specific frmatting requirements, just submit the prpsal per Sectin 4.0 f the RFP. 2. Are there any restrictins n when the wrk can be perfrmed (e.g. nly at night, nly during business hurs, nly n weekends)? N. 3. When d yu estimate the start and cmpletin f this prject? Open with vendr s timeframe. 4. What is the budget? Open, as part f a larger prject. 5. Can yu please define the scpe f this prject in greater detail? Scpe t include the fllwing: Cnduct an accurate and thrugh identificatin f all relevant threats, identificatin f vulnerabilities, cntrl analysis, likelihd determinatin, impact analysis, risk determinatin, cntrl recmmendatins, and results dcumentatins. The prpser shall priritize risk areas based n results and make recmmendatins fr remediatin. 6. If we plan n incurring travel r ther expenses relating t the perfrmance f the HIPAA risk assessment activities, wuld the Cunty like these expenses included in the lump sum amunt r nted as a separate line item within the fee estimate? All expenses are t be included in the lump sum. 7. Is the intent f the RFP t secure a firm fixed price engagement r time and materials? Fixed price. 8. Will there be a single pint f cntact crdinating amng the three facilities?. 9. Des Outagamie Cunty have a self funded health plan? N. 10. Des Outagamie Cunty currently have a HIPAA Security & Privacy Officer respnsible and accuntable fr the Cunty s HIPAA cmpliance? Please specify name and title. Security Officer Jan Mitchell, Technical Manager Privacy Officer Tm Strattn, ALTS Manager Privacy Officer Karen Spielmann, Health Infrmatin Crdinatr
2 11. Can yu describe in mre detail the HIPAA cmpliance initiatives that are already in place? Currently writing and implementing Plicies/Prcedures 75 % cmplete 12. Are yur HIPAA plicies and prcedures up t date with yur practices? N 13. When were the HIPAA plicies and prcedures last updated? nging updates 14. Will yu prvide us with a list f HIPAA security related plicies and prcedures that yu have in place? Will yu supply them t the prpsars? N nly t Awarded Vendr 15. Will the assessment reprts and remediatin checklists frm the previus HIPAA cmpliance audit/assessment be made available t the successful cnsultant wh wins this prject?. 16. The title f this RFP, HIPAA Security Technical Risk Assessment. Fr clarificatin purpses, is the cunty lking fr an assessment that measures cmpliance with the HIPAA Security Rule r is there als an expectatin that this assessment will include a technical aspect that includes such things as a vulnerability assessment f the netwrk perimeter, testing (white hat hacking) f internal technical cntrls, etc.? If s, please prvide an estimate f externally accessible systems and internal systems. Just HIPAA Security Rule 17. When was the last HIPAA review/assessment cnducted? Nvember Wh did the last assessment? Awarded Vendr 19. When was the last HIPAA security awareness training prgram delivered t the 3 department s emplyees, cntractrs, and authrized users that wrk fr thse departments? Brewster Village perfrms rutine nging, thers are nly at new hire.
3 20. Has Outagamie Cunty and the 3 departments ever been cited fr a vilatin f HIPAA Security r Privacy Law mandates by a cunty citizen? If yes, specify fr what and if this has since been remediated. Never been cited. 21. Are yu lking t cmplete the privacy review/evaluatin fr (DHHS and Brewster Village)? N 22. The American Recvery Reinvestment Act required implementatin in What wuld be cnsidered in scpe included fr this review? (Privacy and Security Breach Ntificatin Interim Final Rule) N. 23. Are Business Assciate Agreements in place and have they been updated since the changes in 2009?. 24. Is the scpe f the HIPAA Security Technical Risk Assessment limited t HIPAA Security Law requirements and mandates as defined in Sectins , , r des the scpe include HIPAA Privacy Law as defined in Sectins , , ? Just the security laws. 25. T help quantify the scpe f the HIPAA risk assessment, can yu prvide sme additinal details regarding the size (e.g., number f emplyees, number f physical ffices) and business functins fr each f the in scpe departments (e.g., Department f Health and Human Services, Brewster Village Nursing Hme, MIS Department)? Brewster Village: 272 emplyees 65 physical ffices Our nn-cntracted general business functins include: Patient accunts Accunts receivable Administrative services Nursing Scial services Dietary Envirnmental services Human Services ~350 emplyees ~350 physical ffices general business divisins include:
4 Mental Health Public Health Yuth & Family Services WIC/Maternial Child Health Fiscal Lng Term Supprt Ecnmic Supprt Child Supprt Children, Yuth & Families Child Suprt Aging & Disability Resurce Administrative MIS Department 17 emplyees 17 physical ffices general business functins include: IT Helpdesk Functins Servers Netwrk Security Telecmmuncatins LAN/Phne PC Technicians Prgramming Reprgraphics Print Shp Micrgraphics Mailing/Recrds Strage Recrds Management 26. The Cunty mentined in the RFP that they were pen t different ptins n hw the risk assessment can be perfrmed. Hwever, are there a minimum set f deliverables that the Cunty wuld like t be prvided at the cnclusin f the prject? Identify which HIPAA Security Laws are nt in cmpliance 27. Is the scpe f this HIPAA cmpliance audit/assessment merely t identify the gaps that the 3 departments have based n ur interviews, findings, and plicy/prcedure review and then t prvide recmmendatins fr gap remediatin, man hur estimates, and cst magnitude estimates t remediate the gaps r des Outagamie Cunty want us t fill the identified gaps as part f this scpe f wrk effrt? Just identify the gaps nly. 28. Des Outagamie Cunty and the 3 departments have a PHI and ephi mapping that identifies pints f entry fr receiving/cllecting PHI r ephi and where the PHI and ephi traverses thrugh the department internally and externally t utside entities (i.e., requires a Business Assciate Agreement be in place, etc.)? Will this mapping be
5 available t the selected cnsultant r must we identify and dcument PHI and ephi flw thrughut these 3 departments and Outagamie Cunty as part f the scpe f service? Nthing frmally dcumented 29. Hw many sftware applicatins stre r transmit ephi? 2 Majr applicatins and several web based, and database applicatins and interfaces. 30. Are all ephi related systems hsted n the Cunty's internal netwrk? If nt, please specify the applicatins that are hsted by an utside vendr and the purpse f the applicatin. 31. Des Outagamie Cunty and the 3 departments have a cmplete list f internal and external recipients f PHI r ephi frm that department? If yes, can yu specify hw many Business Assciate Agreements (BAAs) are currently in place fr each f the 3 departments? Nt ne cmplete list per depts 32. D all three facilities fall under the same plicy guidelines? Same general with a few minr exceptins 33. Are physical site surveys a part f the risk assessment (designed t prvide a snapsht f facility physical security psture and practices)? If s, hw many facilities and are they lcated within 15 miles r the primary site? Campus lcatin dwntwn, Nursing Hme facility 6 miles frm campus. Temprary relcatin 1 mile frm campus. 34. We cnduct interviews with 3 grups (management, peratinal, technical). Wuld multiple interview sessins per grup be invlved? Pssibly 35. Des Outagamie Cunty currently have in place updated HIPAA Business Plan Dcuments? Specify the last revisin dates fr the fllwing elements: Business Impact Analysis (BIA) Risk Management Plan Cnfiguratin Management Plan Incident Respnse Plan Business Cntinuity Plan Disaster Recvery Plan
6 Physical Envirnment Security Plan N 36. Des the scpe f the risk assessment include technical scans? 37. Will the scans be perfrmed internally, externally r bth? Bth 38. Hw many internal IP addresses will be scanned? All f them 39. Hw many external IP addresses will be scanned? all f them 40. In additin t assessing vulnerabilities, will we be asked t penetrate the vulnerabilities (external, internal, r bth)? 41. Hw many physical lcatins r data centers will be invlved in the vulnerability scan? Tw Lcatins OneMain and ne Backup Site 42. Are netwrk assets invlved in the security assessment accessible frm a single lcatin? 43. Hw many (apprximate) IP addresses and systems are in each lcatin? N/A scan all 44. Will Web applicatin assessments be included in the scpe f this assessment? If s hw many, are they accessible n the internet (if nt hw many are nt), hw many pages n each applicatin and hw many user levels / rlls will be tested? N we dn t have any web applicatin 45. Describe the technlgy in use including firewalls, netwrking equipment, servers, wrkstatins, and applicatins in use. Wireless used? Prtable devices (smartphnes, ipads)? Estimated cunts fr each f these items? OC uses firewalls, netwrking equipment, servers, wrkstatins, and SQL and Wireless. Checkpint, PalAlt Netwrks, Frtinet, Cisc, HP, Extreme Netwrks, VMWare Envirnment, Dell, HP Lefthand SAN, AS400, etc.
7 46. Hw many databases supprt the in scpe applicatins? List all database platfrms that stre credit card data. Nne 48. What are the perating systems fr the servers? Win 2003, Win 2008, SQL 49. Is there segmentatin between the systems string ephi and the rest f the netwrk? Sme and Sme N 50. Hw many Internet, DMZ, r segmentatin firewalls are in place? Hw is segmentatin achieved? Firewall, VLans 52. Is wireless technlgy in use anywhere n the netwrk? If s, hw many lcatins?, al 53. Is ephi data transmitted ver wireless devices at any pint? 54. Are ephi data transactins accepted thrugh a web server? N 55. Hw many data centers stre and/r transmit ephi data? Tw 56. Is any part f the envirnment utsurced t a 3 rd party? N 57. Are there third parties, utsurcers, r business partners cnnected t the netwrk?, as needed cnsultants/vendrs 58. Is there a netwrk diagram and data flw diagram f the ephi data envirnment? Netwrk Diagram = yes Data flw = n 59. Is the Cunty's netwrk segmented t islate electrnic prtected health infrmatin (ephi) frm systems and users that have n need t access it? N
8 60. Can the Cunty prvide sme details arund the IT systems that supprt the in scpe departments? This may include the number f systems, platfrms (Windws, UNIX, etc.), architecture (virtual, physical, etc.) r anther key system attributes that wuld assist with the scping f the assessment activities. Windws/Linux, Virtual, Physical Servers 61. Regarding the IT infrastructure and MIS rles, respnsibilities, and accuntabilities, des the Outagamie Cunty MIS Department take wnership f the IT systems, applicatins, and supprt fr the Department f Health & Human Services and the Brewster Village Nursing Hme?, MIS takes wnership and supprt fr hardware and sme applicatins. 62. What plicies and prcedures are currently dcumented and in place fr the Outagamie Cunty MIS Department regarding hw MIS emplyees, cntractrs, and authrized users are t access, handle, and transfer/mve PHI r ephi within IT systems, servers, and databases? N frmal plicies 63. What web applicatins and n line services des Outagamie Cunty and the Department f Health & Human Services and Brewster Village Nursing Hme currently ffer its citizens? Please prvide the URL link fr these nline, web applicatins and services. nne 64. Please describe r prvide a shrt summary f the IT systems, applicatins, and services that the Outagamie Cunty MIS Department prvides and supprts n behalf f the Department f Health & Human Services and Brewster Village Nursing Hme. One Cluster Server fr BV and One Cluster Server fr HHS 65. Please describe r prvide an Org Chart f the MIS Department s IT rganizatin and the individuals that are respnsible and accuntable fr managing and supprting the IT systems, applicatins, and services fr the Department f Health & Human Services and Brewster Village Nursing Hme. MIS Department staff: 14 emplyees supprting IT general business functins include: IT Helpdesk Functins Servers Netwrk Security Telecmmuncatins LAN/Phne PC Technicians Prgramming Recrds Management
9 And including HHS MIS Crdinatr and Brewster Village Infrmatin Services Crdinatr 66. Please indicate whether r nt the fllwing plans are develped, implemented, tested and the last date f their review: Name f the Plan Develped X Implemented X Tested X Overall Security Plan Disaster Recvery Plan Cntinuity f Care Plan Risk Management Plan Emergency Mde f Operatin N frmal plans develped yet 67. Is the current disaster recvery, cntinuity and risk management plan a part f the HIPAA evaluatin/review? N 68. Have any f the systems had penetratin testing? 69. Have yu identified a Security Official? Last Review Date 70. Fr each f the cvered cmpnents (DHHS, Brewster Village, and MIS) please address the fllwing: 1. Hw many systems are utilized t access, create, mdify, stre r transmit prtected health infrmatin fr each f the cvered cmpnents? asked this earlier 2. Are these systems supprted by a vendr r managed by internal IT resurces? Bth 3. Des the rganizatin share health infrmatin with ther health rganizatins electrnically? 4. Is the rganizatin using an electrnic health recrd? 5. What ther system related prjects are planned that may impact this review? Nne 6. Are yu currently billing electrnically fr the billable services ffered by the cvered entities?
GUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More information1)What hardware is available for installing/configuring MOSS 2010?
1)What hardware is available fr installing/cnfiguring MOSS 2010? 2 Web Frnt End Servers HP Prliant DL 380 G7 2 quad cre Intel Xen Prcessr E5620, 2.4 Ghz, Memry 12 GB, 2 HP 146 GB drives RAID 5 2 Applicatin
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationSystems Support - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets
More informationHIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337
HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationSystem Business Continuity Classification
System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch
More informationSecurity Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
More informationCloud Services Frequently Asked Questions FAQ
Clud Services Frequently Asked Questins FAQ Revisin 1.0 6/05/2015 List f Questins Intrductin What is the Caradigm Intelligence Platfrm (CIP) clud? What experience des Caradigm have hsting prducts like
More informationVCU Payment Card Policy
VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this
More informationIT CHANGE MANAGEMENT POLICY
IT CHANGE MANAGEMENT POLICY Effective Date May 19, 2016 Crss-Reference 1. IT Operatins and Maintenance Plicy 2. IT Security Incident Management Plicy Respnsibility Apprver Review Schedule 1. Plicy Statement
More informationCOUNTY OF SACRAMENTO PLANNING AND ENVIRONMENTAL REVIEW
COUNTY OF SACRAMENTO PLANNING AND ENVIRONMENTAL REVIEW REQUEST FOR PROPOSAL fr ON-CALL CULTURAL RESOURCE SERVICES Release Date: Tuesday, March 10, 2015 Submittal Deadline: Mnday, April 13, 2015 by 5:00
More informationState of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)
State f Wiscnsin Divisin f Enterprise Technlgy (DET) Distributed Database Hsting Service Offering Definitin (SOD) Distributed Database Hsting SOD Page 1 12/9/2010 Dcument Revisin Histry (Majr Pst Publishing
More informationIn addition to assisting with the disaster planning process, it is hoped this document will also::
First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business
More informationSystem Business Continuity Classification
Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required
More informationProcess of Setting up a New Merchant Account
Prcess f Setting up a New Merchant Accunt Table f Cntents PCI DSS... 3 Wh t cntact?... 3 Bakcgrund n PCI... 3 Why cmply?... 3 Hw t cmply?... 3 PCI DSS Scpe... 4 Des PCI DSS Apply t Me?... 4 What if I am
More informationSoftware and Hardware Change Management Policy for CDes Computer Labs
Sftware and Hardware Change Management Plicy fr CDes Cmputer Labs Overview The cmputer labs in the Cllege f Design are clsely integrated with the academic needs f faculty and students. Cmputer lab resurces
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationSecurity in Business and Applications. Madison Hajeb Stefan Hurst Benjamin Von Slade
Security in Business and Applicatins Madisn Hajeb Stefan Hurst Benjamin Vn Slade Intrductin Prject Cncept - Implement security in a small business setting Original Plan - D sme security audits fr small
More informationThe ADVANTAGE of Cloud Based Computing:
The ADVANTAGE f Clud Based Cmputing: A Web Based Slutin fr: Business wners and managers that perate equipment rental, sales and/r service based rganizatins. R M I Crpratin Business Reprt RMI Crpratin has
More informationHow To Write An Ehsms Training, Awareness And Competency Procedure
Envirnmental, Health & Safety Management System (EHSMS) Dcument Number: 00122 Issue Date: 05/07/2014 Training, Awareness and Cmpetency Prcedure Revisin Number: 7 Prepared By: Stalcup, Bryce Apprved By:
More informationIT Help Desk Service Level Expectations Revised: 01/09/2012
IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+
More informationexpertise hp services valupack consulting description security review service for Linux
expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS
More informationRequest for Proposal Technology Services
Avca Schl District 37 Wilmette, IL Request fr Prpsal Technlgy Services Netwrk and Systems Infrastructure Management Services December 5, 2013 Avca Schl District 37 is seeking an IT cnsulting firm t manage
More informationAvaya Business Continuity Plan Overview
Avaya Business Cntinuity Plan Overview 1 Crprate Business Cntinuity Prgram Mdel at Avaya At Avaya the versight f the Business Cntinuity Prgram belngs t the Crprate Business Cntinuity Management Team. This
More informationUnified Communications
Office f Infrmatin Technlgy Services Service Level Agreement Unified Cmmunicatins Nvember 7, 2013 v2.2 Service Descriptin Unified Cmmunicatins Service Descriptin ITS Unified Cmmunicatins ffers a number
More informationIntegrating With incontact dbprovider & Screen Pops
Integrating With incntact dbprvider & Screen Pps incntact has tw primary pints f integratin. The first pint is between the incntact IVR (script) platfrm and the custmer s crprate database. The secnd pint
More informationCMS Eligibility Requirements Checklist for MSSP ACO Participation
ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.
More informationService Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S
Service Level Agreement (SLA) Hsted Prducts Netp Business Slutins A/S Cntents 1 Service Level Agreement... 3 2 Supprt Services... 3 3 Incident Management... 3 3.1 Requesting service r submitting incidents...
More informationChapter 7 Business Continuity and Risk Management
Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity
More informationService Level Agreement Distributed Hosting and Distributed Database Hosting
Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service
More informationSaaS Listing CA Cloud Service Management
SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters
More informationImproved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
More informationEgency Operatins Plans
Agency Operatins Plan 2015-17 Agency: Nrth Dakta Public Emplyees Retirement System (NDPERS) Line f Business: (ptinal) The Public Emplyees Retirement System is the administratr f several emplyee benefit
More informationElectronic and Information Resources Accessibility Compliance Plan
Electrnic and Infrmatin Resurces Accessibility Cmpliance Plan Intrductin The University f Nrth Texas at Dallas (UNTD) is cmmitted t prviding a wrk envirnment that affrds equal access and pprtunity t therwise
More informationCOUNTY OF SONOMA AGENDA ITEM SUMMARY REPORT
COUNTY OF SONOMA AGENDA ITEM SUMMARY REPORT Department: General Services Cntact: Phne: Dave Head (707) 565-2809 Bard Date: May 12, 2009 Clerk f the Bard Use Only Meeting Date Held Until / / / / Agenda
More informationITIL Release Control & Validation (RCV) Certification Program - 5 Days
ITIL Release Cntrl & Validatin (RCV) Certificatin Prgram - 5 Days Prgram Overview ITIL is a set f best practices guidance that has becme a wrldwide-adpted framewrk fr Infrmatin Technlgy Services Management
More informationOakland County Department of Information Technology Project Scope and Approach
Oakland Cunty Department f Infrmatin Technlgy Prject Scpe and Apprach Prject Name: Web-Based Permanency Database Prject ID: DB1314PD Leadership Grup: Curts Department: Circuit Curt Divisin: Family Prject
More informationREQUEST FOR PROPOSAL FOR SHAREPOINT LEGISLATIVE MANAGEMENT SERVICES
REQUEST FOR PROPOSAL FOR SHAREPOINT LEGISLATIVE MANAGEMENT SERVICES The Wyming Legislature is at a pivtal pint in the management f its infrmatin and we are lking fr an accmplished firm with SharePint technlgy
More information2008 BA Insurance Systems Pty Ltd
2008 BA Insurance Systems Pty Ltd BAIS have been delivering insurance systems since 1993. Over the last 15 years, technlgy has mved at breakneck speed. BAIS has flurished in this here tday, gne tmrrw sftware
More informationTITLE: RECORDS AND INFORMATION MANAGEMENT POLICY
TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationCustomer Support & Software Enhancements Policy
Custmer Supprt & Sftware Enhancements Plicy Welcme t Manhattan Assciates Custmer Supprt Organizatin (CSO). Staying current n Custmer Supprt & Sftware Enhancements and n a supprted versin f the licensed
More informationApril 29, 2013 INTRODUCTION ORGANIZATIONAL OVERVIEW PROJECT OVERVIEW
April 29, 2013 INTRODUCTION The Mid-Atlantic Reginal Air Management Assciatin, Inc (MARAMA) is seeking t engage a cntractr t assist in updating f MARAMA s current website sftware and mve the website t
More informationPROTIVITI FLASH REPORT
PROTIVITI FLASH REPORT The PCI Security Standards Cuncil Releases PCI DSS Versin 3.2 May 9, 2016 On April 28, 2016, the PCI Security Standards Cuncil (PCI SSC) released PCI Data Security Standard (PCI
More informationS&T IT Change Management Policy and Procedure
S&T IT Change Management Plicy and Prcedure 5/1/2016 Page 2 f 10 Executive Summary S&T IT Change Management All IT & Ed Tech staff are respnsible t fllw the Change Management Prcess when intrducing changes
More informationCorporate Profile, 2014
Cpyright 2014 IT-Serve.cm All rights reserved. IT-Serve.cm Crprate Prfile, 2014 Internatinal experience, Reginal reach, Lcal understanding Dubai Abu Dhabi Sharjah Oman Qatar Saudi Arabia IT-Serve.cm PO
More informationSession 9 : Information Security and Risk
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
More informationService Continuity Plan for Desktop Services
Service Cntinuity Plan fr Desktp Services Service Cntinuity Plan fr Desktp Services Versin 3.0 10/13/2015 The fficial versin f this dcument is in the CS Dcument Database (DcDB). Fermi Natinal Acceleratr
More informationManaged Services. Request for Proposal. February 19, 2014. Version 1.1
Managed Services Request fr Prpsal February 19, 2014 Versin 1.1 1 Cntents 1 Overview...3 Abut Cnnect fr Health Clrad (C4HCO)...3 Overview and backgrund infrmatin:...3 List f remte managed services bth
More informationPrivacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.
Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive
More informationMédecins Sans Frontières Australia Job Description
Médecins Sans Frntières Australia Jb Descriptin POSITION DESCRIPTION Psitin Lcatin: Reprting t: Supervising: Status: Service Centre Technical Crdinatr Sydney (Bradway) Service Centre Manager N/A 6-mnths
More informationRequest for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply
Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t
More informationZimbra Professional Services Portfolio, Purchasing Guide & Price List
In- Tuitin Netwrks Ltd Zimbra Prfessinal Services Prtfli, Purchasing Guide & Price List This dcument prvides an verview f In- Tuitin Netwrks Limited s range f Zimbra Prfessinal Services available n the
More informationSoutheast Michigan Disaster Recovery Talking Points
Sutheast Michigan Disaster Recvery Talking Pints DR-4195-MI, The majr federal disaster declaratin signed by President Obama n September 25, 2014, ffers Individual and Public Assistance t Sutheast Michigan,
More informationChange Management Process For [Project Name]
Management Prcess Fr [Prject Name] i 1 Intrductin The is fllwed during the Executin phase f the Prject Management Life Cycle, nce the prject has been frmally defined and planned. 1.1 What is a Management
More informationPOLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014
State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)
More informationRequest for Proposal. Saskatchewan Arts Board. Database Development. RFP Reference Number S AB-ADMIN001. Release Date Februar y 9, 2016
Request fr Prpsal Saskatchewan Arts Bard Database Develpment RFP Reference Number S AB-ADMIN001 Release Date Februar y 9, 2016 Clsing Date March 1, 2016 Clsing Time 2:00 pm, Lcal Sask. Time Page 2 f 7
More informationBES12 Jumpstart Program Description ( Jumpstart Program Description )
BES12 Jumpstart Prgram Descriptin ( Jumpstart Prgram Descriptin ) This dcument includes all attached Annexes, is prvided fr infrmatinal purpses nly, and des nt in itself cnstitute a binding legal dcument.
More informationDatabase Services - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and Database Services t dcument: The technlgy services Database Services prvides t the custmer. The targets fr respnse times, service
More informationIN-HOUSE OR OUTSOURCED BILLING
IN-HOUSE OR OUTSOURCED BILLING Medical billing is ne f the mst cmplicated aspects f running a medical practice. With thusands f pssible cdes fr diagnses and prcedures, and multiple payers, the ability
More informationInformation Technology Department REQUEST FOR PROPOSALS
Infrmatin Technlgy Department REQUEST FOR PROPOSALS Identity and Access Management Service Design and Technlgy Implementatin January 11, 2013 Prpsals due by 4 p.m. n February 1 st, 2013 Attachment 2 Prject
More information(DRAFT) WISHIN DIRECT MARKETING PLAN Prepared by Kim Johnston June, 2011
Prepared by Kim Jhnstn Purpse Prvide a review f the market Give an verview f the market segments fr WISHIN Direct Outline the marketing and cmmunicatin activities fr WISHIN Direct Identify the cmmunicatin
More informationOR 2) Implement and customize an off the shelf product that would suit the requirements
CRM Custmer Relatinship Management Request fr Prpsal (RFP) Created by : Gayathri Jaganathan Rle : Prject Manager Prpsal Date: 10/02/06 Organizatin: AIM Alliance Inspectin Management Cmpany Lcatin : 28235
More informationTexas Woman's University University Policy Manual
Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September
More informationCloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013
Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies
More informationHP ValuPack Consulting Description OpenVMS Engineering Change Order (ECO) Patch List
HP ValuPack Cnsulting Descriptin OpenVMS Engineering Change Order (ECO) Patch List HP ValuPacks are standardized cnsulting services, prvided by HP Slutin Center Service Prfessinals, with pre-defined custm
More informationConsolidated Edison of New York: Residential Direct Install Program: Process Evaluation Summary
Cnslidated Edisn f New Yrk: Residential Direct Install Prgram: Prcess Evaluatin Summary Evaluatin Cnducted by: DNV KEMA as subcntractr t Navigant Cnsulting PROGRAM SUMMARY March 13, 2013 Cn Edisn designed
More informationLicensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite
Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This
More informationThis document provides instructions on how to complete the Cheque Requisition Form.
Office f the Cmptrller Accunts Payable Divisin f Finance and Administratin Standard Operating Prcedure Cheque Requisitin Effective Date: July 19, 2010 Descriptin: This dcument prvides instructins n hw
More informationMigrationWiz HIPAA Compliant Migration. Focus on data migration, not regulation. BitTitan Global Headquarters: 3933 Lake Washington Blvd NE Suite 200
MigratinWiz HIPAA Cmpliant Migratin Fcus n data migratin, nt regulatin. BitTitan Glbal Headquarters: 3933 Lake Washingtn Blvd NE Suite 200 Table f Cntents Kirkland, WA 98033 www.bittitan.cm sales@bittitan.cm
More informationAHLA. C. Big Data, Cloud Computing and the New World Order for Health Care Privacy
AHLA C. Big Data, Clud Cmputing and the New Wrld Order fr Health Care Privacy Marti Arvin Chief Cmpliance Officer UCLA David Geffen Schl f Medicine Ls Angeles, CA Kirk J. Nahra Wiley Rein LLP Washingtn,
More informationThe Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future
The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents
More informationNuance Healthcare Services Project Delivery Methodology
NUANCE PROFESSIONAL SERVICES Nuance Healthcare Services 2008 Nuance Cmmunicatins, Inc. All rights reserved. Nuance Healthcare Services 1 INTRODUCTION This dcument describes the prject management methdlgy
More informationGood Secure Collaboration Suite Quickstart Program Description ( Quickstart Program Description )
Gd Secure Cllabratin Suite Quickstart Prgram Descriptin ( Quickstart Prgram Descriptin ) This dcument includes all attached Annexes, is prvided fr infrmatinal purpses nly, and des nt in itself cnstitute
More informationISO Management Systems. Guidance on understanding the benefits of an ISO Management System
ISO Management Systems Guidance n understanding the benefits f an ISO Management System Welcme & Intrductins 4031 University Drive, 206, Fairfax, VA 22030 3 Grant Square, 243, Hinsdale, IL 60521 www.radiancmpliance.cm
More informationProject Startup Report Presented to the IT Committee June 26, 2012
Prject Name: SOS File 2.0 Agency: Secretary f State Business Unit/Prgram Area: Secretary f State Prject Spnsr: Al Jaeger Prject Manager: Beverly Maitland Prject Startup Reprt Presented t the IT Cmmittee
More informationVersion Date Comments / Changes 1.0 January 2015 Initial Policy Released
Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance
More informationRemote Working (Policy & Procedure)
Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer
More informationResearch Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012
Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.
More informationWeber State University Stewart Library Information Technology Plan Contents
Weber State University Stewart Library Infrmatin Technlgy Plan Cntents Weber State University Stewart Library Infrmatin Technlgy Plan... 2 Intrductin... 2 Current State f Technlgy in the Library... 4 Missin
More informationHelp Desk Level Competencies
Help Desk Level Cmpetencies Level 1 Take user calls and manage truble tickets Ability t staff and manage the rganizatins helpdesk and effectively respnd t rutine custmer calls Ability t use prper grammar
More informationOracle Cloud Enterprise Hosting and Delivery Policies
Oracle Clud Enterprise Hsting and Delivery Plicies Statement f Changes Versin 1.5, 6/01/2015 This dcument utlines changes made t the Oracle Clud Enterprise Hsting and Delivery Plicies dated December 1,
More informationOITS Service Level Agreement
OITS Service Level Agreement Objective A Service Level Agreement (SLA) describes the IT Service, dcuments Service Level Targets, and specifies the respnsibilities f the IT Service Prvider and the Custmer.
More informationResearch Report. Abstract: Data Center Networking Trends. January 2012. By Jon Oltsik With Bob Laliberte and Bill Lundell
Research Reprt Abstract: Data Center Netwrking Trends By Jn Oltsik With Bb Laliberte and Bill Lundell January 2012 2012 Enterprise Strategy Grup, Inc. All Rights Reserved. Intrductin Research Objective
More informationACTIVITY MONITOR Real Time Monitor Employee Activity Monitor
ACTIVITY MONITOR Real Time Mnitr Emplyee Activity Mnitr This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it is a library
More informationVirtual Meetings and Virtual Teams Using Technology to Work Smarter
http://www.psu.edu/president/pia/innvatin/ INNOVATION INSIGHT SERIES NUMBER 9 Virtual Meetings and Virtual Teams Using Technlgy t Wrk Smarter Yu need t have a meeting. Sme f the peple yu d like t include
More informationConfiguring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp
Cnfiguring, Mnitring and Deplying a Private Clud with System Center 2012 Bt Camp Length: 5 Days Technlgy: Micrsft System Center 2012 Delivery Methd: Instructr-led Hands-n Audience Prfile This curse is
More informationSymantec User Authentication Service Level Agreement
Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed
More informationREQUEST FOR PROPOSAL SECURITY SERVICES
REQUEST FOR PROPOSAL SECURITY SERVICES Sectin I INTRODUCTION [Cmpany] is seeking prpsals frm qualified Cntractrs t prvide unifrmed security service fr [Cmpany] facilities at [Lcatin(s)]. This dcument is
More informationProject Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES
Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care
More informationAppendix H. Annual Risk Assessment and Audit Plan 2013/14
Annual Risk Assessment and Audit Plan 2013/14 Internal Audit Department September 25, 2013 Table f Cntents Intrductin.. 3 Risk Assessment Prcess... 4 Page 2 Intrductin Each year, the Internal Audit Department
More informationCOUNSELING DEFINITIONS
Client TERM COUNSELING DEFINITIONS DEFINITION The client is the business, if it exists. In the case f a prspective business, the client is the individual. In-Business: Cmpleted required registratin(s),
More informationSystems Load Testing Appendix
Systems Lad Testing Appendix 1 Overview As usage f the Blackbard Academic Suite grws and its availability requirements increase, many custmers lk t understand the capability f its infrastructure. As part
More information2010 AT&T Business Continuity Study CENTRAL REGION (Missouri) Results
2010 Business Cntinuity Study: Missuri 2010 AT&T Business Cntinuity Study CENTRAL REGION (Missuri) Results Key Findings IT Plans fr 2010 IT budgets fr 2010 are abut the same r higher than thse f the previus
More informationCSC IT practix Recommendations
CSC IT practix Recmmendatins CSC Healthcare 28th January 2014 Versin 3 www.csc.cm/glbalhealthcare Cntents 1 Imprtant infrmatin 3 2 IT Specificatins 4 2.1 Wrkstatins... 4 2.2 Minimum Server with 1-5 wrkstatins
More informationTHE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM
THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant
More information