Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 4 contracts
Samples: Software Maintenance and Database Hosting Services Agreement, Diagnostic Testing Services Agreement, Contract for Electronic Records Management System
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ §164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 3 contracts
Samples: Public Health Laboratory Web Portal Services Agreement, Contract for Disease Control and Preventative Health Technology Enabled Solution, Electronic Health Records System Maintenance and Support Services
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 3 contracts
Samples: Contract for Services, Nurse Case Management System Contract, Software Maintenance and Database Hosting Services
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.. County of Orange Health Care Agency Page 43 MA-042-17011367
Appears in 2 contracts
Samples: Contract for Electronic Health Record System Maintenance and Support, Contract for Electronic Health Record System Maintenance and Support
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 2 contracts
Samples: Environmental Health Data Management System Contract, Environmental Health Data Management System Contract
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 2 contracts
Samples: Contract for Fastpack Exp Consumables and Maintenance Services, Contract for Electronic Records Management System
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 2 contracts
Samples: Telehealth and Digital Mental Health Support Services, Behavioral Health System Transformation Contract
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 1 contract
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 1 contract
