Computers. Security for data maintained in the HMIS depends on a secure computing environment. Computer security is adapted from relevant provisions of the Department of Housing and Urban Development’s (“HUD”) “Homeless Management Information Systems (HMIS); Data and Technical Standards Proposed Rule” (Docket No. FR 5475-P-01- Fed. Reg. Vol. 76, No. 237 (December 9, 2011/Proposed Rules). Agencies are encouraged to directly consult that document for complete documentation of HUD’s standards relating to HMIS. Agency will allow access to the HMIS only from computers which are: i. approved by IHCDA for the purpose of accessing and working with the HMIS; ii. protected from viruses by commercially available virus protection software (a) that includes, at a minimum, automated scanning of files as they are accessed by Users on the system on which the HMIS application is accessed and (b) with virus definitions that are regularly updated from the software vendor; iii. protected with a secure software or hardware firewall between, at least, the workstation and any systems (including the internet and other computer networks) located outside of the Agency; iv. maintained to ensure that the computer operating system running the computer used for the HMIS is kept up to date in terms of security and other operating system patches, updates, and fixes; v. accessed through web browsers with 128-bit encryption (e.g., Internet Explorer, version 8.0). Some browsers have the capacity to remember passwords, so that the User does not need to type in the password when returning to password-protected sites. This default shall not be used with respect to the HMIS; the end-user is expected to physically enter the password each time he or she logs on to the system; and vi. staffed at all times when in public areas. When computers are not in use and staff is not present, steps should be taken to ensure that the computers and data are secure and not usable by unauthorized individuals. These steps should minimally include (a) logging off the data entry system, (b) physically locking the computer in a secure area, (c) shutting down the computer entirely, or (d) using a password protected screen saver.
Appears in 1 contract
Samples: Hmis Participation Agreement
Computers. Security for data maintained in the NW Social Service Connections HMIS depends on a secure computing environment. Computer security is adapted from relevant provisions of the Department of Housing and Urban Development’s (“HUD”) “Homeless Management Information Systems (HMIS); ) Data and Technical Standards Proposed RuleNotice” (Docket No. FR 54754848-P-01- Fed. Reg. Vol. 76, No. 237 (December 9, 2011/Proposed RulesN-01; see xxxx://xxx.xxx.xxx/offices/cpd/homeless/hmis). Agencies are encouraged to directly consult that document for complete documentation of HUD’s standards relating to HMIS. BHCD and DSCP may add additional standards and will provide notice(s) to participants. Agency will allow access to the HMIS only from computers which are:
i. a. physically present on Agency’s premises;
b. owned by Agency; or
c. approved by IHCDA Agency for the purpose of accessing and working with the HMIS;; and
ii. d. protected from viruses by commercially available virus protection software (a) that includes, at a minimum, automated scanning of files as they are accessed by Users on the system on which the HMIS application is accessed and (b) with virus definitions that are regularly updated from the software vendor;software,
iii. e. protected with a secure software or hardware firewall between, at least, the workstation and any systems (including the internet and other computer networks) located outside of the Agency;protected from spyware,
iv. f. maintained to ensure insure that the computer operating system running the computer used for the HMIS is kept up to date in terms of security and other operating system patches, updates, and fixes;
v. , g. accessed through web browsers with 128-bit encryption (e.g., Internet Explorer, version 8.06.0). Some browsers have the capacity to remember passwords, so that the User user does not need to type in the password password
h. when returning to password-protected sites. This default shall not be used with respect to the NWSSC HMIS; the end-user is expected to physically enter the password each time he or she logs on to the system; and,
vi. i. staffed at all times when in agency public areas. When computers are not in use and staff is are not present, steps should be taken to ensure that the computers and data are secure and not usable by unauthorized individualspublicly accessible. These steps should minimally include (a) logging include: Logging off the data entry system, (b) physically locking the computer in a secure area, (c) or shutting down the computer entirely, or (d) using a password protected screen saver.
Appears in 1 contract
Samples: Agency Participation Agreement
Computers. Security for data maintained in the HMIS UNITY Information Network depends on a secure computing environment. Computer security is adapted from relevant provisions of the Department of Housing and Urban Development’s (“HUD”) “Homeless Management Information Systems (HMIS); ) Data and Technical Standards Proposed RuleNotice” (Docket No. FR 54754848-P-01- Fed. Reg. Vol. 76, No. 237 (December 9, 2011/Proposed RulesN-01). Agencies are encouraged to directly consult that document for complete documentation of HUD’s standards relating to HMISthe HMIS (UNITY). Agency will allow access to the HMIS UNITY only from computers which are:
i. (i) physically present on Agency’s premises;
(ii) owned by Agency; or
(iii) approved by IHCDA Agency for the purpose of accessing and working with the HMIS;UNITY; and
ii. (iv) protected from viruses by commercially available virus protection software software,
(av) that includes, at a minimum, automated scanning of files as they are accessed by Users on the system on which the HMIS application is accessed and (b) with virus definitions that are regularly updated from the software vendor;
iii. protected with a secure software or hardware firewall between, at least, the workstation and any systems firewall,
(including the internet and other computer networksvi) located outside of the Agency;
iv. maintained to ensure insure that the computer operating system running the computer used for the HMIS UNITY is kept up to date in terms of security and other operating system patches, updates, and fixes;; and
v. accessed through (vii) have access to web browsers with 128-bit encryption (e.g., Internet ExplorerChrome, version 8.0Firefox). Some browsers have the capacity to remember passwords, so that the User user does not need to type in the password when returning to to
(viii) password-protected sites. This default shall not be used with respect to the HMISUNITY Information Network; the end-user is expected to physically enter the password each time he or she logs on to the system; and,
vi. (ix) staffed at all times when in public areas. When computers are not in use and staff is not present, steps should be taken to ensure that the computers and data are secure and not usable by unauthorized individualspublicly accessible. These steps should minimally include minimally
(ax) logging include: Logging off the data entry system, (b) physically locking the computer in a secure area, (c) or shutting down the computer entirely, or (d) using a password protected screen saver.,
Appears in 1 contract
Samples: Agency Partner Agreement
Computers. Security for data maintained in the Snohomish County’s HMIS depends on a secure computing environment. Computer The computer security is requirements contained in this subsection are adapted from relevant provisions of the Department of Housing and Urban Development’s (“HUD”) “Homeless Management Information Systems (HMIS); Data and Technical Standards Proposed Rule” (Docket NoHUD Final Notice. FR 5475-P-01- Fed. Reg. Vol. 76, No. 237 (December 9, 2011/Proposed Rules). Agencies are encouraged The Agency is expected to directly consult that document the HUD Final Notice for complete documentation of HUD’s standards relating to HMIS. The Agency will allow access to the HMIS only from computers which are:
i. (i) physically present on Agency’s premises; and owned by Agency, or approved by IHCDA Agency for the purpose of accessing and working with the HMIS;
(ii. ) protected from viruses by commercially available virus protection software (aA) that includes, at a minimum, automated scanning of files as they are accessed by Users users on the system on which the HMIS application is accessed housed and (bB) with virus definitions that are regularly updated from the software vendor;
(iii. ) protected with a secure software or hardware firewall between, at least, the workstation and any systems (including the internet and other computer networks) located outside of the Agency;
(iv. ) maintained to ensure that the computer operating system running the computer used for the HMIS is kept up to date in terms of security and other operating system patches, updates, and fixes;
v. (v) accessed through web browsers with 128-bit encryption (e.g., Internet Explorer, version 8.06.0). Some browsers have the capacity to remember passwords, so that the User user does not need to type in the password when returning to password-protected sites. This default shall not be used with respect to the Snohomish County’s HMIS; the end-user is expected to physically enter the password each time he or she logs on to the system; and
(vi. ) staffed at all times when in public areas. When computers are not in use and staff is not present, steps should be taken to ensure that the computers and data are secure and not usable by unauthorized individuals. These steps should minimally include (a) logging off the data entry system, ,
(b) physically locking the computer in a secure area, or (c) shutting down the computer entirely, or (d) using a password protected screen saver.
Appears in 1 contract
Samples: Hmis Agency Partner Agreement
Computers. Security for data maintained in the NW Social Service Connections HMIS depends on a secure computing environment. Computer security is adapted from relevant provisions of the Department of Housing and Urban Development’s (“HUD”) “Homeless Management Information Systems (HMIS); ) Data and Technical Standards Proposed RuleNotice” (Docket No. FR 54754848-P-01- Fed. Reg. Vol. 76, No. 237 (December 9, 2011/Proposed RulesN-02; see xxxx://xxx.xxx.xxx/offices/cpd/homeless/hmis). Agencies are encouraged to directly consult that document for complete documentation of HUD’s standards relating to HMIS. Agency BHCD and THE LEAD ORGANIZATIONS may add additional standards and will provide notice(s) to Participants. The Participant will allow access to the HMIS only from computers which are:
i. a. physically present on Participant’s premises;
b. owned by Participant; or
c. approved by IHCDA Participant for the purpose of accessing and working with the utilizing HMIS;; and
ii. d. protected from viruses by commercially available virus protection software (a) that includes, at a minimum, automated scanning of files as they are accessed by Users on the system on which the HMIS application is accessed and (b) with virus definitions that are regularly updated from the software vendor;software,
iii. e. protected with a secure software or hardware firewall between, at least, the workstation and any systems (including the internet and other computer networks) located outside of the Agency;protected from spyware,
iv. f. maintained to ensure insure that the computer operating system running the computer used for the HMIS is kept up to date in terms of security and other operating system patches, updates, and fixes;
v. , g. accessed through web browsers with 128-bit encryption (e.g., Internet Explorer, version 8.06.0). Some browsers have the capacity to remember passwords, so that the User user does not need to type in the password when returning to password-protected sites. This default shall not be used with respect to the NWSSC HMIS; the end-user is expected required to physically enter the password each time he or she logs on to the system; and,
vi. h. secured with password protected screen savers,
i. staffed at all times when in Participant public areas. When computers are not in use and staff is are not present, steps should be taken to ensure that the computers and data are secure and not usable by unauthorized individualspublicly accessible. These steps should minimally include (a) logging include: Logging off the data entry system, (b) physically locking the computer in a secure area, (c) or shutting down the computer entirely, or (d) using a password protected screen saver.
Appears in 1 contract
Samples: Agency Participation Agreement