SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 2023-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at:
SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 2023-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: xxxxx://xxxxxxxxxxxxxxx.xxxxxxx.xxx/cybersecurity/cybersecurity-standards-and-directives MODIFICATION OF CUSTOMARY PROVISIONS OF ATTACHMENT C OR ATTACHMENT F 1. The insurance requirements contained in Attachment C, Section 8 are hereby modified: To Add:
SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 23-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: xxxxx://xxxxxxxxxxxxxxx.xxxxxxx.xxx/cybersecurity/cybersecurity-standards-and-directives ATTACHMENT E BUSINESS ASSOCIATE AGREEMENT SOV CONTRACTOR/GRANTEE/BUSINESS ASSOCIATE: BI-STATE PRIMARY CARE ASSOCIATION SOV CONTRACT NO. 45704 CONTRACT EFFECTIVE DATE: 05/01/2023 This Business Associate Agreement (“Agreement”) is entered into by and between the State of Vermont Agency of Human Services (“Covered Entity”) and Party identified in this Agreement as Contractor or Grantee above (“Business Associate”). This Agreement supplements and is made a part of the contract or grant (“Contract or Grant”) to which it is attached. Covered Entity and Business Associate enter into this Agreement to comply with the standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the Standards for the Privacy of Individually Identifiable Health Information, at 45 CFR Parts 160 and 164 (“Privacy Rule”), and the Security Standards, at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act (HITECH), and any associated federal rules and regulations. The parties agree as follows:
SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 2023- 01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: xxxxx://xxxxxxxxxxxxxxx.xxxxxxx.xxx/cybersecurity/cybersecurity-standards-and-directives STATE OF VERMONT CONTRACT # 45815 DEPARTMENT OF VERMONT HEALTH ACCESS PAGE 62 of 87 VERMONT INFORMATION TECHNOLOGY LEADERS, INC. ATTACHMENT E BUSINESS ASSOCIATE AGREEMENT SOV CONTRACTOR/GRANTEE/BUSINESS ASSOCIATE: VERMONT INFORMATION TECHNOLOGY LEADERS, INC. SOV CONTRACT NO. 45815 CONTRACT EFFECTIVE DATE: 7/1/2023 This Business Associate Agreement (“Agreement”) is entered into by and between the State of Vermont Agency of Human Services, operating by and through its Department of Vermont Health Access (“Covered Entity”) and Party identified in this Agreement as Contractor or Grantee above (“Business Associate”). This Agreement supplements and is made a part of the contract or grant (“Contract or Grant”) to which it is attached. Covered Entity and Business Associate enter into this Agreement to comply with the standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the Standards for the Privacy of Individually Identifiable Health Information, at 45 CFR Parts 160 and 164 (“Privacy Rule”), and the Security Standards, at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act (HITECH), and any associated federal rules and regulations. The parties agree as follows:
SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 2023-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: xxxxx://xxxxxxxxxxxxxxx.xxxxxxx.xxx/cybersecurity/cybersecurity-standards-and-directives DocuSign Envelope ID: AB1E877B-8AD4-4E47-888B-24F6471EB871 ATTACHMENT G STATE OF VERMONT- FEDERAL TERMS SUPPLEMENT (Non-Construction) (Revision date: July 19, 2023) PROCUREMENT OF RECOVERED MATERIALS In the performance of this contract, the Contractor shall make maximum use of products containing recovered materials that are EPA-designated Items unless the products cannot be acquired-
SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 2023-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: xxxxx://xxxxxxxxxxxxxxx.xxxxxxx.xxx/cybersecurity/cybersecurity-standards-and-directives State of Vermont Ordering Document for Services Authorizing Agreement: State of Vermont Participating Addendum # for NASPO VALUEPOINT PURCHASING PROGRAM: Computer Equipment, Peripherals & Related Services Contractor:
SOV Cybersecurity Standard Update 2023-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard 23-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: xxxxx://xxxxxxxxxxxxxxx.xxxxxxx.xxx/cybersecurity/cybersecurity-standards-and-directives ATTACHMENT E BUSINESS ASSOCIATE AGREEMENT SOV CONTRACT BUSINESS ASSOCIATE: CSG GOVERNMENT SOLUTIONS SOV CONTRACT No. 45649 CONTRACT EFFECTIVE DATE: May 1, 2023 THIS BUSINESS ASSOCIATE AGREEMENT (“AGREEMENT”) IS ENTERED INTO BY AND BETWEEN THE STATE OF VERMONT AGENCY OF HUMAN SERVICES, OPERATING BY AND THROUGH ITS DEPARTMENT OF VERMONT HEALTH ACCESS (“COVERED ENTITY”) AND PARTY IDENTIFIED IN THIS AGREEMENT AS CONTRACTOR OR GRANTEE ABOVE (“BUSINESS ASSOCIATE”). THIS AGREEMENT SUPPLEMENTS AND IS MADE A PART OF THE CONTRACT OR GRANT (“CONTRACT OR GRANT”) TO WHICH IT IS ATTACHED. Covered Entity and Business Associate enter into this Agreement to comply with the standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the Standards for the Privacy of Individually Identifiable Health Information, at 45 CFR Parts 160 and 164 (“Privacy Rule”), and the Security Standards, at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act (HITECH), and any associated federal rules and regulations. The parties agree as follows:
