System Security Review. Business Associate must ensure audit control mechanisms that record and examine system activity are in place. All systems processing and/or storing DHCS PHI or PI must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.
Appears in 5 contracts
Samples: California Mental Health Services, Participation Agreement, California Mental Health Services Authority Participation Agreement