Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 5 contracts
Samples: cams.ocgov.com, Electronic Records Management System, Electronic Records Management System
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 3 contracts
Samples: Service Level Agreement, voiceofoc.org, cams.ocgov.com
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ §164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 3 contracts
Samples: Iconnect Consulting, System Maintenance and Support Services, cams.ocgov.com
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 2 contracts
Samples: Electronic Records Management System, cams.ocgov.com
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 2 contracts
Samples: cams.ocgov.com, cams.ocgov.com
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXXOCHCA. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 2 contracts
Samples: Eligibility Management System, Electronic Records Management System
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdfxxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30- rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 1 contract
Samples: cams.ocgov.com
Application Access. All systems accessible via the internet must employ security controls to prevent access to the application via an asset not approved or owned by the county. • Risk Assessment. Application Service Providers hosting data for HIPAA covered services must conduct an accurate and thorough Risk Assessment as required by HIPAA Security Rule, Security Management (§ 164.308(a)(1)). Further, they must follow the risk assessment methodology, based on the latest version of NIST SP 800-30 (xxxx://xxxx.xxxx.xxx/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). Upon request, the Risk Assessment findings and remediation strategy must be shared with XXXXX. • NIST. To ensure compliance with HIPAA, Application Service Providers shall implement appropriate security safeguards by following National Institute of Standards and Technology (NIST) guidelines.
Appears in 1 contract
Samples: Electronic Records Management System