Browse
Search
2013-094 Health - State of NC Department of Health for Maintaining and Promoting the Advancement of Public Health in NC
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2013
>
2013-094 Health - State of NC Department of Health for Maintaining and Promoting the Advancement of Public Health in NC
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/9/2014 3:01:24 PM
Creation date
1/9/2014 3:01:20 PM
Metadata
Fields
Template:
BOCC
Date
4/8/2013
Meeting Type
Work Session
Document Type
Agreement
Agenda Item
Mgr Signed
Document Relationships
R 2013-094 Health - State of NC for Maintaining a nd promoting the advancement of public health in NC
(Linked From)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2013
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
31
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Consolidated Agreement FY14 Page 22 of 23 <br /> containing personal information along with the confidential process or key shall constitute a <br /> security breach. Good faith acquisition of personal information by an employee or agent of the <br /> business for a legitimate purpose is not a security breach,provided that the personal information' <br /> not used for a purpose other than a lawful purpose of the business and is not subject to further <br /> unauthorized disclosure. <br /> d. "Unsecured protected health information"means protected health information(PHI)that is not <br /> rendered unusable,unreadable,or indecipherable to unauthorized individuals through the use of <br /> technology or methodology specified by the Secretary in the guidance issued under section <br /> 13402(h)(2) of Pub.L.111-5. <br /> The following PHI shall not be regarded as Unsecured PHI: <br /> • Electronic PHI has been encrypted as specified in the HIPAA Security rule by the use of an <br /> algorithmic process to transform data into a form in which there is a low probability of <br /> assigning meaning without the use of a confidential process or key and such confidential <br /> process or key that might enable decryption has not been breached. To avoid a breach of <br /> the confidential process or key,these decryption tools should be stored on a device or at a <br /> location separate from the data they are used to encrypt or decrypt. The following <br /> encryption processes meet this standard: <br /> — Valid encryption processes for data at rest(i.e.data that resides in databases, file <br /> systems and other structured storage systems) are consistent with NIST Special <br /> Publication 800-111, Guide to Storage Encryption Technologies for End User Devices. <br /> Valid encryption processes for data in motion(i.e. data that is moving through a <br /> network,including wireless transmission) are those that comply, as appropriate,,with <br /> NIST Special Publications 800-52, Guidelines for the Selection and Use of Transport <br /> Layer Security(TLS)Implementations; 800-77, Guide to IPsec VPNs; or 800-113, <br /> Guide to SSL VPNs, and may include others which are Federal Information Processing <br /> Standards FIPS 140-2 validated. <br /> • The media on which the PHI is stored or recorded has been destroyed in the following <br /> ways: <br /> — Paper,film, or other hard copy media have been shredded or destroyed such that the <br /> PHI cannot be read or otherwise cannot be reconstructed. Redaction is specifically <br /> excluded as a means of data destruction. <br /> — Electronic media have been cleared,purged, or destroyed consistent with NIST Special <br /> Publications 800-88,Guidelines for Media Sanitization, such that the PHI cannot be <br /> retrieved. <br />
The URL can be used to link to this page
Your browser does not support the video tag.