Browse
Search
2017-650-E Health - Carolinas IT to conduct HIPAA security risk analysis
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2017
>
2017-650-E Health - Carolinas IT to conduct HIPAA security risk analysis
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
6/12/2018 9:43:26 AM
Creation date
12/12/2017 7:49:17 AM
Metadata
Fields
Template:
Contract
Date
11/20/2017
Contract Starting Date
11/20/2017
Contract Ending Date
6/30/2018
Contract Document Type
Contract
Amount
$5,000.00
Document Relationships
R 2017-650-E Health - Carolinas IT to conduct HIPAA security risk analysis
(Linked To)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2017
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
24
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:88577424-D976-4534-82EF-EEA3A41BAB2A <br /> Note: <br /> • The Client must provide available customer resources to provide console or network access to Internet router and fireweall <br /> and all servers..Alternatively, the customer may provide printed copied of the current software configurations, however this <br /> option will result in more limited discovery. <br /> • This audit/assessment is not meant to impact the network in any way. Every attempt will be made to protect the Client's <br /> production environment and avoid any interruption in service; however, the possibility of an interruption does exist during <br /> the scan. <br /> • No changes will be made to the Client's environment as a result of this engagement. This Assessment is meant to reveal <br /> any vulnerability and allow the Client to decide the most effective way to address them. <br /> • Carolinas IT does not recommend that any of the suggested"fixes"for discovered vulnerabilities be attempted without an <br /> assessment of the potential impact to the production network. <br /> Overall Client Responsibilities: <br /> • Client will provide security clearance and access to facilities, as required. This includes badges, user accounts, passwords, <br /> access cards and parking privileges.Any required network passwords will be provided to our technical resources and/or <br /> have an available resource to enter them at the time of the installation. <br /> • Client will provide Internet access for CIT engineers for the duration of the project. <br /> • Client will ensure accuracy of data/information supplied to CIT. <br /> • Client understands that CIT relies on immediate clarification and resolution regarding the integrity of data/information <br /> supplied to CIT. <br /> • CIT will require timely delivery of information from Client. This information includes, but is not limited to user names, <br /> extensions, map of user locations, and other pertinent information. <br /> • Client will provide a single point of contact for project coordination with CIT. <br /> • Client will be responsible for notifying users of any downtime they may experience during the course of the engagement. <br /> • Client will provide a list of key contacts and IT staff designated to support and/or assist CIT in the project prior to the kick- <br /> off meeting; including: Name, Title, Responsibility, Phone&E-mail wherever possible. <br /> • Client will provide any support related to the hardware and software being considered for inclusion in the design <br /> • Client will furnish CIT technical resources with requested information and data on Client operations, activities and existing <br /> systems, as required to achieve the project goals and provide CIT personnel with sufficient security access to said systems <br /> and facilities at all reasonable times during the performance of the Services. <br /> • Client shall provide network access as needed for the project(e.g., administrator access to servers included in scope, <br /> Internet access(FTP, HTTP), access to server consoles,etc.). <br /> *Client understands that any items listed under"Client Responsibilities"that are not in place or functioning when CIT <br /> engineers are onsite,that Client will be billed outside this statement of work for additional time needed. <br /> Completion Criteria: Carolinas IT will have fulfilled its obligations under this SOW upon completion of delivery of reports outlined in <br /> the Deliverables and Closing section of this SOW. <br /> Acceptance of Services: Upon completion of the Services/Tasks outlined under the Carolinas IT Responsibilities section(s)and <br /> any subsequent change orders, Carolinas IT shall request that the Client sign the Acknowledgement of Completion section of this <br /> work order indicating such completion and requesting Client's written acceptance of the Services. The Client shall promptly review <br /> the notification and provide a written response. If the Client's response indicates that Carolinas IT has not satisfactorily completed <br /> the Services/Tasks as outlined in the document and/or any subsequent change orders,the parties will meet and use good faith to <br /> resolve the issues. If the Client does not respond in writing within twelve (12)business days of receipt of Carolinas IT's notice,then <br /> the Services will be deemed accepted. <br /> Non-Disclosure Notice:This SOW includes information that cannot be disclosed outside of Client and will not be duplicated, used, <br /> or disclosed, in whole or in part, for any purpose other than to evaluate this SOW.To the extent permitted by North Carolina law, <br /> Client agrees not to reveal any of its contents to anyone not directly responsible for its evaluation without first obtaining the express <br /> written consent of CAROLINAS IT. This restriction does not limit Client's right to use information contained in this proposal if it is <br /> obtained from another source without restrictions or if already known to Client. <br /> Project Costs: This is a fixed fee engagement. Customer is responsible paying 50%of the total fee prior to the start of the project, <br /> with the balance being billed net 30-days upon completion of the annual on-site report. <br /> Should unexpected issues be discovered that could change the scope of the project, Client and CIT will jointly review the project <br /> status. Changes in services requirements to this SOW shall be approved in writing by the Client, and will be billed at CIT's T& M <br /> published rates. A copy of the Change Order is attached, (Appendix A-1). <br /> Scheduling: Project scheduling will typically occur within seven (7)to ten (10)working days after the signed Statement of Work and <br /> deposit(if applicable)has been received by Carolinas IT. <br /> 792094c7-3c00-42b2-aa97-9219813651e8.docx <br /> Page 2 of 4 11/20/2017 <br />
The URL can be used to link to this page
Your browser does not support the video tag.