Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release.
Appears in 45 contracts
Sources: Participation Agreement, Participation Agreement, Participation Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release. Applications and systems that cannot be patched within this time frame due to significant operational reasons must have compensatory controls implemented to minimize risk until the patches can be installed. Applications and systems that cannot be patched must have compensatory controls implemented to minimize risk, where possible.
Appears in 13 contracts
Sources: Participation Agreement, Participation Agreement, Standard Services Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS CDPH PHI or PI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release.
Appears in 4 contracts
Sources: Standard Agreement Amendment, Standard Agreement Amendment, Service Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI PSCI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release.
Appears in 4 contracts
Sources: Standard Agreement, Mental Health Performance Agreement, Standard Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 thirty (30) days of vendor release.
Appears in 1 contract
Sources: Memorandum of Understanding
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI Pl must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release.
Appears in 1 contract
Sources: Provider Participation Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release.
Appears in 1 contract
Sources: Administrative Services Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI PSCI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release.release.β
Appears in 1 contract
Sources: Contract Agreement
Patch Management. All workstations, laptops and other systems that process and/or store DHCS PHI or PI must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 1 contract
Sources: Data Use Agreement