Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 16 contracts
Sources: Digital Health Solution Services Agreement, Subordinate Contract for Unarmed Security Guard Services, Contract for Behavioral Health System Transformation
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 thirty (30) calendar or business days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 13 contracts
Sources: Agreement for Provision of Recovery Residence Services, Agreement for Provision of Recovery Residence Services, Agreement for Provision of Recovery Residence Services
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 thirty (30) days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 12 contracts
Sources: Contract for Provision of Medi Cal Mental Health Managed Care Psychiatric Inpatient Hospital Services, Contract for Provision of Recovery Education Institute Services, Contract for Provision of Medi Cal Mental Health Managed Care Psychiatric Inpatient Hospital Services
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which that determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 thirty (30) days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 4 contracts
Sources: Contract No. Ma 042 20011019 for Hiv Care Services, Contract for Hiv Care Services, Contract for Hiv Care Services
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory havecompensatory controls implemented to minimize risk, where possible.
Appears in 1 contract
Sources: Language Interpretation and Translation Services Contract
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 thirty (30) days of vendor release. Applications and systems that cannot be patched due to operational 8 of 14 EXHIBIT B reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 1 contract
Sources: Agreement for Provision of Drug Medi Cal Narcotic Replacement Therapy Treatment Services
Patch Management. All workstations, laptops and other systems that process and/or store 4 PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits 5 on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk 6 assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 7 thirty (30) days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 1 contract
Sources: Master Agreement for Provision of Adult Mental Health Inpatient Services
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits 16 on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There 17 must be a documented patch management process which that determines installation timeframe based on risk 18 assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release. Applications and systems that cannot be patched due to operational reasons 19 must have compensatory controls implemented to minimize risk, where possible.
Appears in 1 contract
Sources: Rental Assistance Program Services
Patch Management. All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR CITY or CONTRACTOR CITY creates, receives, maintains, or transmits on behalf of COUNTY must have critical security patches applied, with system reboot if necessary. There must be a documented patch management process which determines installation timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable patches must be installed within 30 days of vendor release. Applications and systems that cannot be patched due to operational reasons must have compensatory controls implemented to minimize risk, where possible.
Appears in 1 contract
Sources: Memorandum of Understanding