Common use of Security Administrator and Authorized Users Clause in Contracts

Security Administrator and Authorized Users. Grantee shall: i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have a security policy that ensures adequate system security and protection of confidential information. iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will: a. Ensure that access to CMBHS System is restricted to only currently authorized users. b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System. c. Maintain the CMBHS Authorized Users List which includes former and r any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated. iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇. v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days. vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise: a. I System; and b. Update records on a daily basis to reflect any changes in account status.

Security Administrator and Authorized Users. Grantee shall: i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have a security policy that ensures adequate system security and protection of confidential information. iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will: a. Ensure that access to CMBHS System is restricted to only currently authorized users. b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System. c. Maintain the CMBHS Authorized Users List which includes former and r any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated. iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇. v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days. vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise: a. I responsibilities that affects System; and b. Update records on a daily basis to reflect any changes in account status.

Security Administrator and Authorized Users. Grantee shall: i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have a security policy that ensures adequate system security and protection of confidential information. iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will: a. Ensure that access to CMBHS System is restricted to only currently authorized users. b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System. c. Maintain the CMBHS Authorized Users List which includes former and r current Grantee’s employees, contracted labor, subcontractors or any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated. iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇. v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days. vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise: a. I Immediately modify access when there is a change in a user’s job responsibilities that affects the user’s need for access to CMBHS System; and b. Update records on a daily basis to reflect any changes in account status.

Security Administrator and Authorized Users. Grantee shall: i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have a security policy that ensures adequate system security and protection of confidential information. iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will: a. Ensure that access to CMBHS System is restricted to only currently authorized users. b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System. c. Maintain the CMBHS Authorized Users List which includes former and r any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated. iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇. v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days. vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise: a. I Immediately m System; and b. Update records on a daily basis to reflect any changes in account status.

Security Administrator and Authorized Users. Grantee shall: i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have a security policy that ensures adequate system security and protection of confidential information. iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will: a. Ensure that access to CMBHS System is restricted to only currently authorized users. b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System. c. Maintain the CMBHS Authorized Users List which includes former and r any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated. iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇. v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days. vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise: a. I System; and b. Update records on a daily basis to reflect any changes in account status.

Security Administrator and Authorized Users. Grantee shall: i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have a security policy that ensures adequate system security and protection of confidential information. iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will: a. Ensure that access to CMBHS System is restricted to only currently authorized users. b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System. c. Maintain the CMBHS Authorized Users List which includes former and r , contracted labor, subcontractors or any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated. iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇. v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days. vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise: a. I System; and b. Update records on a daily basis to reflect any changes in account status.

Security Administrator and Authorized Users. Grantee shall: i. Designate Contractor shall designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current. ii. Have Contractor shall have a security policy that ensures adequate system security and protection of confidential information. iii. Notify Contractor shall notify the CMBHS Help Desk Help-desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will:. a. Ensure a) Contractor shall ensure that access to CMBHS System is restricted to only currently authorized users. b. Within . Contractor shall, within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS SystemCMBHS. c. Maintain b) Contractor shall maintain the CMBHS Authorized Users List which includes former and r current Contractor’s employees, contracted labor, subcontractors or any other users authorized to have access to secure data in CMBHS SystemCMBHS. The CMBHS Authorized Users List shall document whose authority has been added and terminated, ; and the date the authority was added and terminated. iv. Submit c) Contractor shall electronically submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List bi-annually (September 15th and March 15th ), or as stated in Attachment Athe program attachment, to the following e-mail address: ▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇▇.▇▇▇▇▇.▇▇.▇▇. v. Continually d) Contractor shall continually maintain the current CMBHS Authorized Users List on file and make available to System Agency DSHS upon request within five (5) business days. vi. Immediately e) Contractor shall immediately block access to CMBHS System of any person who should no longer have access to CMBHS SystemCMBHS, due to severance of employment with Grantee Contractor or otherwise:, a. I System; and b. Update f) Contractor shall immediately modify access when there is a change in a user’s job responsibilities that affects the user’s need for access to CMBHS, and update records on a daily basis to reflect any changes in account status.