Version date: 12/22/2021 10:30:27 am

Information System Resources User Security Agreement

Rev. 12/22/2021

I understand that all the client information contained on Kansas Department for Aging and Disability Services (KDADS) computer systems/or any other agency's computer systems to which I have access is confidential. I agree not to copy and/or disclose any information regarding persons who have applied for, have received, or who are receiving public assistance, other benefits or services from KDADS to any unauthorized groups or individual; or to any person for any purpose other than the administration of the KDADS programs using these computer systems.

I also agree to protect all information available to me through interfaces with other agencies, whether the information is on the KDADS computer systems via direct computer access; from hard copy documents; or other means of communication. This includes but is not limited to information from the Internal Revenue Service, the Social Security Administration and the Kansas Departments of Labor, Health and Environment, Revenue and Administration.

I understand and will comply with the applicable requirements of federal and state laws and regulations protecting the confidentiality, integrity and availability of protected health information including, but not limited, to the following laws and their implementing regulations:

  • The federal Health Insurance Portability and Accountability Act of 1996, as amended ("HIPAA");
  • The American Reinvestment Act of 2009, as amended (the "HITECH ACT"); and
  • The federal confidentiality law found at 42 U.S.C. 290dd-2, as amended, and its implementing regulations contained in 42 C.F.R. Part 2 governing the confidentiality of alcohol and drug abuse patient records.

I understand that I may only use Information System Resources for those specific functions for which I have been authorized.

I understand that the password(s) I create is or are confidential, may not be shared, and shall be used only by myself. If I suspect anyone else has knowledge of my password, I will report it immediately to my supervisor and to KDADS HELP DESK and will change my password at that time.

I understand whenever I leave my workstation I must sign-off my personal computer or I must invoke a password protected screen saver with a screen lock to prevent unauthorized access by moving the mouse or using the keyboard.

I understand I must change my password(s) at least every 180 days.

I have read this entire document and agree to abide by its terms.

I also understand that any violation of this agreement may result in disciplinary action which may include discharge.

Furthermore, I understand that I may be prosecuted if I knowingly and intentionally use any KDADS' computer systems/or any other agency's computer systems I access for fraudulent or other unlawful purposes.

I further agree to comply with KDADS' security, computer, HIPAA or confidentiality policies, procedures and other requirements, as presently existing, or which may be hereinafter created and/or amended.

I further agree to "encrypt" any emails that are sent outside of the KDADS which may contain protected health information.

Policy: Password Management and Provisions

Where users belong to any Administered KDADS system, their password settings are to meet the following:

  • Passwords will be constructed with the following requirements:
    • Individually owned
    • Kept confidential and not shared with other users
    • Changed whenever disclosure has occurred or may have occurred
    • Changed significantly (i.e., not a minor variation of the current password)
    • Changed at least every 180 days
    • Cannot be changed more frequently than once every one (1) day without system administration intervention
    • Contain a minimum of 12 and a maximum of 20 characters
    • Contain at least one of each of the following: a number, an upper case letter, a lower case letter, and a special character
  • Passwords must NOT:
    • Be repeated for at least 24 cycles of change
    • Include repeating sequences of letters or numbers ( e.g. rrr, 123123)
    • Include names of persons, places, or things that can be closely identified with the user (i.e., spouse, children or pet names)
    • Include any spaces
    • Include the user ID
    • Include words that can be found in a dictionary
    • Be displayed during the entry process
    • Be written down and displayed in an obvious place such as under a keyboard
    • Be the same for all systems that the user accesses
    • Be stored in any file program, command list, procedure, macro or script where it is susceptible to disclosure or use by anyone other than its owner.

Mobile Device Policy

  • The use of mobile and portable computing devices (PDA's, smart phones, cell phones, etc.) will be restricted and may only occur where documented appropriate authorization has first been provided.
  • Where possible, the use of these devices will be actively monitored and their access to information systems strictly controlled.
  • Data deemed sensitive or confidential to the agency, per agency policy or pursuant to any state or federal statute(s) or regulation(s), will be encrypted while at rest on portable electronic devices.
  • Where possible, verified and current encrypted tunnels must be used for all electronic confidential data transmissions.
  • Where encrypted tunnels cannot be used for electronic confidential data transmissions, confidential data must be directly encrypted prior to transmission.
Please complete the following, then press 'Submit Request' to save your request. Press 'Close Window' when complete.

If you already have access to any of the KDADS web applications you do NOT need to submit another security agreement via this new electronic format released on November 1, 2012.


First

MI

Last

   

Do Not Use the Business Abbreviation or Acronym


  • When selecting Other, please include the requested application(s) in the Specific Application Request field below.
  • For KAMIS access, please indicate the roles required or job duties in the Specific Application Request field below.
  • For KOTA access, please include your Facility ID number(s) in the Specific Application Request field below.
  • Specific Application Request:
    Please indicate the KDADS application(s) for which you are requesting authorization.
    0 of 1000
    Contact Information:
    KDADS HELP DESK, Information Services Division
    New England Building
    503 Kansas Ave.
    Topeka, KS 66603             Fax: (785)-296-0256
    For assistance: KDADS.HelpDesk@ks.gov
    Phone: (785) 296-4987
    03/22/2023 01:53:55