To: Board of Supervisors
From: Anna Roth, Health Services Director
Report Title: Purchase Order with Solutions Simplified
?Recommendation of the County Administrator ? Recommendation of Board Committee
RECOMMENDATIONS:
APPROVE and AUTHORIZE the Purchasing Agent, or designee, to execute on behalf of the Health Services Director, a purchase order with Solutions Simplified, in an amount not to exceed $912,000 for the purchase of Zscaler internet traffic protection software and services, and an agreement with Zscaler, Inc. for the period from July 1, 2024 through June 30, 2027.
FISCAL IMPACT:
Approval of this action will result in expenditures of up to $912,000 over a three-year period and will be funded by Hospital Enterprise Fund I revenues.
BACKGROUND:
1. Contra Costa Health (CCH) firewalls provide limited monitoring of internet traffic, which can lead to firewalls running at 80% utilization. This creates increased risk of undetected "bad" internet activity that CCHS cannot monitor or respond to.
2. CCH is a Covered Entity and required to comply with the HIPAA Security Rule to identify and manage its resources as part of maintaining compliance. This includes the following specific requirements:
* ? 164.312(b): Audit controls (Required). Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.
* ? 164.308(a)(1)(ii)(D): Information system activity review (Required). Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.
On January 10, 2024 the Purchasing Agent approved the use of Simplified Solutions.
Approval of this End User Service Agreement (EUSA) allows Zscaler to provide services through June 30, 2027. The agreement limits the liability of Zscaler to the amount paid by the County in the twelve (12) months preceding any claim, except for claims arising out of a breach of ...
Click here for full text