The URL can be used to link to this page

Home My WebLink About*Other - New Hope DV/SAJune 13, 2023 Board of Grant County Commissioners PO Box 37 Ephrata, WA 98823 L,V 6ttk 'V�� JUN 1 1 2023 CONSEN RE: Signature for DSHS Agreement Number 2363-48637 Dear Board of County Commissioners: Please see attached agreement for review and approval. Contractor: Department of Social and Health Services Term of Contract: 7.01.2023 through 6.30.204 Purpose: This agreement is to renew our work with DSHS with Workfirst for a new contract year. No changes from years past. Amount: $31,000 Suzi Fode is requesting permission to Docu-Sign electronically with the contractor. Thank you for your consideration, Suzi Fode, Director Kids Hope and New Hope K23-138 II DSHS Agreement Number rgas",°g'°° S'af� COUNTY PROGRAM AGREEMENT � Department of Social 2363-48637 7 &Health Services WorkFirst Family Violence Services Transforming lives This Program Agreement is by and between the State of Washington Administration or Division Department of Social and Health Services (DSHS) and the County identified Agreement Number below, and is issued in conjunction with a County and DSHS Agreement On General Terms and Conditions, which is incorporated by reference. County Agreement Number DSHS ADMINISTRATION DSHS DIVISION DSHS INDEX NUMBER DSHS CONTRACT CODE Economic Services Community Services Division 1221 3000CC-63 Administration DSHS CONTACT NAME AND TITLE DSHS CONTACT ADDRESS Johnna Boren 8517 E Trent Ave Suite 202 WorkFirst Coordinator Spokane Valley, WA 99212 DSHS CONTACT TELEPHONE DSHS CONTACT FAX DSHS CONTACT E-MAIL 509 202-7772(509)921-2458 johnna.boren@dshs.wa.- COUNTY NAME -----ov COUNTY ADDRESS Grant County 1038 W Ivy Ave New Hoe Moses Lake, WA 98837 COUNTY FEDERAL EMPLOYER IDENTIFICATION COUNTY CONTACT NAME NUMBER SUZI FOCI@ COUNTY CONTACT TELEPHONE COUNTY CONTACT FAX COUNTY CONTACT E-MAIL 509 764-8402 sfode@grantcountywa.gov IS THE COUNTY A SUBRECIPIENT FOR PURPOSES OF THIS PROGRAM ASSISTANCE LISTING NUMBERS AGREEMENT? No PROGRAM AGREEMENT START DATE PROGRAM AGREEMENT END DATE MAXIMUM PROGRAM AGREEMENT AMOUNT 07/01/2023 06/30/2025 $31,000.00 EXHIBITS. When the box below is marked with an X, the following Exhibits are attached and are incorporated into this County Program Agreement by reference: Exhibits (specify): Exhibit A -Data Security Requirements Exhibit B -Statement of Work; Exhibit C -Monthly Report plus Attachment 1: TANF Family Violence Service Plan (sample) ❑ No Exhibits. The terms and conditions of this Contract are an integration and representation of the final, entire and exclusive .understanding between the parties superseding and merging all previous agreements, writings, and communications, oral or otherwise, regarding the subject matter of this Contract. The parties signing below represent that they have read and understand this Contract, and have the authority to execute this Contract. This Contract shall be binding on DSHS only upon signature b DSHS. COUNTY SIGNATURE(S) PRINTED NAME(S) AND TITLE(S) DATE(S) SIGNED DSHS SIGNATURE PRINTED NAME AND TITLE DATE SIGNED Alice Hildebrant, Contracts Officer DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 1 1. Definitions. The words and phrases listed below, as used in this Contract, shall each have the following definitions: a. "CSD" means the DSHS, Economic Services Administration (ESA) Community Services Division (CSD). b. "Data" means any Personal Information, and/or other information accessed and gained while providing services in association with this Contract. c. "ESA" means the DSHS Economic Services Administration. d. "TANF" means Temporary Assistance for Needy Families. e. "WorkFirst Program" means Washington State's program to assist recipients of Temporary Assistance for Needy Families (TANF) to meet their goals and provide well-being for their family. f. "DSHS Contact" means the DSHS Contact listed on page one (1) of this Contract. g. "Personnel" means the Contractor's employees, or subcontractors employees and or volunteers. 2. Purpose. The purpose of this Contract is as set forth in attached Exhibit(s). 3. statement of Work. The Contractor shall provide the services and staff, and otherwise do all things necessary for or incidental to the performance of work, as set forth in the attached Exhibit(s) . 4. Consideration. Total consideration payable to Contractor for satisfactory performance of the work under this Contract, shall be paid in accordance with the fees set forth in the attached Exhibit(s). Total consideration payable for the contract period to the Contractor for satisfactory work performance including any and all expenses under this Contract is up to a maximum of $ 311000. Unspent funds designated for any State Fiscal Year shall remain unspent and may not be carried forward into the following State Fiscal Year. Consideration payable per State Fiscal Year: State Fiscal Year 2024 (July 1, 2023 through June 30, 2024) _ $ 31,000 DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 2 State Fiscal Year 2025 (July 1, 2024 through June 30, 2025) _ $ 0 5. Billing and Payment. a. Invoice System. The Contractor shall submit invoices using State Form A-19 Invoice Voucher, or such other form as designated by DSHS. Consideration for services rendered shall be payable upon receipt of properly completed invoices, which shall be submitted to the DSHS Contact. The Contractor shall submit one (1) invoice for each month. Invoices must be received by the DSHS Contact no later than thirty (30) calendar days after the last day of each month. The invoices shall describe and document to DSHS' satisfaction a description .of the work performed, activities accomplished, and fees. b. Payment. Payment shall be considered timely if made by DSHS within thirty (30) days after receipt and acceptance by DSHS of the properly completed invoices. Payment shall be sent to the address designated by the Contractor on page one (1) of this Contract. DSHS may, at its sole discretion, withhold payment claimed by the Contractor for services rendered if Contractor fails to satisfactorily comply with any term or condition of this Contract. 6. Child Abuse and Health and Safety Concerns. In the delivery of services under this Contract, the health and safety of children and vulnerable adults shall always be the first concern of the Contractor. The Contractor shall immediately report all instances of suspected child or vulnerable adult abuse to Child Protective Services at 1 -866 -END HARM. 7. Fraud Reporting. The Contractor shall report any knowledge of welfare fraud by calling 1-800-562-6906 or online at Web Referral - FITT (wa,gov) 8. Contractor Information. The Contractor shall forward to the DSHS Contact (or successor) within ten (10) working days, any information concerning the Contractor's change of circumstances. Changes in the Contractor's circumstances include change of business name, address, telephone number, fax number, e-mail address, business status and names of staff who are current state employees. 9. Contract Suspension. DSHS may take certain actions in the event the Contractor, or any of its partners, officers, directors, or employees, is investigated by a local, county, state or federal agency, for a matter which DSHS determines may adversely affect the delivery of services provided under this Contract. DSHS may, without prior notice, either suspend the delivery of services or disallow the person(s) involved in the allegation(s) from providing services or having contact with clients pending final resolution of the investigation. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 3 10. Criminal History Background Checks. a. The Contractor Must: (1) Have current Background checks on file for any employee, subcontractor and/or volunteer, who will provide direct, one-on-one services to DSHS clients under this contract. Require a DSHS executed criminal background check for each employee and volunteer who will provide direct, one-on-one services to DSHS clients under this contract. The Contractor will obtain a DSHS Background Check Authorization form 09-653 provided by the DSHS Contract Contact listed on page one (1) of this contract, or their designee. Email or fax the Background Check Authorization form to the DSHS Contact, or their designee. (2) Require if the employee has lived outside of the State of Washington at any time during the past three (3) years, an FBI background check to be completed which requires that the employee be fingerprinted. (3) Verify that for personnel who have a criminal record that the crime is not "disqualifying" as described on the DSHS Secretary's List of Crimes & Negative Actions. DSHS will provide the Contractor with the DSHS Secretary's List of Crimes & Negative Actions. Personnel with a disqualifying crime are prohibited from providing direct, one-on-one services to DSHS clients under this contract. The Contractor can review what crimes are "disqualifying" as listed in the following link to the DSHS Secretary's List of Crimes & Negative Actions. (4) Provide the DSHS contract contact listed on page one (1) of this contract, or their designee, with a list of employees, subcontractors and/or volunteers who will be providing direct, one-on-one services to DSHS clients and have successfully passed a Criminal Background check. Send an updated list to the DSHS contract contact, or their designee, when there are changes in personnel providing.direct, one-on-one client services under this contract. b. The DSHS Contract Contact, or their designee, will receive the background check results and will determine if the applicant "passed" the background check. DSHS will notify the Contractor if Contractor staff or volunteers: (1) Have a record of disqualifying crime(s). The Contractor shall not hire or retain, directly or by contract, any individual having direct contact with vulnerable adults to work under this contract if the individual has a record of disqualifying crime(s). (2) In the case of an employee or volunteer having a record of a past crime that is not a disqualifying crime, the Contractor will need to consider character, competence, and suitability of this individual. The Contractor would then weigh the risks before allowing them to have unsupervised access to DSHS clients. c. Copy of Criminal Background Check result is not provided to the Contractor. Criminal Background Check results are kept confidential between DSHS and the Contractor's staff or volunteers. d. Background check results will remain in effect for the period of performance of the contract. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 4 e. The Contractor shall conditionally employ an individual without allowing said individual to have direct one-on-one contact with vulnerable adults pending completion of a Criminal Background Check. f. Provide background check information to DSHS upon request and/or during contract monitoring activities. 11. Notice of Nondisclosure. The Contractor shall: a. Ensure each employee, volunteer, etc. who will have access to client confidential information signs an "ESA Nondisclosure of Confidential Information Agreement — Non -Employee" (hereafter, referenced as "Nondisclosure form") provided by DSHS when a new contract is issued and signed annually thereafter. b. Remind employees, volunteers, etc. annually of DSHS nondisclosure requirements. c. Retain copies of all signed nondisclosure forms on file for monitoring purposes and must be made available for DSHS review upon request. d. DSHS will only grant access to client confidential data as required to provide services under this contract. e. Take precautions to secure against unauthorized physical and electronic access to client data in a manner to prevent unauthorized access persons, including the public, from retrieving data by means of computer, remote terminal, or other means. f. Take note that violations of the nondisclosure provisions of this contract may result in criminal or civil penalties. Violation is a gross misdemeanor under RCW 74.04.060, punishable by imprisonment of not more than one year and/or a fine not to exceed five thousand dollars. Sanctions also may apply under other state and federal law, including civil and criminal penalties for violations of the HIPAA Privacy and Security rules. 12. Data Sharing - Access to eJAS. a. Data Access. The Contractor shall limit access to DSHS data to authorized personnel whose duties specifically require access to such data in the performance of their assigned duties. b. Description of Data. (1) Data Elements. Client's personal data including but not limited to: (a) Name. (b) Date of birth. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 5 (c) Social security number. (d) Address. (e) Household composition. (f) Employer and wage information. (o) Component history, not including confidential components such as family violence, chemical dependency, mental health, and H|\8A|[)G. (h) Individual Responsibility Plans (IRP's). (i) eJASnotes, not including notes pertaining toconfidential information pertaining tofamily violence, chemical dependenoy, mental health, and HIV/AIDS. o. Frequency and time foarno(s)for data disclosure orexchange. Contractor will have daily eooeaa to eJA8 for the duration of the Contract. d. Access toeJAG. (1)The eJA8access level for the personnel will boesauthorized by[)GHS. (2) The Contractor shall access eJAS through on-line personal computers attached tooLocal Area Network (LAN)ordial-up connection onasecured Internet connection. All transactions shall besecured through the Washington State Fortress server. (3) The Contractor shall provide the IDGHSContact elist ofpersonnel that will have access to[)SH8client data and orwill have access toeJAS. (a) The Contractor mhe|| provide this information within one month after the Contract start date. (b) If there one any changes to this list, within ten (1O) business days, the Contractor shall provide the [}SHS Contact an updated list. (o) The Contractor shall contact the [)8H8 Contact whenever they need to increase the number oftheir staff that are granted access toeJA8. e. The Contractor shall notify the [}SHS Contact when any personnel with access to [)SHS client data is terminated from employment or when their duties no longer require access to [)8H8 client data. f. The Contmatoroha|| provide staff with appropriate privacy and confidentiality training and ensure staff, contractors, and subcontractors read and sign ESA Nondisclosure of Confidential Information AgreeyMent~~ Non Employee forDl, prior to initial access and annually thereafter. The IDSHS Contact, or their designee, will provide the Contractor with the form. oo*oCentral Contract Services o017oFCounty Program Agreement U0m1-2017l (1) The Contractor shall retain the original signed copies of the forms for their records. (2) Upon DSHS request, the Contractor shall provide DSHS with copies of the signed forms. g. DSHS reserves the right to revoke, at any time, an individual's authorization to access information. DSHS shall send a written Notice Termination of Access, effective no later than date of receipt, to the effected individual. Such notice shall be made by certified mail. h. The Contractor or their personnel may not release any DSHS data to any other agency or person without the specific written consent of the client. Unauthorized disclosure of data is a gross misdemeanor, punishable by law. The Contractor is subject to the same standards and laws of confidentiality as is DSHS. 13. Data Confidentiality. All data within eJAS belongs to DSHS. The contractor shall not use, publish, transfer, sell or otherwise disclose any Confidential Information gained for any purpose that is not directly connected with the purpose of this Contract set out in the Special Terms and Conditions except with the prior written consent of DSHS. 14. Data Breach. Specific to this Agreement if any employee becomes aware of compromise or potential compromise of Confidential Information, the employee must immediately contact the ESA Privacy Officer and Security Contact (DSHS: dshsprivacyofficer@dshs.wa.gov and ESA: esadsa@dshs.wa.gov) within one (1) business day of discovery. The notifying party must also take actions to mitigate the risk of loss and comply with any notification or other requirements imposed by law. 15. tie -disclosure of Data. The data to be shared under this Contract is confidential and is subject to state and federal confidentiality requirements and all confidentiality and data use terms and conditions provided in the Contract. 16. Consent. a. The Contractor must obtain and retain a valid written consent form signed in advance by the client that allows DSHS to share information with the Contractor. The form must meet the DSHS authorization standards, or get DSHS approval on Contractors consent language. The contractor can request the DSHS consent form 14-012(x) from the DSHS contact. b. The Contractor must retain copies of the signed application and consent form(s) on file in either an electronic format, hardcopy format, or both for monitoring purposes. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 7 Contractor must make these forms available to DSHS Contact upon request. c. The Contractor agrees not to access any other clients' data in eJAS who hasn't applied for Contractor's services or who have not signed a consent. 17. Contract Monitoring. The Contractor's records related to this Contract will be reviewed for compliance with terms and conditions. DSHS reserves all other rights of inspection as provided in the General Terms and Conditions of the Contract. 18. Subcontracting. The Contractor is prohibited from subcontracting services under this contract. 19. Interpretation and Translation Services. The Contractor shall provide interpreter and translation services as necessary to perform the obligations of this Contract, and DSHS shall not reimburse the Contractor for the use of interpreter or translation services, except if specifically stated in an Exhibit of this Contract. 20. Participant Referrals. DSHS, at its sole discretion, shall refer participants to the Contractor on an as -needed basis, and does not guarantee any participants shall be referred to the Contractor during the period of performance of this Contract. DSHS reserves the right to withdraw any participant(s) referred to the Contractor. 21. Insurance The Contractor shall obtain and maintain for the duration of the Contract, at Contractor's expense, the following insurance coverages, and comply with the following insurance requirements. a. General Liability Insurance The Contractor shall maintain Commercial General Liability Insurance or Business Liability Insurance, no less comprehensive than coverage under Insurance Service Offices, Inc. (ISO) form CG 00-01, including coverage for bodily injury, property damage, and contractual liability. The amount of coverage shall be no less than $1,000,000 per occurrence and $2,000,000 General Aggregate. The policy shall include liability arising out of the parties' performance under this Contract, including but not limited to premises, operations, independent contractors, products -completed operations, personal injury, advertising injury, and liability assumed under an insured contract. The State of Washington, Department of Social & Health Services (DSHS), its elected and appointed officials, agents, and employees of the state, shall be named as additional insureds. b. In lieu of general liability insurance mentioned in Subsection a. above, if the Contractor is a sole proprietor with less than three contracts, the contractor may DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 8 choose one of the following three general liability policies, but only if attached to a professional liability policy. If selected the policy shall be maintained for the life of the contract: Supplemental Liability Insurance, including coverage for bodily injury and property damage, that will cover the contractor wherever the service is performed with minimum limits of $1,000,000 per occurrence; and $2,000,000 General Aggregate. The State of Washington, DSHS, its elected and appointed officials, agents, and employees shall be named as additional insureds; or Workplace Liability Insurance, including coverage for bodily injury and property damage that provides coverage wherever the service is performed with minimum limits of $1,000,000 per occurrence; and $2,000,000 General Aggregate. The State of Washington, DSHS, its elected and appointed officials, agents, and employees shall be named as additional insureds: or Premises Liability Insurance if services are provided only at their recognized place of business, including coverage for bodily injury, property damage with minimum limits of $1,000,000 per occurrence; and $2,000,000 General Aggregate. The State of Washington, DSHS, its elected and appointed officials, agents, and employees shall be named as additional insureds. c. Workers' Compensation The Contractor shall comply with all applicable Workers' Compensation, occupational disease, and occupational health and safety laws and regulations. The State of Washington and DSHS shall not be held responsible for claims filed for Workers' Compensation under Title 51 RCW by the Contractor or its employees under such laws and regulations. d. Employees and Volunteers Insurance required of the Contractor under the Contract shall include coverage for the acts and omissions of the Contractor's employees and volunteers. In addition, the Contractor shall ensure that all employees and volunteers who use vehicles to transport clients or deliver services have personal automobile insurance and current driver's licenses. e. Subcontractors The Contractor shall ensure that all subcontractors have and maintain insurance with the same types and limits of coverage as required of the Contractor under the Contract. Failure of Subcontractors to comply with the insurance requirements in this Contract does not limit the Contractor's liability or responsibility. f. Separation of Insureds DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 9 All insurance policies shall include coverage for cross liability and contain a "Separation of Insureds" provision. g. Insurers The Contractor shall obtain insurance from insurance companies identified ooen admitted inourer/oerherin the State of Washington, with e current Best's Reports' rating of A-, Class VI I, or better. h. Evidence of Coverage The Contractor shall, upon request byDSHG`submit ocopy of the Certificate of Insurance, policy, and additional insured endorsement for each coverage required of the Contractor under this Contract. The Certificate ofInsurance shall identify the Washington State Department ofSocial and Health Services as the Certificate Holder. A duly authorized representative of each insurer, showing compliance with the insurance requirements specified inthis Contract, shall execute each Certificate The Contractor shall maintain copies of Certificates of Insurance, policies, and additional insured endorsements for each subcontractor asevidence that each subcontractor maintains insurance eorequired bvthe Contract. i. Material Changes The insurer shall give the DSHS point of contact listed onpage one of this Contract 45 days advance written notice of cancellation ornon-renewal ofany insurance policy required under this Contract. Ifcancellation iadue tonon-payment of premium, the insurer shall give D8H81Udays advance written notice ofcancellation. Failure to provide notice as required may result in termination of the Contract. Waiver of Subrogation Contractor waives all rights of subrogation against D8HS for the recovery of damages to the extent such damages are or would be covered by insurance required under the Contract. Contractor agrees to obtain any endorsement that may be necessary toaffect this waiver ofsubrogation, but this provision applies whether or not DSHS receives the waiver of subrogation endorsement from the insurer. k. Coverage Limits By requiring insurance, the State of Washington and DSHSdonot represent that the coverage and limits required in this Contract will be adequate to protect the Contractor. Such coverage and limits shall not limit the Contractor's liability in excess of the required coverage and limits, and shall not limit the Contractor's liability under the indemnities and reimbursements granted to the State and DSHS in this 1. Primary Coverage All Contractor's insurance provided incompliance with this Contract shall be primary DSHS Central Contract Services 60n7oFCounty Program Agreement (10-31-2017) and shall not seek contribution from insurance or self-insurance programs afforded to or maintained by the State. Insurance or self-insurance programs afforded to or maintained by the State shall be in excess of, and shall not contribute with, insurance required of the Contractor and Subcontractors under this Contract. m. Waiver The Contractor waives all rights, claims and causes of action against the State of Washington and DSHS for the recovery of damages to the extent said damages are covered by insurance maintained by Contractor. n. Liability Cap Any limitation of liability or liability cap set forth in this Contract shall not preclude DSHS from claiming under any insurance maintained by the Contractor pursuant to this Contract, up to the policy limits. o. Business Automobile Liability Insurance The Contractor shall maintain a Business Automobile Policy on all vehicles used to transport clients, including vehicles hired by the Contractor or owned by the Contractor's employees, volunteers or others, with the following minimum limits: $1,000,000 per accident combined single limit. The Contractor's carrier shall provide DSHS with a waiver of subrogation or name DSHS as an additional insured. p. Professional Liability (errors &omissions) The Contractor shall maintain insurance of at least $1,000,000 per occurrence, $2,000,000 General Aggregate for malpractice or errors and omissions coverage against liability for damages because of personal injury, bodily injury, death, or damage to property, including loss of use, and damages because of negligent acts, errors, and omissions in any way related to this contract. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 11 Exhibit A — Data Security Requirements 1. Definitions. The words and phrases listed below, as used in this Exhibit, shall each have the following definitions: a. "AES" means the Advanced Encryption Standard, a specification of Federal Information Processing Standards Publications for the encryption of electronic data issued by the National Institute of Standards and Technology (hftp://nvipubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf). b. "Authorized Users(s)" means an individual or individuals with a business need to access DSHS Confidential Information, and who has or have been authorized to do so. c. "Business Associate Agreement" means an agreement between DSHS and a contractor who is receiving Data covered under the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996. The agreement establishes permitted and required uses and disclosures of protected health information (PHI) in accordance with HIPAA requirements and provides obligations for business associates to safeguard the information. d. "Category 4 Data" is data that is confidential and requires special handling due to statutes or regulations that require especially strict protection of the data and from which especially serious consequences may arise in the event of any compromise of such data. Data classified as Category 4 includes but is not limited to data protected by: the Health Insurance Portability and Accountability Act (HIPAA), Pub. L. 104-191 as amended by the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), 45 CFR Parts 160 and 164; the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. §12328; 34 CFR Part 99; Internal Revenue Service Publication 1075 (https-//www.irs.gov/pub/irs-pdf/pl075.pdf); Substance Abuse and Mental Health Services Administration regulations on Confidentiality of Alcohol and Drug Abuse Patient Records, 42 CFR Part 2; and/or Criminal Justice Information Services, 28 CFR Part 20. e. "Cloud" means data storage on servers hosted by an entity other than the Contractor and on a network outside the control of the Contractor. Physical storage of data in the cloud typically spans multiple servers and often multiple locations. Cloud storage can be divided between consumer grade storage for personal files and enterprise grade for companies and governmental entities. Examples of consumer grade storage would include iTunes, Dropbox, Box.com, and many other entities. Enterprise cloud vendors include Microsoft Azure, Amazon Web Services, and Rackspace. f. "Encrypt" means to encode Confidential Information into a format that can only be read by those possessing a "key"; a password, digital certificate or other mechanism available only to authorized users. Encryption must use a key length of at least 256 bits for symmetric keys, or 2048 bits for asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard (AES) must be used if available. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 12 g. "FedRAMP" means the Federal Risk and Authorization Management Program (see www.fedramp.gov), which is an assessment and authorization process that federal government agencies have been directed to use to ensure security is in place when accessing Cloud computing products and services. h. "Hardened Password" means a string of at least eight characters containing at least three of the following four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special characters such as an asterisk, ampersand, or exclamation point. i. ".Mobile Device" means a computing device, typically smaller than a notebook, which runs a mobile operating system, such as iOS, Android, or Windows Phone. Mobile Devices include smart phones, most tablets, and other form factors. j. "Multi -factor Authentication" means controlling access to computers and other IT resources by requiring two or more pieces of evidence that the user is who they claim to be. These pieces of evidence consist of something the user knows, such as a password or PIN; something the user has such as a key card, smart card, or physical token; and something the user is, a biometric identifier such as a fingerprint, facial scan, or retinal scan. "PIN" means a personal identification number, a series of numbers which act as a password for a device. Since PINs are typically only four to six characters, PINs are usually used in conjunction with another factor of authentication, such as a fingerprint. k. "Portable Device" means any computing device with a small form factor, designed to be transported from place to place. Portable devices are primarily battery powered devices with base computing resources in the form of a processor, memory, storage, and network access. Examples include, but are not limited to, mobile phones, tablets, and laptops. Mobile Device is a subset of Portable Device. I. "Portable Media" means any machine readable media that may routinely be stored or moved independently of computing devices. Examples include magnetic tapes, optical discs (CDs or DVDs), flash memory (thumb drive) devices, external hard drives, and internal hard drives that have been removed from a computing device. m. "Secure Area" means an area to which only authorized representatives of the entity possessing the Confidential Information have access, and access is controlled through use of a key, card key, combination lock, or comparable mechanism. Secure Areas may include buildings, rooms or locked storage containers (such as a filing cabinet or desk drawer) within a room, as long as access to the Confidential Information is not available to unauthorized personnel. In otherwise Secure Areas, such as an office with restricted access, the Data must be secured in such a way as to prevent access by non -authorized staff such as janitorial or facility security staff, when authorized Contractor staff are not present to ensure that non -authorized staff cannot access it. n. "Trusted Network" means a network operated and maintained by the Contractor, which includes security controls sufficient to protect DSHS Data on that network. Controls would include a firewall between any other networks, access control lists on networking devices such as routers and switches, and other such mechanisms which protect the confidentiality, integrity, and availability of the Data. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 13 o. "Unique User ID" means a string of characters that identifies a specific user and which, in conjunction with a password, passphrase or other mechanism, authenticates a user to an information system. 2. Authority. The security requirements described in this document reflect the applicable requirements of Standard 141.10 (https://ocio.wa.gov/policies of the Office of the Chief Information Officer for the state of Washington, and of the DSHS Information Security Policy and Standards Manual. Reference material related to these requirements can be found here: htt s://www.dshs.wa. ov/ffa/kee in -dshs-client-information- rivate-and- secure, which is a site developed by the DSHS Information Security Office and hosted by DSHS Central Contracts and Legal Services. 3. Administrative Controls. The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 14 4. Authorization, Authentication, and Access. In order to ensure that access to the Data is limited to authorized staff, the Contractor must: a. Have documented policies and procedures governing access to systems with the shared Data. b. Restrict access through administrative, physical, and technical controls to authorized staff. c. Ensure that user accounts are unique and that any given user account logon ID and password combination is known only to the one employee to whom that account is assigned. For purposes of non -repudiation, it must always be possible to determine which employee performed a given action on a system housing the Data based solely on the logon ID used to perform the action. d. Ensure that only authorized users are capable of accessing the Data. e. Ensure that an employee's access to the Data is removed immediately: (1) Upon suspected compromise of the user credentials. (2) When their employment, or the contract under which the Data is made available to them, is terminated. (3) When they no longer need access to the Data to fulfill the requirements of the contract. f. Have a process to periodically review and verify that only authorized users have access to systems containing DSHS Confidential Information. g. When accessing the Data from within the Contractor's network (the Data stays within the Contractor's network at all times), enforce password and logon requirements for users within the Contractor's network, including: (1) A minimum length of 8 characters, and containing at least three of the following character classes: uppercase letters, lowercase letters, numerals, and special characters such as an asterisk, ampersand, or exclamation point. (2) That a password does not contain a user's name, logon I D, or any form of their full name. (3) That a password does not consist of a single dictionary word. A password may be formed as a passphrase which consists of multiple dictionary words. (4) That passwords are significantly different from the previous four passwords. Passwords that increment by simply adding a number are not considered significantly different. h. When accessing Confidential Information from an external location (the Data will traverse the Internet or otherwise travel outside the Contractor's network), mitigate DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 15 risk and enforce password and logon requirements for users by employing measures including: (1) Ensuring mitigations applied to the system don't allow end-user modification. (2) Not allowing the use of dial-up connections. (3) Using industry standard protocols and solutions for remote access. Examples would include RADIUS and Citrix. (4) Encrypting all remote access traffic from the external workstation to Trusted Network or to a component within the Trusted Network. The traffic must be encrypted at all times while traversing any network, including the Internet, which is not a Trusted Network. (5) Ensuring that the remote access system prompts for re -authentication or performs automated session termination after no more than 30 minutes of inactivity. (6) Ensuring use of Multi -factor Authentication to connect from the external end point to the internal end point. Passwords or PIN codes may meet a lesser standard if used in conjunction with another authentication mechanism, such as a biometric (fingerprint, face recognition, iris scan) or token (software, hardware, smart card, etc.) in that case: (1) The PIN or password must be at least 5 letters or numbers when used in conjunction with at least one other authentication factor (2) Must not be comprised of all the same letter or number (11111, 22222, aaaaa, would not be acceptable) (3) Must not contain a "run" of three or more consecutive numbers (12398, 98743 would not be acceptable) j. If the contract specifically allows for the storage of Confidential Information on a Mobile Device, passcodes used on the device must: (1) Be a minimum of six alphanumeric characters. (2) Contain at least three unique character classes (upper case, lower case, letter, number). (3) Not contain more than a three consecutive character run. Passcodes consisting of 12345, or abcd12 would not be acceptable. k. Render the device unusable after a maximum of 10 failed logon attempts. 5. Protection of Data. The Contractor agrees to store Data on one or more of the following media and protect the Data as described: DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 16 a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. b. Network server disks. For Data stored on hard disks mounted on network servers and made available through shared folders, access to the Data will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on disks mounted to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as long as the disks remain in a Secure Area and otherwise meet the requirements listed in the above paragraph. Destruction of the Data, as outlined below in Section 8 Data Disposition, may be deferred until the disks are retired, replaced, or otherwise taken out of the Secure Area. c. Optical discs (CDs or DVDs) in local workstation optical disc drives. Data provided by DSHS on optical discs which will be used in local workstation optical disc drives and which will not be transported out of a Secure Area. When not in use for the contracted purpose, such discs must be Stored in a Secure Area. Workstations which access DSHS Data on optical discs must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. d. Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers. Data provided by DSHS on optical discs which will be attached to network servers and which will not be transported out of a Secure Area. Access to Data on these discs will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on discs attached to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. e. Paper documents. Any paper records must be protected by storing the records in a Secure Area which is only accessible to authorized personnel. When not in use, such records must be stored in a Secure Area. f. Remote Access. Access to and use of the Data over the State Governmental Network (SGN) or Secure Access Washington (SAW) will be controlled by DSHS staff who will issue authentication credentials (e.g. a Unique User ID and Hardened Password) to Authorized Users on Contractor's staff. Contractor will notify DSHS staff immediately whenever an Authorized User in possession of such credentials is terminated or otherwise leaves the employ of the Contractor, and whenever an DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 17 Authorized User's duties change such that the Authorized User no longer requires access to perform work for this Contract. g. Data storage on portable devices or media. (1) Except where otherwise specified herein, DSHS Data shall not be stored by the Contractor on portable devices or media unless specifically authorized within the terms and conditions of the Contract. If so authorized, the Data shall be given the following protections: (a) Encrypt the Data. (b) Control access to devices with a Unique User ID and Hardened Password or stronger authentication method such as a physical token or biometrics. (c) Manually lock devices whenever they are left unattended and set devices to lock automatically after a period of inactivity, if this feature is available. Maximum period of inactivity is 20 minutes. (d) Apply administrative and physical security controls to Portable Devices and Portable Media by: i. Keeping them in a Secure Area when not in use, ii. Using check-in/check-out procedures when they are shared, and iii. Taking frequent inventories. (2) When being transported outside of a Secure Area, Portable Devices and Portable Media with DSHS Confidential Information must be under the physical control of Contractor staff with authorization to access the Data, even if the Data is encrypted. h. Data stored for backup purposes. (1) DSHS Confidential Information may be stored on Portable Media as part of a Contractor's existing, documented backup process for business continuity or disaster recovery purposes. Such storage is authorized until such time as that media would be reused during the course of normal backup operations. If backup media is retired while DSHS Confidential Information still exists upon it, such media will be destroyed at that time in accordance with the disposition requirements below in Section 8 Data Disposition. (2) Data may be stored on non-portable media (e.g. Storage Area Network drives, virtual media, etc.) as part of a Contractor's existing, documented backup process for business continuity or disaster recovery purposes. If so, such media will be protected as otherwise described in this exhibit. If this media is retired while DSHS Confidential Information still exists upon it, the data will be destroyed at that time in accordance with the disposition requirements below in Section 8 Data Disposition. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 18 i. Cloud storage. DSHS Confidential Information requires protections equal to or greater than those specified elsewhere within this exhibit. Cloud storage of Data is problematic as neither DSHS nor the Contractor has control of the environment in which the Data is stored. For this reason: (1) DSHS Data will not be stored in any consumer grade Cloud solution, unless all of the following conditions are met: (a) Contractor has written procedures in place governing use of the Cloud storage and Contractor attests in writing that all such procedures will be uniformly followed. (b) The Data will be Encrypted while within the Contractor network. (c) The Data will remain Encrypted during transmission to the Cloud. (d) The Data will remain Encrypted at all times while residing within the Cloud storage solution. (e) The Contractor will possess a decryption key for the Data, and the decryption key will be possessed only by the Contractor and/or DSHS. (fi) The Data will not be downloaded to non -authorized systems, meaning systems that are not on either the DSHS or Contractor networks. (g) The Data will not be decrypted until downloaded onto a computer within the control of an Authorized User and within either the DSHS or Contractor's network. (2) Data will not be stored on an Enterprise Cloud storage solution unless either: (a) The Cloud storage provider is treated as any other Sub -Contractor, and agrees in writing to all of the requirements within this exhibit; or, (b) The Cloud storage solution used is Fed RAMP certified. (3) If the Data includes protected health information covered by the Health Insurance Portability and Accountability Act (HIPAA), the Cloud provider must sign a Business Associate Agreement prior to Data being stored in their Cloud solution. 6. System Protection. To prevent compromise of systems which contain DSHS Data or through which that Data passes: a. Systems containing DSHS Data must have all security patches or hotfixes applied within 3 months of being made available. b. The Contractor will have a method of ensuring that the requisite patches and hotfixes have been applied within the required timeframes. c. Systems containing DSHS Data shall have an Anti-Malware application, if available, installed. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 19 d. Anti-Malware software shall be kept up to date. The product, its anti-virus engine, and any malware database the system uses, will be no more than one update behind current. 7. Data Segregation. a. DSHS Data must be segregated or otherwise distinguishable from non-DSHS data. This is to ensure that when no longer needed by the Contractor, all DSHS Data can be identified for return or destruction. It also aids in determining whether DSHS Data has or may have been compromised in the event of a security breach. As such, one or more of the following methods will be used for data segregation. (1) DSHS Data will be kept on media (e.g. hard disk, optical disc, tape, etc.) which will contain no non-DSHS Data. And/or, (2) DSHS Data will be stored in a logical container on electronic media, such as a partition or folder dedicated to DSHS Data. And/or, (3) DSHS Data will be stored in a database which will contain no non-DSHS data. And/or, (4) DSHS Data will be stored within a database and will be distinguishable from non- DSHS data by the value of a specific field or fields within database records. (5) When stored as physical paper documents, DSHS Data will be physically segregated from non-DSHS data in a drawer, folder, or other container. b. When it is not feasible or practical to segregate DSHS Data from non-DSHS data, then both the DSHS Data and the non-DSHS data with which it is commingled must be protected as described in this exhibit. 8. Data Disposition. When the contracted work has been completed or when the Data is no longer needed, except as noted above in Section 5.b, Data shall be returned to DSHS or destroyed. Media on which Data may be stored and associated acceptable methods of destruction are as follows: Data stored on: Will be destroyed by: Server or workstation hard disks, or Using a "wipe" utility which will overwrite the Data at least three (3) times using either Removable media (e.g. floppies, USB flash random or single character data, or drives, portable hard disks) excluding optical discs Degaussing sufficiently to ensure that the Data cannot be reconstructed, or Physically destroying the disk Paper documents with sensitive or Recycling through a contracted firm, provided Confidential Information the contract with the recycler assures that the confidentiality of Data will be protected. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 20 Paper documents containing Confidential Information requiring special handling (e.g. protected health information) On-site shredding, pulping, or incineration Optical discs (e.g. CDs or DVDs) Incineration, shredding, or completely defacing the readable surface with a coarse abrasive Magnetic tape Degaussing, incinerating or crosscut shredding 9. Notification of Compromise or Potential Compromise. The compromise or potential compromise of DSHS shared Data must be reported to the DSHS Contact designated in the Contract within one (1) business day of discovery. If no DSHS Contact is designated in the Contract, then the notification must be reported to the DSHS Privacy Officer at dshsprivacyofficer@dshs.wa.gov. Contractor must also take actions to mitigate the risk of loss and comply with any notification or other requirements imposed by law or DSHS. 10. Data shared with Subcontractors. If DSHS Data provided under this Contract is to be shared with a subcontractor, the Contract with the subcontractor must include all of the data security provisions within this Contract and within any amendments, attachments, or exhibits within this Contract. If the Contractor cannot protect the Data as articulated within this Contract, then the contract with the sub -Contractor must be submitted to the DSHS Contact specified for this contract for review and approval. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 21 EXHIBIT B Family Violence Services Statement of Work 1. Purpose Provide a qualified Domestic Violence Advocate to provide on-site or telephone Family Violence Services for the DSHS Community Services Office (CSO) to: a. Assist DSHS staff in determining appropriate WorkFirst activities for referred clients who experience family violence b. Provide referred clients community resource referrals and linkages appropriate to the family's needs. c. Provide empowerment -based advocacy to referred clients who experience family violence. 2. Definitions a. "Advocacy" means that the client is involved with an advocate in individual or group sessions with a primary focus of safety planning, empowerment, and education of through reinforcement of the client's autonomy and self-determination. Advocacy also means speaking and acting for change or justice with, or on behalf of, another person or cause. Advocacy is survivor centered and uses non -victim blaming methods that include: (1) Identifying barriers to, and strategies to enhance, safety, including safety planning (2) Clarifying and increasing awareness of the power and control associated with domestic violence and the options one may have to obtain resources while staying safe (3) Supporting independent decision making based on the unique needs and circumstances of each individual b. "Advocate" means a trained staff person who works in a domestic violence agency and provides advocacy to clients. c. "CSO" means Community Service Office d. "CSOA" means a Community Service Office Administrator e. "Domestic violence" or "family violence" is a pattern of assaultive and coercive behaviors that an adult or adolescent uses to maintain power and control over one or more, current, estranged or prior, intimate partner or other family member. The abuser's use of physical force against persons or property or the use of conduct that establishes a credible threat of physical harm (i.e. terrorizing tactics) combined with other controlling tactics are key elements of domestic violence. The effect of the overall pattern of assaultive and coercive behavior is to increase the abuser's power DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 22 and control in the relationship. It includes, but is not limited to, the categorization of offenses defined in RCW 10.99.020(3) when committed by one cohabitant against another. Abusive tactics may include, but are not limited to the following: (1) Physical abuse (2) Sexual abuse (3) Intimidating tactics (4) Physical and/or psychological isolation of the victim (5) Repeated attacks against the victim's competence (6) Alternating use of indulgences (7) Control of family funds and resources (8) Stalking (9) Use of children and systems to control the victim f. "DSHS staff' means the CSO WorkFirst Social Worker, WorkFirst Case Manager, WorkFirst Supervisor, or other Community Services Division staff acting on behalf of the DSHS Contract Contact listed on page one of this contract. g. "Excused Absence" means hours of non -participation from a scheduled session or activity where the client reported to the Contractor that he/she is unable to attend prior to the start of the scheduled session. Client absence also may be declared excused by the Contractor in emergency circumstances where it is unreasonable to expect the client to have notified the Contractor prior to the start of the scheduled session. h. "Made-up Absence" means comparable, supervised activities completed by a client under the direction of the Contractor in lieu of attendance at a scheduled session or activity. i. "Marginalized populations" includes, but is not limited to, populations that have been historically underserved and oppressed in society because of ethnicity, race, culture or language diversity, age, sexual orientation, or disability. j. "Participation" means attendance by the client at an activity supervised by the Contractor. Participation does not include time spent by the client traveling to or from sessions. Study, preparation or homework time is not counted as participation unless the Contractor provides supervision of the client during study, preparation or homework. k. "Safety plan" is a process of thinking through with the victim how to increase safety for both the victim of domestic violence and any dependent children of the victim. Safety planning addresses both immediate and long term risks, barriers, or concerns regarding the victim and any dependent children. It is based on knowledge about the DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 23 specific pattern of the domestic violence perpetrator's tactics and the protective factors of the victim and any dependent children. Safety planning can be done formally, informally, in writing or orally, or in any other conversational process between the victim and advocate. I. "Unexcused Absence" means any hours of non -participation from a scheduled session or activity by a client that does not meet the criteria established above for "Excused Absence". 3. Qualifications for Domestic Violence Advocates and their Supervisors. a. The Domestic Violence Advocates and their Supervisors must meet the training requirements of WAC 388-61A-1080: What type of training is required for staff of the domestic violence agency? b. Initial training (1) Staff providing supportive services and supervisors of staff shall obtain a minimum of twenty (20) hours of initial basic training that covers the following topics and skills: (a) Theory and implementation of empowerment -based advocacy. (b) The history of the domestic violence movement. (c) Active listening skills. (d) Legal, medical, social service and systems advocacy. (e) Anti -oppression and cultural competency theory and practice. (f) Confidentiality and ethics. (g) Safety planning skills and barriers to safety. (h) Planning, clarifying issues and options, and crisis intervention. (i) Providing services and advocacy to individuals from marginalized populations. (j) Policies and procedures of the domestic violence agency. (2) Initial training shall be completed prior to providing supportive services to clients and/or their dependent children. (3) The recommended format for initial trainings is live and in-person group sessions. Structured job -shadowing and self -study may be included as part of the overall initial training. All domestic violence agency in-house training must be based on a training plan that covers one or more of the required initial training topics. c. Continuing education and supervisor training DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 24 (1) Based on their date of hire with the domestic violence agency, staff providing supportive services and staff supervisors must obtain an annual minimum of twenty hours of continuing education training beginning in their second year with the domestic violence agency, and in every year thereafter. (2) A minimum of ten hours must be live training on topics specifically focused on serving victims of domestic violence and their children. (3) The remaining ten hours of training may be satisfied through self -study on topics specifically focused on serving victims of domestic violence and their children. (4) Within six months of being hired as an advocate supervisor and for each year thereafter, the supervisor must obtain a minimum of five hours of training on supervision. Supervision training can be counted toward the twenty hours of annual continuing education training hours required by this chapter. Examples of supervision training topics include leadership skills, job coaching and staff evaluation, personnel management, effective communication and managing conflict, multicultural supervision, and how to foster professional development of, and self-care with, advocates. While live, in-person training is the preferred method for supervision training, all methods of live and self -study training are acceptable. 4. Staffing a. The Contractor shall provide a qualified Domestic Violence Advocate to the Moses Lake Community Services Office for up to 774 hours per state fiscal year. b. The services may be provided in person at the CSO or by telephone. c. If the Contractor cannot provide in person services they shall notify the CSO and the DSHS Contact. d. If the Contractor can provide the services by telephone they shall notify the CSO and the DSHS Contact. e. Actual scheduling and manner in which the services will be provided will be negotiated between the Contractor and the CSO. 5. Contractor Obligations The Contractor shall: a. Conduct an initial client interview and develop a TANF Family Violence Service Plan a Family Violence Service Plan format as provided by the DSHS, Contract Contact listed on page one of this contract. b. Participate in DSHS case staffing meetings as requested by DSHS staff. Participation may be in person or by telephone. c. Refer and link clients to family violence services and other appropriate resources available in the community based on the client's needs. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 25 d. Provide empowerment -based advocacy to referred clients. e. Contact DSHS for interpreter services as needed. If the Contractor chooses to provide an interpreter, the Contractor shall pay for such services. f. Supply the CSO with educational materials to promote public and professional awareness of the problems regarding family violence and the availability of services within the local community. These materials may be in the form of brochures, flyers, posters, etc. 6. Reporting Requirements The Contractor shall: a. Submit a completed TANF Family Violence Service Plan within five (5) business days of initial interview for each client referred and interviewed. This report will be directed to the referring DSHS staff. A sample TANF Family Violence Service Plan is attached as Exhibit C or an alternate format may be selected at the request of the CSO Administrator. Any alternate formats must include the minimum sample elements. b. Submit a completed monthly report with each billing invoice (Exhibit C- Monthly Report). c. Have the choice whether or not to use the eJAS system to report information regarding each client. If the Contractor uses the eJAS system* to report client information, the contractor shall: d. Use the Contractor Caseload screen: (1) Accept or reject each referral within three (3) business days of receipt. (2) Enter the activity start and end dates on or within three (3) business days following the client's start or end of the component(s). (3) Provide notice of non -participation within one (1) business day when the client has any unexcused absence. e. Use the Client Notes screen to Notate: (1) The results of the contractor's ongoing assessment or appraisal of each client's strengths and barriers relatable to employability or family self-sufficiency within three (3) business days of completing an assessment or appraisal. (2) Additional, client -specific information or observations as required in the Statement of Work. (3) Contractor approval of all excused absences, including the date of the absence, the date the Contractor approved the absence, and the reason given by the client for the absence. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 26 f. Use the Multiple Client Participation Screen*, no later than the 10th calendar day of the month following a month with reportable activity: (1) Enter the total hours of client participation specific to the component(s) provided under this Contract. (2) Enter the total number of hours and the total number of instances for which the client was excused from participation. (3) Enter the total number of hours for which the client did not participate due to an unexcused absence. *Contractors may enter data at intervals of less than one calendar month. However, each calendar month's data must be completely reported no later than the 10th calendar day of the month following a month with reportable activity. If the Contractor does not use the eJAS system to report client information, the contractor shall: g. Accept or reject each referral within three (3) business days of receipt and notify DSHS staff. h. Provide DSHS staff with the activity start and end dates on or within three (3) business days following the client's start or end of the component(s). i. Provide DSHS staff with notice of non -participation within one (1) business day when the client has any unexcused absence. j. Provide DSHS staff of the results of the contractor's ongoing assessment appraisal of each client's strengths and barriers relatable to employability or family self- sufficiency within three (3) business days of completing an assessment or appraisal. k. Provide DSHS staff with any additional client -specific information or observations as required by the Statement of Work. I. Provide DSHS staff with approval of all excused absences, including the date of the absence, the date the Contractor approved the absence, and the reason given by the client for the absence. m. Return a completed WorkFirst Participation Verification Form* each month that a participant received services from the Contractor to include the: (1) Actual hours of countable family violence treatment participation as described in the Washington State Work Verification Plan (2) Total number of hours (3) Total number of instances for which the client was excused from participation (4) Total number of hours for which the client did not participate due to an unexcused absence DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 27 *DSHS staff will supply the Contractor with the necessary forms. This form must be returned no later than the 5t" day of the month following the month in which a client received family violence treatment services. 7. Documentation The Contractor shall maintain written documentation of participation verification in a format approved by the DSHS Contact person named on page 1 of this Contract (or successor). Such documentation shall include, but not be limited to, client name (and/or eJAS number), date, hours attended, hours of excused absence, hours of unexcused absence and component code. 8. Compensation DSHS shall pay $40 per hour for the Family Violence Advocate in the CSO. Payment will be limited to actual hours worked by Advocates, prorated to 30 -minute intervals. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 28 Special Terms and Conditions Exhibit C Monthly Report Contractor ID: Service Month: e]AS or Client ID Comments - :.v,... .......�.�..w.... C �.-�...��.......��..�,....._...�..�.�....,..,..��..�. ��..v,....«:....«...�..«...._.. ��.-...,�.�.. ��.... �.........«.�.....iii.�..vw�m-�.ivn...«.�i,��.�«��.��«:�H�.�. r«..✓i.✓ii..�:.v.,«.�.��.��......i�. i�..w��ii....�..v«.�.�i..i.vii...w_�n.��ii��..��..«.��.��...,....��.vi,�....,�,.:..,.��....-«.r�.v.�.....�..�,.«,��_�.,�...«..,-.iii.. ��«�.w.�..-i i s i a I ss f... ........ .��.«��..... ....�.«.�.�.�«...... «��...�...« «.�«.«��« ................--...........--- -«---- ...�«.«.«�«...�.«.«...«�.��.�...�.i��..�.��......«...««..iw...�.��«.........«��..�.�...��.�..��..�.r«�i...��.�.�..«�.i�...i�.........n.��....�.�«.-_-.-....iv.«.....«----------- .... «...... ..- ---------- ---------- .�.«�.«.«.�.�.i��.«i i 4 4 E 4 i = i 3 } E 5 i 3 5 i i - _ v i � i 3 i "i S 3 i 1 s E � t i s % - 3 3 ....-....w.....-v.:.._..�,...v.,...-..............-i.....v...v...i......... ........n...........�....... �........,.«...rs.v....�....,..v.:...�..«..v...................,..«.v�-...v.....i-......w..v...................,.........i....,...........v:.........v.....�.....vv......�.«...«�....w..:....v...v......-............................+..,-........w..w...�.........�..w.«.i..-................,.....«........v......�...,.i..............v.....n..v...v... a...... �.., ,✓ 6 s ._..:.....i..vi..v...........i......,.....i.....ra......a...,..v.........v....v..v.w.i.v.....vii..,_..v.v....i...w.ii.-w.-.:..iii..i..........,,.v...i.......:.:..�..«.....,i.:,..i...v..-...,......�.«..vi.....v«.i.........v...n-.vi.............i.v....� APPROVED: DIRECTIONS: At minimum the eJAS or Client I D must be listed for each client who received services in the service month. Comments such as a summary of services received may be entered. DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 29 Special Terms and Conditions Attachment 1 TANF Family Violence Service Plan SAMPLE eJAS # Date 1. Is the client's safety in jeopardy? (Are extra precautionary measures recommended?) Yes No Comments: 2. Does the client feel ready to participate in job search? Yes No Comments: 3. If No, how long does the client need to be deferred? days Comments: 4. Will the client be participating in Family Violence services? Yes No Comments: 5. Was this client referred to any community resources? Yes No Comments: Additional information that will help coordinate services: DSHS Central Contract Services 6017CF County Program Agreement (10-31-2017) Page 30