Title
a. Authorize the Chief Information Officer or his designee to execute a Mutual Non-Disclosure Agreement with ShareGate software used to secure the County’s Microsoft 365 environment;
b. Authorize the Chief Information Officer to execute future non-disclosure agreements and mutual non-disclosure agreements with existing and potential vendors, subject to County Counsel review, to facilitate work with vendors that requires the County to disclose or receive confidential information about the County’s network and information technology systems.
Report
RECOMMENDATION:
It is recommended that the Board of Supervisors:
a. Authorize the Chief Information Officer or his designee to execute a Mutual Non-Disclosure Agreement with ShareGate software used to secure the County’s Microsoft 365 environment;
b. Authorize the Chief Information Officer to execute future non-disclosure agreements and mutual non-disclosure agreements with existing and potential vendors, subject to County Counsel review, to facilitate work with vendors that requires the County to disclose or receive confidential information about the County’s network and information technology systems.
SUMMARY/DISCUSSION:
The Information Technology Department (ITD) is responsible with protecting the confidentiality, integrity and availability of the County’s network and other information technology systems. To effectively explore technological options available to the County and to plan and complete various projects, it is advantageous that ITD release and receive information of a confidential nature of certain vendors.
To address the need for disclosure of confidential systems information in these circumstances,
the Board has approved an ITD created non-disclosure agreements (NDA) and mutual non-disclosure agreement (MNDA) templates. However, there are occasions where the vendor requires their own agreements vetted by their attorneys. The Board has previously reviewed and approved numerous vendor NDAs and MNDAs on an individual basis, as ITD has brought them to the Board on a project-by-project basis.
ITD is requesting authorization to sign a Mutual Non-Disclosure Agreement (MNDA) with ShareGate software to explore a component of their service to ensure it meets the County’s security policy. Additionally, the authority to sign future vendor NDAs and MNDAs will allow ITD to expedite the pre-procurement software security review process that is required by existing Monterey County’s information security policy. Moreover, this authority will assist ITD expeditiously assess third-party compliance with Monterey County control agency mandates such as, Criminal Justice Information Services (CJIS) security policy, Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Federal Information Security Management Act (FISMA).
The Chief Information Officer and the Chief Security Officer recommend that the Board approve the Mutual Non-Disclosure Agreement with ShareGate and no-cost NDAs and MNDAs with existing or potential vendors, subject to County Counsel’s review and approval.
OTHER AGENCY INVOLVEMENT:
County Counsel has reviewed and approved ShareGate’s MNDA as to form.
FINANCING:
There is no cost associated with the authorization to use ShareGate’s MNDA, and no cost associated with future vendor NDA and MNDAs and no impact on the County General Fund.
BOARD OF SUPERVISORS STRATEGIC INITIATIVES:
Authorizing the Director of the Information Technology Department to execute non-disclosure agreements will facilitate improvement of the County’s technology and information systems infrastructure.
__Economic Development
__Administration
__Health & Human Services
X Infrastructure
__Public Safety
Prepared by: Sandra Shaffer, Management Analyst III, 759-6957
Approved by: Eric A. Chatham, Cheif Information Officer, 759-6920
Attachments:
ShareGate MNDA