Agenda

Return

C. 20

To:	Board of Supervisors
From:	Anna Roth, Health Services Director
Date:	August 10, 2021

Contra

Costa

County

Subject:

Purchase Order for Verge Technologies

APPROVE	OTHER
RECOMMENDATION OF CNTY ADMINISTRATOR	RECOMMENDATION OF BOARD COMMITTEE

Action of Board On: 08/10/2021

APPROVED AS RECOMMENDED

OTHER

Clerks Notes:

VOTE OF SUPERVISORS

AYE:

John Gioia, District I Supervisor
Candace Andersen, District II Supervisor
Diane Burgis, District III Supervisor
Karen Mitchoff, District IV Supervisor
Federal D. Glover, District V Supervisor

Contact:

Patrick Wilson, 925-335-8700

I hereby certify that this is a true and correct copy of an action taken and entered on the minutes of the Board of Supervisors on the date shown.
ATTESTED: August 10, 2021
Monica Nino, County Administrator

BY:	, Deputy

RECOMMENDATION(S):

Approve and authorize the Purchasing Agent to execute, on behalf of the Health Services Department, an amendment to the Varonis Technologies master license agreement and a Purchase Order with Verge Technologies, in an amount not to exceed $1,214,246.43 for the purchase of Varonis Technologies subscriptions for the period from August 1, 2021 through July 31, 2024.

FISCAL IMPACT:

Approval of this Purchase Order will result in budgeted expenditures over a three-year period of $1,214,246.43 ($421,548.81 year 1, $396,348.81 year 2, $396,348.81 year 3) and will be funded 100% by the Hospital Enterprise Fund I revenues.

BACKGROUND:

Varonis Technologies is the platform used to identifies security threats to our network. HIPAA, the HITECH Act, and Meaningful Use have set up guidelines that require safeguards in computing security. This software will enable us to identify where classified information resides on our network and alert us of any suspicious activity within our network. This software complements our current software to identify and security threats to our network.

CONSEQUENCE OF NEGATIVE ACTION:

Varonis Technologies subscription will no longer identify security threats to our network. Without the subscription, CCHS will be unable to do meet HIPAA, the HITECH Act, and Meaningful Use set up guidelines that require safeguards in computing security. The current system is a security risk given the age of the operating system and hardware.