Skip to site content

Security Agreements

Security Agreement Requests

Before the Indian Health Service (IHS) and an external party share data, with or without a direct and persistent connection to IHS systems, both parties must enter into a Security Agreement. Agreements between IHS and an external party, which may be a Tribal or Urban entity, a corporation, another agency, or other person or organization, may include only one IHS Area or may include multiple Areas. In either case, the process of initiating an agreement begins with starting a Security Agreement Request in the ServiceNow Portal.

The ServiceNow portal.

To begin, select "Request Something." After that, select "Security Services." And then select "Security Agreement Request."

The ServiceNow Security Services options.

You are first asked if you have a completed PIA. If you do not, or do not know what a PIA is, that is fine, just select "No" from the dropdown and continue. Next, you need to look to make sure the Business Partner for the Security Agreement is in the Business Partner dropdown in the Security Agreement Request form.

The ServiceNow Security Agreement Request form.

If the Business Partner is not in the dropdown, return to the Security Services list and begin a "Business Partner Request" before completing the "Security Agreement Request."

The ServiceNow Business Partner Request form.

Otherwise, complete the Security Agreement Request form and the Security Agreements Team will begin to work on the ServiceNow ticket with you to complete the request.

Please note, that you need to attach any applicable addenda as attachments at the bottom of the Security Agreement Request form.

The ServiceNow Security Agreement Request form Add Attachements option.

Please also note that once a ticket is closed in ServiceNow, the system no longer notifies the Security Agreements Team of any updates. If you need to make changes after a ServiceNow ticket has been closed, please start a new ticket.

A handshake overlayed with binary code.

Useful References

  1. Area IT Service Desk
    Links to local IT support.
  2. Training Resources
    Documents, infographics, websites, and videos created by DIS to help users learn more about cybersecurity.
  3. ISSA Training Site
    A direct link to IHS's mandatory security training site.
  4. NIST Glossary Exit Disclaimer: You Are Leaving www.ihs.gov 
    A link to a glossary of terms from NIST's cybersecurity- and privacy-related publications.