• Home
  • KUMC Working with Vendor Systems

KUMC Working with Vendor Systems


The purpose of this policy is to minimize the risk associated with the introduction of new vendor systems into the KUMC information technology infrastructure and to assure adequate support for the successful implementation and operation of such systems.

Applies to: 

All KUMC faculty, staff, and students.

Medical Center, Kansas City
Policy Statement: 

Departments contracting with technology vendors to provide information technology services or applications must work with Information Resources to ensure security standards are met and appropriate levels of support have been defined.

To be connected to the KUMC network, including connectivity for web-based accessibility, implementations of vendor systems must follow these practices:

  1. KUMC Information Resources should be involved prior to system acquisition to provide guidance in selecting vendors and products that will work in the existing KUMC web environment.
  2. Any application to be hosted on KUMC's production web servers will be loaded and tested on the IR-managed testing environment prior to being installed on production servers.  IR staff will assist in this process.
  3. All applications must be entered into the Central Application Database.  All servers used to host applications must be certified by KUMC Information Security and entered into the Central Server Database.
  4. All security policies and protocols of the Department of Information Resources must be adhered to.
  5. Departments should assign one or more staff as Application Administrator(s) to manage the day-to-day activities associated with the application and a point-of-contact for working with IR on on-going technical activities including loading patches/updates, backup recovery, and configuration.
  6. Departments should budget for ongoing technical support of the system through either a maintenance agreement with the vendor or a Service Level Agreement with Information Resources.

Systems not in compliance will be disconnected from the network or disabled.


For information on this policy, please contact:

Jameson Watkins
Director of Internet Development
Department of Information Resources
University of Kansas Medical Center
4021 Taylor, 3901 Rainbow Blvd
Kansas City, Kansas 66160
(913) 588-7387

Chief Information Officer
University of Kansas Medical Center
1018 Taylor, 3901 Rainbow Blvd
Kansas City, Kansas 66160
(913) 588-1698

Approved by: 
Chief Information Officer, KUMC
Approved on: 
Friday, April 1, 2005
Effective on: 
Friday, April 1, 2005
Review Cycle: 
Annual (As Needed)

Vendor system: a locally-hosted software application, with or without associated hardware, acquired from commercial, open-source, or other non-KUMC source

Review, Approval & Change History: 

2015-10-21: Technical edits.

2014-03-03: Reviewed and move into KU Policy Library.

2013-07-30: Revised to reflect contact changes.

Information Access & Technology Categories: 
Information Technology
Privacy & Security

Can't Find What You're Looking For?
Policy Library Search
KU Today
One of 34 U.S. public institutions in the prestigious Association of American Universities
Nearly $290 million in financial aid annually
44 nationally ranked graduate programs.
—U.S. News & World Report
Top 50 nationwide for size of library collection.
23rd nationwide for service to veterans —"Best for Vets," Military Times