Access Controls. The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls a. Authorized Access - DST shall have controls that are designed to maintain the logical separation such that access to systems hosting Fund Data and/or being used to provide services to Fund will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to Fund Data.
Access Controls. The system providing access to PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must use role based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls. The system providing access to County PHI or PI must use role-based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls. The system must use role based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls. The system providing access to DHCS PHI or PI must use role based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls. The system providing access to PII shall use role-based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls. Your Critical Systems must restrict access to Card Data and all other personal or important data to only trusted persons within your organisation, and no such person should have greater access to such data than is necessary for that person to perform his or her role. Your systems must track and log all access, use, modification and deletion of Card Data and other personal or important data so that you maintain an audit trail of all such actions. You must also limit access to your Critical Systems and the resources on which they depend such as networks, firewalls, and databases.
Access Controls. The system providing access to CDPH PHI or PI must use role based access controls for all user authentications, enforcing the principle of least privilege.
Access Controls. Access to corporate systems is restricted, based on procedures to ensure appropriate approvals. To reduce the risk of misuse, intentional or otherwise, access is provided based on segregation of duties and least privileges. Remote access and wireless computing capabilities are restricted and require that both user and system safeguards are in place. Specific event logs from key devices and systems are centrally collected and reported on an exceptions basis to enable incident response and forensic investigations.
