Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
Residency Requirement All students in baccalaureate degree programs must earn the following from the University of Maine at Farmington:
Facility Requirements 1. Maintain wheelchair accessibility to program activities according to governing law, including the Americans With Disabilities Act (ADA), as applicable.
2. Provide service site(s) that will promote attainment of Contractor’s program objectives. Arrange the physical environment to support those activities.
3. Decrease program costs when possible by procuring items at no cost from County surplus stores and by accepting delivery of such items by County.
Capital and Liquidity Requirements If any Lender or any Issuing Bank determines that any Change in Law regarding capital or liquidity requirements has or would have the effect of reducing the rate of return on such Lender’s or such Issuing Bank’s capital or on the capital of such Lender’s or such Issuing Bank’s holding company, if any, as a consequence of this Agreement or the Loans made by, or participations in Swingline Loans and Letters of Credit held by, such Lender, or the Letters of Credit issued by such Issuing Bank, to a level below that which such Lender or such Issuing Bank or such Lender’s or such Issuing Bank’s holding company could have achieved but for such Change in Law (taking into consideration such Lender’s or such Issuing Bank’s policies and the policies of such Lender’s or such Issuing Bank’s holding company with respect to capital adequacy and liquidity requirements), by an amount deemed to be material by such Lender or such Issuing Bank, then from time to time the Borrower will pay to such Lender or such Issuing Bank, as the case may be, in Dollars, such additional amount or amounts as will compensate such Lender or such Issuing Bank or such Lender’s or such Issuing Bank’s holding company for any such reduction suffered.
City Requirements Design, construction, materials, sizing, other specifications, permitting, inspections, testing, documentation and furnishing of as-built drawings, and acceptance of completed infrastructure shall be in accordance with City Requirements. Design and construction shall be by professionals licensed in the state of North Carolina to do the relevant work. City approval of the design of the Improvements shall be required prior to construction, as set forth in City Requirements. If Developer is connecting to the County sewer system, the City may require Developer to furnish the contract providing for such connection.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Residency Requirements 1. All single first-year freshmen students are required to live in University housing for at least two academic semesters. All single students who have earned less than 30 credit hours and have not resided in University housing for two academic semesters are required to live on campus for two academic semesters. This policy does not apply to single first-year students who have been out of high school for more than one year, or to single first-year freshmen who live with their parents in Miami-Dade or Broward Counties. Neither does it apply to those students who, for disciplinary or administrative reasons, may be denied the privilege of continued residency on campus.
2. Undergraduate students residing in University housing must be regularly enrolled students of the University, taking a minimum of 12 credit hours each semester. Graduate students (when housed by exception) must carry a minimum of nine credit hours per semester. To apply and sign-up for University Village apartments, students must have 45 or more completed academic credits. In order to move into University Village, students must have 60 or more completed academic credits or have completed 4 academic semesters at the University and be achieving satisfactory academic progress as defined by the University Bulletin.
Business Day Requirements In the event that any notice or other action or omission is required to be taken by a Party under this Agreement on a day that is not a Business Day then such notice or other action or omission shall be deemed to be required to be taken on the next occurring Business Day.
