Contingency Plan Contractor is aware that unforeseen circumstances, Including damage to their Facility(ies), equipment breakdowns, weather-related emergencies and other Force Majeur events, may require their participation in non-scheduled operations in order to provide continuous service to the public. Contractor hereby acknowledges that, under this Agreement, they are prepared to commit to participation in training for such emergency scenarios and to provide vehicles and personnel to maintain uninterrupted service during impairment or breakdown of Contractor’s Facility or equipment, and in case of natural disaster or other emergency, Including the events described in Section 14.09.
Contingency Planning The Official Agency in conjunction with the Authority shall ensure that there are contingency plans in place at appropriate levels for dealing with food related crises and incidents. The contingency plan shall be in line with Article 115 of Regulation (EU) 2017/625 and include arrangements for activation of the plan, establishment of a crisis team, communication and information, out of hours contacts and on call services. As part of these plans, the Official Agency will provide the Authority with contact points for both office hours and out of office hours contact for emergency and crisis situations. The Official Agency shall facilitate training of personnel in the operation and exercise of the contingency plans. Periodic review of the plans shall take place in consultation with the Authority. The Official Agency shall implement the agreed Inter-Agency Protocol for the Management of a Food Crisis and guidance on Management of Outbreaks of Foodborne Illness as per Section 1.19.
Fraud, Waste, and Abuse Contractor understands that HHS does not tolerate any type of fraud, waste, or abuse. Violations of law, agency policies, or standards of ethical conduct will be investigated, and appropriate actions will be taken. Pursuant to Texas Government Code, Section 321.022, if the administrative head of a department or entity that is subject to audit by the state auditor has reasonable cause to believe that money received from the state by the department or entity or by a client or contractor of the department or entity may have been lost, misappropriated, or misused, or that other fraudulent or unlawful conduct has occurred in relation to the operation of the department or entity, the administrative head shall report the reason and basis for the belief to the Texas State Auditor’s Office (SAO). All employees or contractors who have reasonable cause to believe that fraud, waste, or abuse has occurred (including misconduct by any HHS employee, Grantee officer, agent, employee, or subcontractor that would constitute fraud, waste, or abuse) are required to immediately report the questioned activity to the Health and Human Services Commission's Office of Inspector General. Contractor agrees to comply with all applicable laws, rules, regulations, and System Agency policies regarding fraud, waste, and abuse including, but not limited to, HHS Circular C-027. A report to the SAO must be made through one of the following avenues: ● SAO Toll Free Hotline: 1-800-TX-AUDIT ● SAO website: xxxx://xxx.xxxxx.xxxxx.xx.xx/ All reports made to the OIG must be made through one of the following avenues: ● OIG Toll Free Hotline 0-000-000-0000 ● OIG Website: XxxxxxXxxxxXxxxx.xxx ● Internal Affairs Email: XxxxxxxxXxxxxxxXxxxxxxx@xxxx.xxxxx.xx.xx ● OIG Hotline Email: XXXXxxxxXxxxxxx@xxxx.xxxxx.xx.xx. ● OIG Mailing Address: Office of Inspector General Attn: Fraud Hotline MC 1300 P.O. Box 85200 Austin, Texas 78708-5200
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
CERTIFICATION PROHIBITING DISCRIMINATION AGAINST FIREARM AND AMMUNITION INDUSTRIES (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree, when it is applicable, to the following required by Texas law as of September 1, 2021: If (a) company is not a sole proprietorship; (b) company has at least ten (10) full-time employees; (c) this contract has a value of at least $100,000 that is paid wholly or partly from public funds; (d) the contract is not excepted under Tex. Gov’t Code § 2274.003 of SB 19 (87th leg.); and (e) governmental entity has determined that company is not a sole-source provider or governmental entity has not received any bids from a company that is able to provide this written verification, the following certification shall apply; otherwise, this certification is not required. Pursuant to Tex. Gov’t Code Ch. 2274 of SB 19 (87th session), the company hereby certifies and verifies that the company, or association, corporation, partnership, joint venture, limited partnership, limited liability partnership, or limited liability company, including a wholly owned subsidiary, majority-owned subsidiary parent company, or affiliate of these entities or associations, that exists to make a profit, does not have a practice, policy, guidance, or directive that discriminates against a firearm entity or firearm trade association and will not discriminate during the term of this contract against a firearm entity or firearm trade association. For purposes of this contract, “discriminate against a firearm entity or firearm trade association” shall mean, with respect to the entity or association, to: “
(1) refuse to engage in the trade of any goods or services with the entity or association based solely on its status as a firearm entity or firearm trade association; (2) refrain from continuing an existing business relationship with the entity or association based solely on its status as a firearm entity or firearm trade association; or (3) terminate an existing business relationship with the entity or association based solely on its status as a firearm entity or firearm trade association. See Tex. Gov’t Code § 2274.001(3) of SB 19. “Discrimination against a firearm entity or firearm trade association” does not include: “
(1) the established policies of a merchant, retail seller, or platform that restrict or prohibit the listing or selling of ammunition, firearms, or firearm accessories; and (2) a company’s refusal to engage in the trade of any goods or services, decision to refrain from continuing an existing business relationship, or decision to terminate an existing business relationship to comply with federal, state, or local law, policy, or regulations or a directive by a regulatory agency, or for any traditional business reason that is specific to the customer or potential customer and not based solely on an entity’s or association’s status as a firearm entity or firearm trade association.” See Tex. Gov’t Code § 2274.001(3) of SB 19.
Business Continuity Planning Supplier shall prepare and maintain at no additional cost to Buyer a Business Continuity Plan (“BCP”). Upon written request of Buyer, Supplier shall provide a copy of Supplier’s BCP. The BCP shall be designed to ensure that Supplier can continue to provide the goods and/or services in accordance with this Order in the event of a disaster or other BCP-triggering event (as such events are defined in the applicable BCP). Supplier’s BCP shall, at a minimum, provide for: (a) the retention and retrieval of data and files; (b) obtaining resources necessary for recovery, (c) appropriate continuity plans to maintain adequate levels of staffing required to provide the goods and services during a disruptive event; (d) procedures to activate an immediate, orderly response to emergency situations; (e) procedures to address potential disruptions to Supplier’s supply chain; (f) a defined escalation process for notification of Buyer, within two (2) business days, in the event of a BCP-triggering event; and (g) training for key Supplier Personnel who are responsible for monitoring and maintaining Supplier’s continuity plans and records. Supplier shall maintain the BCP and test it at least annually or whenever there are material changes in Supplier’s operations, risks or business practices. Upon Xxxxx’s written and reasonable request, Supplier shall provide Buyer an executive summary of test results and a report of corrective actions (including the timing for implementation) to be taken to remedy any deficiencies identified by such testing. Upon Xxxxx’s request and with reasonable advance notice and conducted in such a manner as not to unduly interfere with Supplier’s operations, Supplier shall give Buyer and its designated agents access to Supplier’s designated representative(s) with detailed functional knowledge of Supplier’s BCP and relevant subject matter.
Clean Air Act and Federal Water Pollution Control Act The contractor agrees to comply with all applicable standards, orders or regulations issued pursuant to the Clean Air Act, as amended, 42 U.S.C. § 7401 et seq.
Cloud Computing State Risk and Authorization Management Program In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.0593, Contractor acknowledges and agrees that, if providing cloud computing services for System Agency, Contractor must comply with the requirements of the state risk and authorization management program and that System Agency may not enter or renew a contract with Contractor to purchase cloud computing services for the agency that are subject to the state risk and authorization management program unless Contractor demonstrates compliance with program requirements. If providing cloud computing services for System Agency that are subject to the state risk and authorization management program, Contractor certifies it will maintain program compliance and certification throughout the term of the Contract.
Budget Contingency Clause A. It is mutually agreed that if the Budget Act of the current year and/or any subsequent years covered under this Agreement does not appropriate sufficient funds for the program, this Agreement shall be of no further force and effect. In this event, the State shall have no liability to pay any funds whatsoever to Contractor or to furnish any other considerations under this Agreement and Contractor shall not be obligated to perform any provisions of this Agreement.
B. If funding for any fiscal year is reduced or deleted by the Budget Act for purposes of this program, the State shall have the option to either cancel this Agreement with no liability occurring to the State, or offer an agreement amendment to Contractor to reflect the reduced amount.
Human and Financial Resources to Implement Safeguards Requirements The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
