Cost Responsibility for Interconnection Facilities and Distribution Upgrades 4.1 Interconnection Facilities 4.2 Distribution Upgrades
Substance Abuse Treatment Information Substance abuse treatment information shall be maintained in compliance with 42 C.F.R. Part 2 if the Party or subcontractor(s) are Part 2 covered programs, or if substance abuse treatment information is received from a Part 2 covered program by the Party or subcontractor(s).
Information Systems Acquisition Development and Maintenance a. Client Data – Client Data will only be used by State Street for the purposes specified in this Agreement.
Reactive Power and Primary Frequency Response 9.6.1 Power Factor Design Criteria
Cloud Computing State Risk and Authorization Management Program In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.0593, Contractor acknowledges and agrees that, if providing cloud computing services for System Agency, Contractor must comply with the requirements of the state risk and authorization management program and that System Agency may not enter or renew a contract with Contractor to purchase cloud computing services for the agency that are subject to the state risk and authorization management program unless Contractor demonstrates compliance with program requirements. If providing cloud computing services for System Agency that are subject to the state risk and authorization management program, Contractor certifies it will maintain program compliance and certification throughout the term of the Contract.
File Management and Record Retention relating to CRF Eligible Persons or Households Grantee must maintain a separate file for every applicant, Eligible Person, or Household, regardless of whether the request was approved or denied. a. Contents of File: Each file must contain sufficient and legible documentation. Documents must be secured within the file and must be organized systematically.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.
Fraud, Waste, and Abuse Contractor understands that HHS does not tolerate any type of fraud, waste, or abuse. Violations of law, agency policies, or standards of ethical conduct will be investigated, and appropriate actions will be taken. Pursuant to Texas Government Code, Section 321.022, if the administrative head of a department or entity that is subject to audit by the state auditor has reasonable cause to believe that money received from the state by the department or entity or by a client or contractor of the department or entity may have been lost, misappropriated, or misused, or that other fraudulent or unlawful conduct has occurred in relation to the operation of the department or entity, the administrative head shall report the reason and basis for the belief to the Texas State Auditor’s Office (SAO). All employees or contractors who have reasonable cause to believe that fraud, waste, or abuse has occurred (including misconduct by any HHS employee, Grantee officer, agent, employee, or subcontractor that would constitute fraud, waste, or abuse) are required to immediately report the questioned activity to the Health and Human Services Commission's Office of Inspector General. Contractor agrees to comply with all applicable laws, rules, regulations, and System Agency policies regarding fraud, waste, and abuse including, but not limited to, HHS Circular C-027. A report to the SAO must be made through one of the following avenues: ● SAO Toll Free Hotline: 1-800-TX-AUDIT ● SAO website: xxxx://xxx.xxxxx.xxxxx.xx.xx/ All reports made to the OIG must be made through one of the following avenues: ● OIG Toll Free Hotline 0-000-000-0000 ● OIG Website: XxxxxxXxxxxXxxxx.xxx ● Internal Affairs Email: XxxxxxxxXxxxxxxXxxxxxxx@xxxx.xxxxx.xx.xx ● OIG Hotline Email: XXXXxxxxXxxxxxx@xxxx.xxxxx.xx.xx. ● OIG Mailing Address: Office of Inspector General Attn: Fraud Hotline MC 1300 P.O. Box 85200 Austin, Texas 78708-5200
Workplace Violence Prevention and Crisis Response (applicable to any Party and any subcontractors and sub-grantees whose employees or other service providers deliver social or mental health services directly to individual recipients of such services): Party shall establish a written workplace violence prevention and crisis response policy meeting the requirements of Act 109 (2016), 33 VSA §8201(b), for the benefit of employees delivering direct social or mental health services. Party shall, in preparing its policy, consult with the guidelines promulgated by the U.S. Occupational Safety and Health Administration for Preventing Workplace Violence for Healthcare and Social Services Workers, as those guidelines may from time to time be amended. Party, through its violence protection and crisis response committee, shall evaluate the efficacy of its policy, and update the policy as appropriate, at least annually. The policy and any written evaluations thereof shall be provided to employees delivering direct social or mental health services. Party will ensure that any subcontractor and sub-grantee who hires employees (or contracts with service providers) who deliver social or mental health services directly to individual recipients of such services, complies with all requirements of this Section.
Musculoskeletal Injury Prevention and Control The hospital in consultation with the Joint Health and Safety Committee (JHSC) shall develop, establish and put into effect, musculoskeletal prevention and control measures, procedures, practices and training for the health and safety of employees.
