CONFIDENTIAL PORTIONS OMITTED AND FILED SEPARATELY WITH THE COMMISSION LICENSE AGREEMENT PAGE 7
Please see the current Washtenaw Community College catalog for up-to-date program requirements Conditions & Requirements
Enterprise Information Management Standards Grantee shall conform to HHS standards for data management as described by the policies of the HHS Office of Data, Analytics, and Performance. These include, but are not limited to, standards for documentation and communication of data models, metadata, and other data definition methods that are required by HHS for ongoing data governance, strategic portfolio analysis, interoperability planning, and valuation of HHS System data assets.
Summary of Policy and Prohibitions on Procurement Lobbying Pursuant to State Finance Law §139-j and §139-k, this Contract includes and imposes certain restrictions on communications between OGS and a Vendor during the procurement process. A Vendor is restricted from making contacts from the earliest notice of intent to solicit offers/bids through final award and approval of the Procurement Contract by OGS and, if applicable, the Office of the State Comptroller (“restricted period”) to other than designated staff unless it is a contact that is included among certain statutory exceptions set forth in State Finance Law §139-j(3)(a). Designated staff, as of the date hereof, is identified in Appendix G, Contractor and OGS Information, or as otherwise indicated by OGS. OGS employees are also required to obtain certain information when contacted during the restricted period and make a determination of the responsibility of the Vendor pursuant to these two statutes. Certain findings of non-responsibility can result in rejection for contract award and in the event of two findings within a four-year period; the Vendor is debarred from obtaining governmental Procurement Contracts. Further information about these requirements can be found on the OGS website: xxxx://xxx.xxx.xx.xxx/aboutOgs/regulations/defaultSFL_139j-k.asp.
Fire Safety Resident will not tamper with fire alarms, smoke detectors, fire extinguishers, fire hoses, or exit signs. Resident will promptly evacuate Residence Facility upon the sounding of an alarm or as otherwise directed by College Housing staff. Resident will participate in any periodic fire drill and fire safety training conducted by College for the Residence Facility.
CONFIDENTIAL PORTION OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION Schedule A to Arbitration Agreement
Public Safety The Permittee shall comply with the following provisions.
Public Works Installation work which is considered public works is excluded from purchase under this Contract. Historically, the New York State Bureau of Public Works has maintained that installation, maintenance, and repair of equipment attached to any wall, ceiling, or floor, or affixed by hard wiring or plumbing is public work. In contrast, installation of a piece of equipment which is portable or a “plug-in” free-standing unit would not be considered public work. Thus, this Contract does not authorize installation where the equipment becomes a permanent part of the building structure, or is otherwise incorporated into the fabric of the building (e.g. installation on a wall, ceiling, or floor in a fixed location, or affixed by hard-wiring or plumbing). See Xxxxxxxx X, §00 Prevailing Wage Rates – Public Works
Residence Community Living Standards The Residence Community Living Standards (“RCLS”) forms a part of this Agreement. It details the rights, responsibilities, and privileges of Residents as well as the residence conduct process. Each Resident is responsible for reading, understanding, and adhering to the terms outlined within the RCLS. The Manager and the Institution may amend the terms of the RCLS from time to time and may post the amendments in the Residence. Failure to abide by the RCLS may result in eviction from Residence and termination of this Agreement as per the violations and sanctions outlined in the RCLS, and as stated in section 8.01(d). The RCLS can be found online at: xxx.xxxxxxxxxxxxxxx.xx.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
