New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
CERTIFICATION OF NONSEGREGATED FACILITIES (Applicable to construction contracts exceeding $10,000) The Contractor certifies that it does not maintain or provide for its establishments, and that it does not permit employees to perform their services at any location, under its control, where segregated facilities are maintained. It certifies further that it will not maintain or provide for employees any segregated facilities at any of its establishments, and it will not permit employees to perform their services at any location under its control where segregated facilities are maintained. The Contractor agrees that a breach of this certification is a violation of the equal opportunity clause of this contract. As used in this certification, the term “segregated facilities” means any waiting rooms, work areas, rest rooms and wash rooms, restaurants and other eating areas, time clocks, locker rooms, and other storage or dressing areas, parking lots, drinking fountains, recreation or entertainment areas, transportation and housing facilities provided for employees which are segregated by explicit directive or are, in fact, segregated on the basis of race, color, religion, or national origin because of habit, local custom, or any other reason. The Contractor further agrees that (except where it has obtained for specific time periods) it will obtain identical certification from proposed subcontractors prior to the award of subcontracts exceeding $10,000 which are not exempt from the provisions of the equal opportunity clause; that it will retain such certifications in its files; and that it will forward the preceding notice to such proposed subcontractors (except where proposed subcontractors have submitted identical certifications for specific time periods).
Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.
City Requirements Design, construction, materials, sizing, other specifications, permitting, inspections, testing, documentation and furnishing of as-built drawings, and acceptance of completed infrastructure shall be in accordance with City Requirements. Design and construction shall be by professionals licensed in the state of North Carolina to do the relevant work. City approval of the design of the Improvements shall be required prior to construction, as set forth in City Requirements. If Developer is connecting to the County sewer system, the City may require Developer to furnish the contract providing for such connection.
Safety Requirements The Contractor shall comply with all Federal, State, and local safety laws and regulations applicable to the Work performed under this Agreement.
Facility Requirements 1. Maintain wheelchair accessibility to program activities according to governing law, including the Americans With Disabilities Act (ADA), as applicable.
2. Provide service site(s) that will promote attainment of Contractor’s program objectives. Arrange the physical environment to support those activities.
3. Decrease program costs when possible by procuring items at no cost from County surplus stores and by accepting delivery of such items by County.
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Minimum Condition and Warranty Requirements for TIPS Sales All goods quoted or sold through a TIPS Sale shall be new unless clearly stated otherwise in writing. All new goods and services shall include the applicable manufacturers minimum standard warranty unless otherwise agreed to in the Supplemental Agreement.
Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.
Health Care Accountability Ordinance If Administrative Code Chapter 12Q applies to this contract, Contractor shall comply with the requirements of Chapter 12Q. For each Covered Employee, Contractor shall provide the appropriate health benefit set forth in Section 12Q.3 of the HCAO. If Contractor chooses to offer the health plan option, such health plan shall meet the minimum standards set forth by the San Francisco Health Commission. Information about and the text of the Chapter 12Q, as well as the Health Commission’s minimum standards, is available on the web at xxxx://xxxxx.xxx/olse/hcao. Contractor is subject to the enforcement and penalty provisions in Chapter 12Q. Any Subcontract entered into by Contractor shall require any Subcontractor with 20 or more employees to comply with the requirements of the HCAO and shall contain contractual obligations substantially the same as those set forth in this Section.
