Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Quality Requirements Performance Indicator Heading Indicator (specific) Threshold Method of Measurement Frequency of monitoring Consequence of Breach
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.
Minimum Condition and Warranty Requirements for TIPS Sales All goods quoted or sold through a TIPS Sale shall be new unless clearly stated otherwise in writing. All new goods and services shall include the applicable manufacturers minimum standard warranty unless otherwise agreed to in the Supplemental Agreement.
SERVICE REQUIREMENTS FOR REFERRED CLIENTS A. Agent agrees to respond to any communications from a Referred Client within two (2) hours after receipt if such communication is received between 9:00am to 5:00pm local time. For communications received outside of these hours, Agent agrees to respond by 10:00am the next day.
B. Agent agrees to update XXXX.xxx with status updates within 48 hours after initial communication with a Referred Client and upon every significant status change until closing or abandoned. Updates shall be made by Agent via email to xxxxxxxxxxxx@xxxx.xxx.
C. Vacations or extended absences shall be reported, with length of pause, to XXXX.xxx via email to
D. Agent will not add Referred Client to any email list or calling list without the express permission of Referred Client.
E. Agent agrees XXXX.xxx has the right to survey the Referred Client at any time.
F. If Agent is contacted by a Referred Client that Agent is unwilling or unable to assist, Agent shall direct such Referred Client back to XXXX.xxx for assistance and notify XXXX.xxx at xxxxxxxxxxxx@xxxx.xxx.
G. Agent agrees that XXXX.xxx has no obligation to provide Agent with any number of referrals and that prospective clients are free to select the agent they wish to work with for any particular real estate transaction.
Minimum Shipping Requirements for TIPS Sales Vendor shall ship, deliver, or provide ordered goods and services within a commercially reasonable time after acceptance of the order. If a delay in delivery is anticipated, Vendor shall notify the TIPS Member as to why delivery is delayed and provide an updated estimated time for completion. The TIPS Member may cancel the order if the delay is not commercially acceptable or not consistent with the Supplemental Agreement applicable to the order.
Minimum Site Requirements for TIPS Sales (when applicable to TIPS Sale). Cleanup: When performing work on site at a TIPS Member’s property, Vendor shall clean up and remove all debris and rubbish resulting from their work as required or directed by the TIPS Member or as agreed by the parties. Upon completion of work, the premises shall be left in good repair and an orderly, neat, clean and unobstructed condition. Preparation: Vendor shall not begin a project for which a TIPS Member has not prepared the site, unless Vendor does the preparation work at no cost, or until TIPS Member includes the cost of site preparation in the TIPS Sale Site preparation includes, but is not limited to: moving furniture, installing wiring for networks or power, and similar pre‐installation requirements. Registered Sex Offender Restrictions: For work to be performed at schools, Vendor agrees that no employee of Vendor or a subcontractor who has been adjudicated to be a registered sex offender will perform work at any time when students are, or reasonably expected to be, present unless otherwise agreed by the TIPS Member. Vendor agrees that a violation of this condition shall be considered a material breach and may result in the cancellation of the TIPS Sale at the TIPS Member’s discretion. Vendor must identify any additional costs associated with compliance of this term. If no costs are specified, compliance with this term will be provided at no additional charge. Safety Measures: Vendor shall take all reasonable precautions for the safety of employees on the worksite, and shall erect and properly maintain all necessary safeguards for protection of workers and the public. Vendor shall post warning signs against all hazards created by the operation and work in progress. Proper precautions shall be taken pursuant to state law and standard practices to protect workers, general public and existing structures from injury or damage. Smoking: Persons working under Agreement shall adhere to the TIPS Member’s or local smoking statutes, codes, ordinances, and policies.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
