New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
STS-1 Loop STS-1 Loop is a high-capacity digital transmission path with SONET VT1.5 mapping that is dedicated for the use of the ordering customer for the purpose of provisioning local exchange and associated exchange access services. It is a two-point digital transmission path which provides for simultaneous two-way transmission of serial bipolar return-to-zero synchronous digital electrical signals at a transmission rate of 51.84 Mbps. It may provide transport for twenty-eight (28) DS1 channels, each of which provides the digital equivalent of twenty-four (24) analog voice grade channels. The interface to unbundled dedicated STS-1 transport is a metallic-based electrical interface.
COVID-19 Vaccine Passports Pursuant to Texas Health and Safety Code, Section 161.0085(c), Contractor certifies that it does not require its customers to provide any documentation certifying the customer’s COVID-19 vaccination or post-transmission recovery on entry to, to gain access to, or to receive service from the Contractor’s business. Contractor acknowledges that such a vaccine or recovery requirement would make Contractor ineligible for a state-funded contract.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
FIPPA The HSP acknowledges that the LHIN is bound by FIPPA and that any information provided to the LHIN in connection with this Agreement may be subject to disclosure in accordance with FIPPA.
Wire Unbundled DS1 Digital Loop This is a designed 4-wire Loop that is provisioned according to industry standards for DS1 or Primary Rate ISDN services and will come standard with a test point, OC, and a DLR. A DS1 Loop may be provisioned over a variety of loop transmission technologies including copper, HDSL-based technology or fiber optic transport systems. It will include a 4-Wire DS1 Network Interface at the End User’s location.
Signaling Link Transport 9.2.1 Signaling Link Transport is a set of two or four dedicated 56 kbps transmission paths between Global Connection-designated Signaling Points of Interconnection that provide appropriate physical diversity.
DNS name server availability Refers to the ability of a public-‐DNS registered “IP address” of a particular name server listed as authoritative for a domain name, to answer DNS queries from an Internet user. All the public DNS-‐registered “IP address” of all name servers of the domain name being monitored shall be tested individually. If 51% or more of the DNS testing probes get undefined/unanswered results from “DNS tests” to a name server “IP address” during a given time, the name server “IP address” will be considered unavailable.
CONTRACT EXHIBIT I PREFERRED PRICING AFFIDAVIT This preferred-pricing affidavit is entered into in accordance with section 216.0113, F.S., and as required by Contract No. 80101507-21-STC-ITSA (“Contract”) between (“Contractor”) and the Department of Management Services. As the person authorized by Contractor to sign this affidavit, I attest that the Contractor is in full compliance with the preferred-pricing clause of the Contract. Contractor’s Name: By: Signature Printed Name/Title Date: STATE OF COUNTY OF Sworn to (or affirmed) and subscribed before me this day of , by Vendor Name: FEIN# Vendor’s Authorized Representative Name and Title: Address: City, State, and Zip code: Phone Number: ( ) - E-mail: CORPORATE SEAL (IF APPLICABLE) (Print, Type, or Stamp Commissioned Name of Notary Public) [Check One] Personally Known OR Produced the following I.D.
Please see the current Washtenaw Community College catalog for up-to-date program requirements Conditions & Requirements
