Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.
Data Access Control Persons entitled to use data processing systems gain access only to the Personal Data that they have a right to access, and Personal Data must not be read, copied, modified or removed without authorization in the course of processing, use and storage.
Data Access Access to Contract and State Data The Contractor shall provide to the Client Agency access to any data, as defined in Conn. Gen Stat. Sec. 4e-1, concerning the Contract and the Client Agency that are in the possession or control of the Contractor upon demand and shall provide the data to the Client Agency in a format prescribed by the Client Agency and the State Auditors of Public Accounts at no additional cost.
Data Use Each party may use Connected Account Data in accordance with this Agreement and the consent (if any) each obtains from each Connected Account. This consent includes, as to Stripe, consent it receives via the Connected Account Agreement.
STATEWIDE CONTRACT MANAGEMENT SYSTEM If the maximum amount payable to Contractor under this Contract is $100,000 or greater, either on the Effective Date or at any time thereafter, this section shall apply. Contractor agrees to be governed by and comply with the provisions of §§00-000-000, 00-000-000, 00-000-000, and 00- 000-000, C.R.S. regarding the monitoring of vendor performance and the reporting of contract information in the State’s contract management system (“Contract Management System” or “CMS”). Contractor’s performance shall be subject to evaluation and review in accordance with the terms and conditions of this Contract, Colorado statutes governing CMS, and State Fiscal Rules and State Controller policies.
Data Access Services State Street agrees to make available to the Fund the Data Access Services subject to the terms and conditions of this Addendum and such data access operating standards and procedures as may be issued by State Street from time to time. The Fund shall be able to access the System to (i) originate electronic instructions to State Street in order to (a) effect the transfer or movement of cash or securities held under custody by State Street or (b) transmit accounting or other information (the transactions described in (i)(a) and (i)(b) above are referred to herein as “Client Originated Electronic Financial Instructions”), and (ii) access data for the purpose of reporting and analysis, which shall all be deemed to be Data Access Services for purposes of this Addendum.
System and Data Access Services a. System. Subject to the terms and conditions of this Addendum and solely for the purpose of providing access to Fund Data as set forth herein, State Street hereby agrees to provide the Fund, or certain third parties approved by State Street that serve as the Fund`s investment advisors, investment managers or fund accountants (the "Fund Accountants") or as the Fund`s independent auditors (the "Auditor"), with access to State Street`s Multicurrency HORIZONR Accounting System and the other information systems described in Attachment A (collectively, the "System") on a remote basis solely on the computer hardware, system software and telecommunication links described in Attachment B (the "Designated Configuration") or on any designated substitute or back-up equipment configuration consented to in writing by State Street, such consent not to be unreasonably withheld.
Data Storage Where required by applicable law, Student Data shall be stored within the United States. Upon request of the LEA, Provider will provide a list of the locations where Student Data is stored.
Meteorological Data Reporting Requirement (Applicable to wind generation facilities only)
Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
