Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.
Workstation/Laptop encryption All workstations and laptops that process and/or store DHCS PHI or PI must be encrypted using a FIPS 140-2 certified algorithm which is 128bit or higher, such as Advanced Encryption Standard (AES). The encryption solution must be full disk unless approved by the DHCS Information Security Office.
Passwords Passwords are an important aspect of computer security. A poorly chosen password may result in unauthorized access and/or exploitation of Placer County’s resources. All users, including contractors and vendors with access to the County’s systems, are responsible for the creation and protection of passwords and additionally any updates to County Password policies must be followed. Users must not use the same password for Placer County accounts and personal accounts. The reliability of passwords for maintaining confidentiality cannot be guaranteed. Always assume that someone, in addition to the intended or designated recipient, may read any and all messages and files. Any user suspecting that his/her password may have been compromised must, without delay, report the incident to Placer County IT. 10.2.4.1 Passwords must never be shared or disclosed. If a password is accidentally exposed or suspected of exposure, the password should be changed immediately. 10.2.4.2 All passwords must be changed on a specified, periodic basis. 10.2.4.3 Default passwords provided by the vendor for access to applications/systems on the network must be changed to unique and secret passwords. 10.2.4.4 Immediately inform the Information Technology Service Desk when user accounts are no longer required or will not be used for a period of 30 days or more. 10.2.4.5 All accounts not used for 90 days will be automatically disabled.
Encryption The Fund acknowledges and agrees that encryption may not be available for every communication through the System, or for all data. The Fund agrees that Custodian may deactivate any encryption features at any time, without notice or liability to the Fund, for the purpose of maintaining, repairing or troubleshooting the System or the Software.
Device Data We may share certain personal information and device-identifying technical data about you and your devices with third party service providers, who will compare and add device data and fraud data from and about you to a database of similar device and fraud information in order to provide fraud management and prevention services, which include but are not limited to identifying and blocking access to the applicable service or Web site by devices associated with fraudulent or abusive activity. Such information may be used by us and our third party service providers to provide similar fraud management and prevention services for services or Web sites not provided by us. We will not share with service providers any information that personally identifies the user of the applicable device.
The Web Services E-Verify Employer Agent agrees to, consistent with applicable laws, regulations, and policies, commit sufficient personnel and resources to meet the requirements of this MOU.
Workstation Encryption Supplier will require hard disk encryption of at least 256-bit Advanced Encryption Standard (AES) on all workstations and/or laptops used by Personnel where such Personnel are accessing or processing Accenture Data.
Password To enable you, and only you, to use the Service, you will be asked to choose a password when you register and are accepted as a customer of the Service. This password is stored in encrypted form by us. You are responsible for maintaining the confidentiality of your Funds Transfer customer number and password. No one at OneUnited Bank has access to your Accounts passwords or user ID's. You are responsible for uses of the Service whether or not actually or expressly authorized by you. Therefore, it is important that you DO NOT SHARE YOUR ACCOUNT NUMBER OR PASSWORD WITH ANYONE FOR ANY REASON. No one at OneUnited Bank will know or need to know your password, and OneUnited Bank employees will never ask for your password. If you believe your password has been lost or stolen, or that someone has transferred or may transfer money from your Account without your permission, call: (877) ONE-UNITED or fax: (000) 000-0000, or e-mail: xxxxxxxxxxxxxxx@xxxxxxxxx.xxx, or write: Funds Transfer Administrator, OneUnited Bank 0000 Xxxxxxxx Xxxx, Los Angeles, CA, 90016. You agree to notify us AT ONCE if you believe your password has been lost or stolen. Telephoning us promptly is the best way to protect yourself from possible losses. If you never tell us, you could lose all of the money in your account (plus your maximum overdraft line of credit). However, if you tell us within 2 business days, you can lose no more than $50 if someone used your password without your permission. If you do NOT tell us within 2 business days after you learn of the loss or theft of your password, and we can prove we could have stopped someone from using your password without your permission if you had told us, you could lose as much as $500. You can see a complete statement of all your funds transfers effected or pending at any time by clicking on the History tab. If your statement shows transfers that you did not make, notify us AT ONCE. If you do not tell us within 60 days after the transfer was posted to your statement, you may not get back any money you lost after the 60 days, if we can prove that we could have stopped someone from taking the money if you had told us in time. If a good reason (such as a long trip or a hospital stay) kept you from telling us, we will extend the time periods.
Usernames and Passwords 1. Staff will not share usernames and passwords with anyone, including supervisors and technical support staff. 2. In the event that staff suspect their password is compromised or known to others, staff will change their password and notify their supervisor immediately.
Encrypt or Encryption As defined in the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule at 45 CFR 164.304, means the use of an algorithmic process to transform Personally Identifiable Information into an unusable, unreadable, or indecipherable form in which there is a low probability of assigning meaning without use of a confidential process or key.
