New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Proposed Policies and Procedures Regarding New Online Content and Functionality By October 31, 2017, the School will submit to OCR for its review and approval proposed policies and procedures (“the Plan for New Content”) to ensure that all new, newly-added, or modified online content and functionality will be accessible to people with disabilities as measured by conformance to the Benchmarks for Measuring Accessibility set forth above, except where doing so would impose a fundamental alteration or undue burden.
a) When fundamental alteration or undue burden defenses apply, the Plan for New Content will require the School to provide equally effective alternative access. The Plan for New Content will require the School, in providing equally effective alternate access, to take any actions that do not result in a fundamental alteration or undue financial and administrative burdens, but nevertheless ensure that, to the maximum extent possible, individuals with disabilities receive the same benefits or services as their nondisabled peers. To provide equally effective alternate access, alternates are not required to produce the identical result or level of achievement for persons with and without disabilities, but must afford persons with disabilities equal opportunity to obtain the same result, to gain the same benefit, or to reach the same level of achievement, in the most integrated setting appropriate to the person’s needs.
b) The Plan for New Content must include sufficient quality assurance procedures, backed by adequate personnel and financial resources, for full implementation. This provision also applies to the School’s online content and functionality developed by, maintained by, or offered through a third-party vendor or by using open sources.
c) Within thirty (30) days of receiving OCR’s approval of the Plan for New Content, the School will officially adopt, and fully implement the amended policies and procedures.
CFR Part 200 or Federal Provision - Xxxx Anti-Lobbying Amendment - Continued If you answered "No, Vendor does not certify - Lobbying to Report" to the above attribute question, you must download, read, execute, and upload the attachment entitled "Disclosure of Lobbying Activities - Standard Form - LLL", as instructed, to report the lobbying activities you performed or paid others to perform. Compliance with all applicable standards, orders, or requirements issued under section 306 of the Clean Air Act (42 U.S.C. 1857(h)), section 508 of the Clean Water Act (33 U.S.C. 1368), Executive Order 11738, and Environmental Protection Agency regulations (40 CFR part 15). (Contracts, subcontracts, and subgrants of amounts in excess of $100,000) Pursuant to the above, when federal funds are expended by ESC Region 8 and TIPS Members, ESC Region 8 and TIPS Members requires the proposer certify that in performance of the contracts, subcontracts, and subgrants of amounts in excess of $250,000, the vendor will be in compliance with all applicable standards, orders, or requirements issued under section 306 of the Clean Air Act (42 U.S.C. 1857(h)), section 508 of the Clean Water Act (33 U.S.C. 1368), Executive Order 11738, and Environmental Protection Agency regulations (40 CFR part 15). Does vendor certify compliance? Yes
Please see the current Washtenaw Community College catalog for up-to-date program requirements Conditions & Requirements
Provisions governing staff and subcontractors A. To require any subcontractor to execute documents that binds the subcontractor to comply with the provisions of this Contract. Subcontractor means an individual or entity to which the Contractor has contracted with or delegated some of its management functions or responsibilities of providing all or a part of the services required of the Contractor under this Contract.
B. That it is responsible for the behavior of its staff and subcontractors to ensure a violence-free contractual relationship. The Contractor understands that any remarks, gestures or actions toward HHSC employees, volunteers or clients that carry an implied threat of any kind, even if intended to be in jest, will be taken seriously and may lead to corrective action, up to and including terminating this contractor.
C. To comply with the requirements of the Immigration Reform and Control Act of 1986 regarding employment verification and retention of verification forms for an individual hired on or after November 6, 1986, who will perform any labor or services under this Contract.
D. To certify and ensure that it utilizes and will continue to utilize, for the term of this Contract, the U. S. Department of Homeland Security's e- Verify system to determine the eligibility of:
1. all people employed during the Contract term to perform duties within Texas; and
2. all people (including subcontractors).
E. That representatives of HHSC, AG-MFCU and HHS may conduct interviews of Contractor personnel, subcontractors and their personnel, witnesses, and clients without a Contractor's representative present unless the person interviewed voluntarily requests that the representative be present. The Contractor must not coerce its personnel, subcontractors and their personnel, witnesses, or clients to accept representation by the Contractor, and the Contractor agrees that no retaliation will occur to a person who denies the Contractor's offer of representation. Nothing in the Contract limits a person's right to counsel of his or her choice. Requests for interviews are to be complied with in the form and the manner requested. The Contractor must ensure by contract or other means that its personnel and subcontractors cooperate fully in any investigation conducted by representatives of HHSC, AG-MFCU and HHS.
F. That if it is a Home and Community Support Services agency ("HCSSA"), the Contractor will hire Personal Assistance Services and Community Support Services providers chosen by the client or the client's legally authorized representative, if requested, and provided the individual who will provide the services:
1. meets minimum qualifications for the service;
2. is willing to be employed as an attendant by the Contractor; and
3. is willing, and determined competent by the Contractor, to deliver the service(s) according to the client's individual service plan.
Enterprise Information Management Standards Grantee shall conform to HHS standards for data management as described by the policies of the HHS Office of Data, Analytics, and Performance. These include, but are not limited to, standards for documentation and communication of data models, metadata, and other data definition methods that are required by HHS for ongoing data governance, strategic portfolio analysis, interoperability planning, and valuation of HHS System data assets.
Management; Community Policies Owner may retain employees and management agents from time to time to manage the Property, and Owner’s agent may retain other employees or contractors. Resident, on behalf of himself or herself and his or her Guests, agrees to comply fully with all directions from Owner and its employees and agents, and the rules and regulations (including all amendments and additions thereto, except those that substantially modify the Resident’s bargain and to which Resident timely objects) as contained in this Agreement and the Community Policies of the Property. The Community Policies are available at xxxxx://xxxxxxxxxxxxxx.xxx/policies.pdf or on request from the management office and are considered part of this Agreement.
Lobbying Activities - Standard Form - LLL No response Do not upload this form unless Vendor has reportable lobbying activities. There are Attributes entitled, “2 CFR Part 200 or Federal Provision - Xxxx Anti-Lobbying Amendment – Continued.” Properly respond to those Attributes and only upload this form if applicable/instructed. If upload is required based on your response to those Attributes, the Disclosure of Lobbying Activities – Standard Form - LLL must be downloaded from the “Attachments” section of the IonWave eBid System, reviewed, properly completed, and uploaded to this location.
Vendor Logo (Supplemental Vendor Information Only) No response Optional. If Vendor desires that their logo be displayed on their public TIPS profile for TIPS and TIPS Member viewing, Vendor may upload that logo at this location. These supplemental documents shall not be considered part of the TIPS Contract. Rather, they are Vendor Supplemental Information for marketing and informational purposes only. Some participating public entities are required to seek Disadvantaged/Minority/Women Business & Federal HUBZone ("D/M/WBE/Federal HUBZone") vendors. Does Vendor certify that their entity is a D/M/WBE/Federal HUBZone vendor? If you respond "Yes," you must upload current certification proof in the appropriate "Response Attachments" location. NO Some participating public entities are required to seek Historically Underutilized Business (HUB) vendors as defined by the Texas Comptroller of Public Accounts Statewide HUB Program. Does Vendor certify that their entity is a HUB vendor? If you respond "Yes," you must upload current certification proof in the appropriate "Response Attachments" location. No Can the Vendor provide its proposed goods and services to all 50 US States? Yes
Amendments and Supplements to Permitted Section 5(d) Communications If at any time following the distribution of any Permitted Section 5(d) Communication, there occurred or occurs an event or development as a result of which such Permitted Section 5(d) Communication included or would include an untrue statement of a material fact or omitted or would omit to state a material fact necessary in order to make the statements therein, in the light of the circumstances existing at that subsequent time, not misleading, the Company will promptly notify the Representatives and will promptly amend or supplement, at its own expense, such Permitted Section 5(d) Communication to eliminate or correct such untrue statement or omission.
