FIPPA The HSP acknowledges that the LHIN is bound by FIPPA and that any information provided to the LHIN in connection with this Agreement may be subject to disclosure in accordance with FIPPA.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Federal Water Pollution Control Act The contractor agrees to comply with all applicable standards, orders, or regulations issued pursuant to the Federal Water Pollution Control Act, as amended, 33 U.S.C. 1251 et seq.
Anti-Money Laundering and Red Flag Identity Theft Prevention Programs The Trust acknowledges that it has had an opportunity to review, consider and comment upon the written procedures provided by USBFS describing various tools used by USBFS which are designed to promote the detection and reporting of potential money laundering activity and identity theft by monitoring certain aspects of shareholder activity as well as written procedures for verifying a customer’s identity (collectively, the “Procedures”). Further, the Trust and USBFS have each determined that the Procedures, as part of the Trust’s overall Anti-Money Laundering Program and Red Flag Identity Theft Prevention Program, are reasonably designed to: (i) prevent each Fund from being used for money laundering or the financing of terrorist activities; (ii) prevent identity theft; and (iii) achieve compliance with the applicable provisions of the Bank Secrecy Act, Fair and Accurate Credit Transactions Act of 2003 and the USA Patriot Act of 2001 and the implementing regulations thereunder. Based on this determination, the Trust hereby instructs and directs USBFS to implement the Procedures on the Trust’s behalf, as such may be amended or revised from time to time. It is contemplated that these Procedures will be amended from time to time by the parties as additional regulations are adopted and/or regulatory guidance is provided relating to the Trust’s anti-money laundering and identity theft responsibilities. USBFS agrees to provide to the Trust:
(a) Prompt written notification of any transaction or combination of transactions that USBFS believes, based on the Procedures, evidence money laundering or identity theft activities in connection with the Trust or any Fund shareholder;
(b) Prompt written notification of any customer(s) that USBFS reasonably believes, based upon the Procedures, to be engaged in money laundering or identity theft activities, provided that the Trust agrees not to communicate this information to the customer;
(c) Any reports received by USBFS from any government agency or applicable industry self-regulatory organization pertaining to USBFS’ Anti-Money Laundering Program or the Red Flag Identity Theft Prevention Program on behalf of the Trust;
(d) Prompt written notification of any action taken in response to anti-money laundering violations or identity theft activity as described in (a), (b) or (c) immediately above; and
(e) Certified annual and quarterly reports of its monitoring and customer identification activities pursuant to the Procedures on behalf of the Trust. The Trust hereby directs, and USBFS acknowledges, that USBFS shall (i) permit federal regulators access to such information and records maintained by USBFS and relating to USBFS’ implementation of the Procedures, on behalf of the Trust, as they may request, and (ii) permit such federal regulators to inspect USBFS’ implementation of the Procedures on behalf of the Trust.
FEDERAL ACQUISITION REGULATION CONTRACT CLAUSES 52.246-02 INSPECTION OF SUPPLIES -- FIXED-PRICE (AUG 1996) 52.246-02 INSPECTION OF SUPPLIES -- FIXED-PRICE (AUG 1996) - ALTERNATE I (JUL 1985) 52.246-02 INSPECTION OF SUPPLIES -- FIXED-PRICE (AUG 1996) - ALTERNATE II (JUL 1985) 52.246-03 INSPECTION OF SUPPLIES -- COST-REIMBURSEMENT (MAY 2001) 52.246-04 INSPECTION OF SERVICES -- FIXED-PRICE (AUG 1996) 52.246-05 INSPECTION OF SERVICES -- COST-REIMBURSEMENT (APR 1984) 52.246-06 INSPECTION -- TIME-AND-MATERIAL AND LABOR-HOUR (MAY 2001) 52.246-06 INSPECTION -- TIME-AND-MATERIAL AND LABOR-HOUR (MAY 2001) - ALTERNATE I (APR 1984) 52.246-15 CERTIFICATE OF CONFORMANCE (APR 1984) 52.246-16 RESPONSIBILITY FOR SUPPLIES (APR 1984)
Joint Funded Project with the Ohio Department of Transportation In the event that the Recipient does not have contracting authority over project engineering, construction, or right-of-way, the Recipient and the OPWC hereby assign certain responsibilities to the Ohio Department of Transportation, an authorized representative of the State of Ohio. Notwithstanding Sections 4, 6(a), 6(b), 6(c), and 7 of the Project Agreement, Recipient hereby acknowledges that upon notification by the Ohio Department of Transportation, all payments for eligible project costs will be disbursed by the Grantor directly to the Ohio Department of Transportation. A Memorandum of Funds issued by the Ohio Department of Transportation shall be used to certify the estimated project costs. Upon receipt of a Memorandum of Funds from the Ohio Department of Transportation, the OPWC shall transfer funds directly to the Ohio Department of Transportation via an Intra- State Transfer Voucher. The amount or amounts transferred shall be determined by applying the Participation Percentages defined in Appendix D to those eligible project costs within the Memorandum of Funds. In the event that the Project Scope is for right-of-way only, notwithstanding Appendix D, the OPWC shall pay for 100% of the right-of-way costs not to exceed the total financial assistance provided in Appendix C.
CERTIFICATION REGARDING CERTAIN FOREIGN-OWNED COMPANIES IN CONNECTION WITH CRITICAL INFRASTRUCTURE (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree to the following required by Texas law as of September 1, 2021: Proposing Company is prohibited from entering into a contract or other agreement relating to critical infrastructure that would grant to the company direct or remote access to or control of critical infrastructure in this state, excluding access specifically allowed by the Proposing Company for product warranty and support purposes. Company, certifies that neither it nor its parent company nor any affiliate of company or its parent company, is (1) owned by or the majority of stock or other ownership interest of the company is held or controlled by individuals who are citizens of China, Iran, North Korea, Russia, or a designated country; (2) a company or other entity, including governmental entity, that is owned or controlled by citizens of or is directly controlled by the government of China, Iran, North Korea, Russia, or a designated country; or (3) headquartered in China, Iran, North Korea, Russia, or a designated country. For purposes of this contract, “critical infrastructure” means “a communication infrastructure system, cybersecurity system, electric grid, hazardous waste treatment system, or water treatment facility.” See Tex. Gov’t Code § 2274.0101(2) of SB 1226 (87th leg.). The company verifies and certifies that company will not grant direct or remote access to or control of critical infrastructure, except for product warranty and support purposes, to prohibited individuals, companies, or entities, including governmental entities, owned, controlled, or headquartered in China, Iran, North Korea, Russia, or a designated country, as determined by the Governor.
Family Educational Rights and Privacy Act The Charter School is subject to all provisions of the Federal Family Educational Rights and Privacy Act, 20 U.S.C. § 1232g. In the event the Charter School closes, it shall transmit all official student records in the manner prescribed by the State Board.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
CLEAN AIR ACT AND THE FEDERAL WATER POLLUTION CONTROL ACT (a) If the Sub-Recipient, with the funds authorized by this Agreement, enters into a contract that exceeds $150,000, then any such contract must include the following provision: Contractor agrees to comply with all applicable standards, orders or regulations issued pursuant to the Clean Air Act (42 U.S.C. 7401-7671q) and the Federal Water Pollution Control Act as amended (33 U.S.C. 1251-1387), and will report violations to FEMA and the Regional Office of the Environmental Protection Agency (EPA).
