Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Musculoskeletal Injury Prevention and Control The hospital in consultation with the Joint Health and Safety Committee (JHSC) shall develop, establish and put into effect, musculoskeletal prevention and control measures, procedures, practices and training for the health and safety of employees.
Contractor Sales Reporting Vendor Management Fee Contractor Reports Master Contract Sales Reporting. Contractor shall report total Master Contract sales quarterly to Enterprise Services, as set forth below. Master Contract Sales Reporting System. Contractor shall report quarterly Master Contract sales in Enterprise Services’ Master Contract Sales Reporting System. Enterprise Services will provide Contractor with a login password and a vendor number. The password and vendor number will be provided to the Sales Reporting Representative(s) listed on Contractor’s Bidder Profile. Data. Each sales report must identify every authorized Purchaser by name as it is known to Enterprise Services and its total combined sales amount invoiced during the reporting period (i.e., sales of an entire agency or political subdivision, not its individual subsections). The “Miscellaneous” option may be used only with prior approval by Enterprise Services. Upon request, Contractor shall provide contact information for all authorized purchasers specified herein during the term of the Master Contract. If there are no Master Contract sales during the reporting period, Contractor must report zero sales. Due dates for Master Contract Sales Reporting. Quarterly Master Contract Sales Reports must be submitted electronically by the following deadlines for all sales invoiced during the applicable calendar quarter: March 31: April 30 June 30: July 31 September 30: October 31 December 31: January 31 Vendor Management Fee. Contractor shall pay to Enterprise Services a vendor management fee (“VMF”) of 1.50 percent on the purchase price for all Master Contract sales (the purchase price is the total invoice price less applicable sales tax). The sum owed by Contractor to Enterprise Services as a result of the VMF is calculated as follows: Amount owed to Enterprise Services = Total Master Contract sales invoiced (not including sales tax) x .0150. The VMF must be rolled into Contractor’s current pricing. The VMF must not be shown as a separate line item on any invoice unless specifically requested and approved by Enterprise Services. Enterprise Services will invoice Contractor quarterly based on Master Contract sales reported by Contractor. Contractors are not to remit payment until they receive an invoice from Enterprise Services. Contractor’s VMF payment to Enterprise Services must reference this Master Contract number, work request number (if applicable), the year and quarter for which the VMF is being remitted, and the Contractor’s name as set forth in this Master Contract, if not already included on the face of the check. Failure to accurately report total net sales, to submit a timely usage report, or remit timely payment of the VMF, may be cause for Master Contract termination or the exercise of other remedies provided by law. Without limiting any other available remedies, the Parties agree that Contractor’s failure to remit to Enterprise Services timely payment of the VMF shall obligate Contractor to pay to Enterprise Services, to offset the administrative and transaction costs incurred by the State to identify, process, and collect such sums. The sum of $200.00 or twenty-five percent (25%) of the outstanding amount, whichever is greater, or the maximum allowed by law, if less. Enterprise Services reserves the right, upon thirty (30) days advance written notice, to increase, reduce, or eliminate the VMF for subsequent purchases, and reserves the right to renegotiate Master Contract pricing with Contractor when any subsequent adjustment of the VMF might justify a change in pricing. Annual Master Contract Sales Report. Upon request, Contractor shall provide to Enterprise Services a detailed annual Master Contract sales report. Such report shall include, at a minimum: Product description, part number or other Product identifier, per unit quantities sold, and Master Contract price. This report must be provided in an electronic format that can be read by compatible with MS Excel. Small Business Inclusion. Upon Request by Enterprise Services, Contractor shall provide, within thirty (30) days, an Affidavit of Amounts Paid. Such Affidavit of Amounts Paid either shall state, if applicable, that Contractor still maintains its MWBE certification or state that its subcontractor(s) still maintain(s) its/their MWBE certification(s) and specify the amounts paid to each certified MWBE subcontractor under this Master Contract. Contractor shall maintain records supporting the Affidavit of Amounts Paid in accordance with this Master Contract’s records retention requirements.
Course Curriculum, Instruction, and Grading X. Xxxx College courses offered as dual credit, regardless of where they are taught, follow the same syllabus, course outline, textbook, grading method, and other academic policies as the courses outlined in the Hill College catalog.
B. Approved courses being taught for dual credit must follow the approved master syllabus of the discipline and of Hill College.
C. Textbooks should be identical to those approved for use by Hill College. Should an instructor propose an alternative textbook, the textbook must be approved in advance by the appropriate instructional department of Hill College and the Vice President of Instruction. Other instructional materials for dual credit/concurrent courses must be identical or at an equivalent level to materials used by Hill College.
D. Courses which result in college‐level credit will follow the standard grading practices of Hill College, as identified by college policy and as identified in the appropriately approved course syllabus. The grades used in college records are A (excellent), B (above average), C (average), D (below average), F (failure), I (incomplete), W (withdrawn), WC (withdrawn COVID). The lowest passing grade is D. Grade point averages are computed by assigning values to each grade as follows: A = 4 points, B = 3 points, C = 2 points, D = 1 point, and F = 0 points. Grading criteria may be devised by Hill College and the ISD to allow faculty the opportunity to award high school credit only or high school and college credit depending upon student performance.
E. Faculty, who are responsible for teaching dual credit/concurrent classes, are responsible for keeping appropriate records, certifying census date rosters, providing interim grade reports, certifying final grade reports at the end of the semester, certifying attendance, and providing other reports and information as may be required by Hill College and/or the School District.
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Quality Assurance/Quality Control Contractor shall establish and maintain a quality assurance/quality control program which shall include procedures for continuous control of all construction and comprehensive inspection and testing of all items of Work, including any Work performed by Subcontractors, so as to ensure complete conformance to the Contract with respect to materials, workmanship, construction, finish, functional performance, and identification. The program established by Contractor shall comply with any quality assurance/quality control requirements incorporated in the Contract.
Administrative Support Service Fees Within forty-five (45) days of the end of each calendar quarter, the Fund will make payments in the aggregate amount of 0.0625% (0.25% on an annual basis) of the average during that calendar quarter of the aggregate net asset value of the Shares computed as of the close of each business day (the "Service Fee"). Such Service Fee payments received from the Fund will compensate the Distributor for providing administrative support services with respect to Accounts. The administrative support services in connection with Accounts may include, but shall not be limited to, the administrative support services that a Recipient may render as described in Section 3(b)(i) below.
Research Use Reporting To assure adherence to NIH GDS Policy, the PI agrees to provide annual Progress Updates as part of the annual Project Renewal or Project Close-out processes, prior to the expiration of the one (1) year data access period. The PI who is seeking Renewal or Close-out of a project agree to complete the appropriate online forms and provide specific information such as how the data have been used, including publications or presentations that resulted from the use of the requested dataset(s), a summary of any plans for future research use (if the PI is seeking renewal), any violations of the terms of access described within this Agreement and the implemented remediation, and information on any downstream intellectual property generated from the data. The PI also may include general comments regarding suggestions for improving the data access process in general. Information provided in the progress updates helps NIH evaluate program activities and may be considered by the NIH GDS governance committees as part of NIH’s effort to provide ongoing stewardship of data sharing activities subject to the NIH GDS Policy.
Compliance Support Services Provide compliance policies and procedures related to services provided by BNY Mellon and, if mutually agreed, certain of the BNY Mellon Affiliates; summary procedures thereof; and periodic certification letters. · Such Compliance Support Services are administrative in nature and do not constitute, nor shall they be construed as constituting, legal advice or the provision of legal services for or on behalf of a Fund or any other person, and such services are subject to review and approval by the applicable Fund and by the Fund’s legal counsel. · Provide access to Fund records so as to permit the Fund or TRP to test the performance of BNY Mellon in providing the services under this Agreement. · Such Compliance Support Services performed by BNY Mellon under this Agreement shall be at the request and direction of the Fund and/or its chief compliance officer (the “Fund’s CCO”), as applicable. BNY Mellon disclaims liability to the Fund, and the Fund is solely responsible, for the selection, qualifications and performance of the Fund’s CCO and the adequacy and effectiveness of the Fund’s compliance program.
