Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.
Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.
Restricted Global Security to Regulation S Global Security If a holder of a beneficial interest in a Restricted Global Security deposited with or on behalf of DTC wishes at any time to exchange its interest in such Restricted Global Security for an interest in a Regulation S Global Security, or to transfer its interest in such Restricted Global Security to a Person who wishes to take delivery thereof in the form of an interest in a Regulation S Global Security, such holder, provided such holder is not a U.S. person, may, subject to the rules and procedures of DTC, exchange or cause the exchange of such interest for an equivalent beneficial interest in the Regulation S Global Security. Upon receipt by the Trustee, as Certificate Registrar, of (I) instructions from DTC directing the Trustee, as Certificate Registrar, to be credited a beneficial interest in a Regulation S Global Security in an amount equal to the beneficial interest in such Restricted Global Security to be exchanged but not less than the minimum denomination applicable to such holder’s Certificates held through a Regulation S Global Security, (II) a written order given in accordance with DTC’s procedures containing information regarding the participant account of DTC and, in the case of a transfer pursuant to and in accordance with Regulation S, the Euroclear or Clearstream account to be credited with such increase and (III) a certificate in the form of Exhibit N-1 hereto given by the holder of such beneficial interest stating that the exchange or transfer of such interest has been made in compliance with the transfer restrictions applicable to the Global Securities, including that the holder is not a U.S. person, and pursuant to and in accordance with Regulation S, the Trustee, as Certificate Registrar, shall reduce the principal amount of the Restricted Global Security and increase the principal amount of the Regulation S Global Security by the aggregate principal amount of the beneficial interest in the Restricted Global Security to be exchanged, and shall instruct Euroclear or Clearstream, as applicable, concurrently with such reduction, to credit or cause to be credited to the account of the Person specified in such instructions a beneficial interest in the Regulation S Global Security equal to the reduction in the principal amount of the Restricted Global Security.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
Regulation S Global Security to Restricted Global Security If a holder of a beneficial interest in a Regulation S Global Security deposited with or on behalf of DTC wishes at any time to transfer its interest in such Regulation S Global Security to a Person who wishes to take delivery thereof in the form of an interest in a Restricted Global Security, such holder may, subject to the rules and procedures DTC, exchange or cause the exchange of such interest for an equivalent beneficial interest in a Restricted Global Security. Upon receipt by the Trustee, as Certificate Registrar, of (I) instructions from DTC directing the Trustee, as Certificate Registrar, to cause to be credited a beneficial interest in a Restricted Global Security in an amount equal to the beneficial interest in such Regulation S Global Security to be exchanged but not less than the minimum denomination applicable to such holder’s Certificates held through a Restricted Global Security, to be exchanged, such instructions to contain information regarding the participant account with DTC to be credited with such increase, and (II) a certificate in the form of Exhibit N-2 hereto given by the holder of such beneficial interest and stating, among other things, that the Person transferring such interest in such Regulation S Global Security reasonably believes that the Person acquiring such interest in a Restricted Global Security is a QIB, is obtaining such beneficial interest in a transaction meeting the requirements of Rule 144A and in accordance with any applicable securities laws of any State of the United States or any other jurisdiction, then the Trustee, as Certificate Registrar, will reduce the principal amount of the Regulation S Global Security and increase the principal amount of the Restricted Global Security by the aggregate principal amount of the beneficial interest in the Regulation S Global Security to be transferred and the Trustee, as Certificate Registrar, shall instruct DTC, concurrently with such reduction, to credit or cause to be credited to the account of the Person specified in such instructions a beneficial interest in the Restricted Global Security equal to the reduction in the principal amount of the Regulation S Global Security.
Password Security You are responsible for maintaining adequate security and control of any and all User IDs, Passwords, hints, personal identification numbers (PINs), or any other codes that you use to access the Account. Do not discuss, compare, or share information about your account number or password unless you are willing to give them full use of your money. Any loss or compromise of the foregoing information and/or your personal information may result in unauthorized access to your Account by third-parties and the loss or theft of any funds held in your Account and any associated accounts, including your Account. Checks and electronic withdrawals are processed by automated methods, and anyone who obtains your account number or access device could use it to withdraw money from your account, with or without your permission. You are responsible for keeping your email address and telephone number up to date in order to receive any notices or alerts that we may send you. We assume no responsibility for any loss that you may sustain due to compromise of your account login credentials due to no fault of ours and/or your failure to follow or act on any notices or alerts that we may send to you. If you believe your Account information has been compromised, or that someone has transferred or may transfer money from your account without your permission, contact us immediately, through Synapse, at xxxx@xxxxxxxxx.xxx or call at +0(000) 000-0000. You agree to promptly review all Account and transaction records and other Communications that we make available to you and to promptly report any discrepancy to us.
Safety and Security Procedures Contractor shall maintain and enforce, at the Contractor Work Locations, industry-standard safety and physical security policies and procedures. While at each Court Work Location, Contractor shall comply with the safety and security policies and procedures in effect at such Court Work Location.
Regulation RR Risk Retention Ford Credit, as Sponsor, and the Depositor agree that (i) Ford Credit will cause the Depositor to, and the Depositor will, retain the Residual Interest on the Closing Date and (ii) Ford Credit will not permit the Depositor to, and the Depositor will not, sell, transfer, finance or hedge the Residual Interest except as permitted by Regulation RR.
Operator’s Security Contact Information Xxxxxxx X. Xxxxxxx Named Security Contact xxxxxxxx@xxxxxxxxx.xxx Email of Security Contact (000) 000-0000 Phone Number of Security Contact
