Hosted and Personal Data Requirements
Hosted and Personal Data Requirements Sample Clauses
Related to Hosted and Personal Data Requirements
Data Requirements • The data referred to in this document are encounter data – a record of health care services, health conditions and products delivered for Massachusetts Medicaid managed care beneficiaries. An encounter is defined as a visit with a unique set of services/procedures performed for an eligible recipient. Each service should be documented on a separate encounter claim detail line completed with all the data elements including date of service, revenue and/or procedure code and/or NDC number, units, and MCE payments/cost of care for a service or product. • All encounter claim information must be for the member identified on the claim by Medicaid ID. Claims must not be submitted with another member’s identification (e.g., xxxxxxx claims must not be submitted under the Mom’s ID). • All claims should reflect the final status of the claim on the date it is pulled from the MCE’s Data Warehouse. • For MassHealth, only the latest version of the claim line submitted to MassHealth is “active”. Previously submitted versions of claim lines get offset (no longer “active” with MassHealth) and payments are not netted. • An encounter is a fully adjudicated service (with all associated claim lines) where the MCE incurred the cost either through direct payment or sub-contracted payment. Generally, at least one line would be adjudicated as “paid”. All adjudicated claims must have a complete set of billing codes. There may also be fully adjudicated claims where the MCE did not incur a cost but would otherwise like to inform MassHealth of covered services provided to Enrollees/Members, such as for quality measure reporting (e.g., CPT category 2 codes for A1c lab tests and care/patient management). • All claim lines should be submitted for each Paid claim, including zero paid claim lines (e.g., bundled services paid at an encounter level and patient copays that exceeded the fee schedule). Denied lines should not be included in the Paid submission. Submit one encounter record/claim line for each service performed (i.e., if a claim consisted of five services or products, each service should have a separate encounter record). Pursuant to contract, an encounter record must be submitted for all covered services provided to all enrollees. Payment amounts must be greater than or equal to zero. There should not be negative payments, including on voided claim lines. • Records/services of the same encounter claim must be submitted with same claim number. There should not be more than one active claim number for the same encounter. All paid claim lines within an encounter must share the same active claim number. If there is a replacement claim with a new version of the claim number, all former claim lines must be replaced by the new claim number or be voided. The claim number, which creates the encounter, and all replacement encounters must retain the same billing provider ID or be completely voided. • Plans are expected to use current MassHealth MCE enrollment assignments to attribute Members to the MassHealth assigned MCE. The integrity of the family of claims should be maintained when submitting claims for multiple MCEs (ACOs/MCO). Entity PIDSL, New Member ID, and the claim number should be consistent across all lines of the same claim. • Data should conform to the Record Layout specified in Section 3.0 of this document. Any deviations from this format will result in claim line or file rejections. Each row in a submitted file should have a unique Claim Number + Suffix combination. • A feed should consist of new (Original) claims, Amendments, Replacements (a.k.a. Adjustments) and/or Voids. The replacements and voids should have a former claim number and former suffix to associate them with the claim + suffix they are voiding or replacing. See Section 2.0, Data Element Clarifications, for more information. • While processing a submission, MassHealth scans the files for the errors. Rejected records are sent back to the MCEs in error reports in a format of the input files with two additional columns to indicate an error code and the field with the error. • Unless otherwise directed or allowed by XxxxXxxxxx, all routine monthly encounter submissions must be successfully loaded to the MH DW on or before the last day of each month with corrected rejections successfully loaded within 5 business days of the subsequent month for that routine monthly encounter submission to be considered timely and included in downstream MassHealth processes. Routine monthly encounter submissions should contain claims with paid/transaction dates through the end of the previous month.
Meteorological Data Reporting Requirement (Applicable to wind generation facilities only)
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Compliance with Safeguarding Customer Information Requirements The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616, and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Seller information regarding the implementation of such security measures upon the reasonable request of the Seller.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.
Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.
CERTIFICATION PROHIBITING DISCRIMINATION AGAINST FIREARM AND AMMUNITION INDUSTRIES (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree, when it is applicable, to the following required by Texas law as of September 1, 2021: If (a) company is not a sole proprietorship; (b) company has at least ten (10) full-time employees; (c) this contract has a value of at least $100,000 that is paid wholly or partly from public funds; (d) the contract is not excepted under Tex. Gov’t Code § 2274.003 of SB 19 (87th leg.); and (e) governmental entity has determined that company is not a sole-source provider or governmental entity has not received any bids from a company that is able to provide this written verification, the following certification shall apply; otherwise, this certification is not required. Pursuant to Tex. Gov’t Code Ch. 2274 of SB 19 (87th session), the company hereby certifies and verifies that the company, or association, corporation, partnership, joint venture, limited partnership, limited liability partnership, or limited liability company, including a wholly owned subsidiary, majority-owned subsidiary parent company, or affiliate of these entities or associations, that exists to make a profit, does not have a practice, policy, guidance, or directive that discriminates against a firearm entity or firearm trade association and will not discriminate during the term of this contract against a firearm entity or firearm trade association. For purposes of this contract, “discriminate against a firearm entity or firearm trade association” shall mean, with respect to the entity or association, to: “ (1) refuse to engage in the trade of any goods or services with the entity or association based solely on its status as a firearm entity or firearm trade association; (2) refrain from continuing an existing business relationship with the entity or association based solely on its status as a firearm entity or firearm trade association; or (3) terminate an existing business relationship with the entity or association based solely on its status as a firearm entity or firearm trade association. See Tex. Gov’t Code § 2274.001(3) of SB 19. “Discrimination against a firearm entity or firearm trade association” does not include: “ (1) the established policies of a merchant, retail seller, or platform that restrict or prohibit the listing or selling of ammunition, firearms, or firearm accessories; and (2) a company’s refusal to engage in the trade of any goods or services, decision to refrain from continuing an existing business relationship, or decision to terminate an existing business relationship to comply with federal, state, or local law, policy, or regulations or a directive by a regulatory agency, or for any traditional business reason that is specific to the customer or potential customer and not based solely on an entity’s or association’s status as a firearm entity or firearm trade association.” See Tex. Gov’t Code § 2274.001(3) of SB 19.
Contracting Information Requirements Contractor represents and warrants that it will comply with the requirements of Section 552.372(a) of the Texas Government Code. Except as provided by Section 552.374(c) of the Texas Government Code, the requirements of Subchapter J (Additional Provisions Related to Contracting Information), Chapter 552 of the Government Code, may apply to the Contract and the Contractor agrees that the Contract can be terminated if the Contractor knowingly or intentionally fails to comply with a requirement of that subchapter.
Trunk Group Architecture and Traffic Routing 5.2.1 The Parties shall jointly establish Access Toll Connecting Trunks between CLEC and CBT by which they will jointly provide Tandem-transported Switched Exchange Access Services to Interexchange Carriers to enable such Interexchange Carriers to originate and terminate traffic from and to CLEC's Customers. 5.2.2 Access Toll Connecting Trunks shall be used solely for the transmission and routing of Exchange Access and non-translated Toll Free traffic (e.g., 800/888) to allow CLEC’s Customers to connect to or be connected to the interexchange trunks of any Interexchange Carrier that is connected to the CBT access Tandem. 5.2.3 The Access Toll Connecting Trunks shall be one-way or two-way trunks, as mutually agreed, connecting an End Office Switch that CLEC utilizes to provide Telephone Exchange Service and Switched Exchange Access Service in the given LATA to an access Tandem Switch CBT utilizes to provide Exchange Access in the LATA.
No Reliance on Administrative Agent’s Customer Identification Program Each Lender acknowledges and agrees that neither such Lender, nor any of its Affiliates, participants or assignees, may rely on the Administrative Agent to carry out such Lender’s, Affiliate’s, participant’s or assignee’s customer identification program, or other obligations required or imposed under or pursuant to the USA Patriot Act or the regulations thereunder, including the regulations contained in 31 CFR 103.121 (as hereafter amended or replaced, the “CIP Regulations”), or any other Anti-Terrorism Law, including any programs involving any of the following items relating to or in connection with any of the Loan Parties, their Affiliates or their agents, the Loan Documents or the transactions hereunder or contemplated hereby: (i) any identity verification procedures, (ii) any recordkeeping, (iii) comparisons with government lists, (iv) customer notices or (v) other procedures required under the CIP Regulations or such other Laws.
