Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means.
2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable).
3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically.
4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
Safeguards Business Associate, its Agent(s) and Subcontractor(s) shall implement and use appropriate safeguards to prevent the use or disclosure of PHI other than as provided for by this Agreement. With respect to any PHI that is maintained in or transmitted by electronic media, Business Associate or its Subcontractor(s) shall comply with 45 CFR sections 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312 (technical safeguards) and 164.316 (policies and procedures and documentation requirements). Business Associate or its Agent(s) and Subcontractor(s) shall identify in writing upon request from Covered Entity all of the safeguards that it uses to prevent impermissible uses or disclosures of PHI.
Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § 00-00-000 et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.
Human and Financial Resources to Implement Safeguards Requirements The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
Procurement procedures 11.1 The Recipient must secure the best value for money and shall act in a fair, open and non-discriminatory manner in all purchases of goods and services.
Appropriate Safeguards BA shall implement appropriate safeguards to prevent the use or disclosure of Protected Information other than as permitted by the Contract or Addendum, including, but not limited to, administrative, physical and technical safeguards in accordance with the Security Rule, including, but not limited to, 45 C.F.R. Sections 164.308, 164.310, and 164.312. [45 C.F.R. Section 164.504(e)(2)(ii)(B); 45 C.F.R. Section 164.308(b)]. BA shall comply with the policies and procedures and documentation requirements of the Security rule, including, but not limited to, 45 C.F.R. Section 164.316 [42 U.S.C. Section 17931].
Safeguard Measures The Parties note the multilateral negotiations pursuant to Article X of GATS on the question of emergency safeguard measures based on the principle of non-discrimination. Upon the conclusion of such multilateral negotiations, the Parties shall conduct a review for the purpose of discussing appropriate amendments to this Agreement so as to incorporate the results of such multilateral negotiations.
Bilateral Safeguard Measures 1. Where, as a result of the reduction or elimination of a customs duty under this Agreement, any product originating in a Party is being imported into the territory of another Party in such increased quantities, in absolute terms or relative to domestic production, and under such conditions as to constitute a substantial cause of serious injury or threat thereof to the domestic industry of like or directly competitive products in the territory of the importing Party, the importing Party may take bilateral safeguard measures to the minimum extent necessary to remedy or prevent the injury, subject to the provisions of paragraphs 2 to 10.
2. Bilateral safeguard measures shall only be taken upon clear evidence that increased imports have caused or are threatening to cause serious injury pursuant to an investigation in accordance with the procedures laid down in the WTO Agreement on Safeguards.
3. The Party intending to take a bilateral safeguard measure under this Article shall immediately, and in any case before taking a measure, make notification to the other Parties and the Joint Committee. The notification shall contain all pertinent information, which shall include evidence of serious injury or threat thereof caused by increased imports, a precise description of the product involved and the proposed measure, as well as the proposed date of introduction, expected duration and timetable for the progressive removal of the measure. A Party that may be affected by the measure shall be offered compensation in the form of substantially equivalent trade liberalisation in relation to the imports from any such Party.
4. If the conditions set out in paragraph 1 are met, the importing Party may take measures consisting in increasing the rate of customs duty for the product to a level not to exceed the lesser of:
(a) the MFN rate of duty applied at the time the action is taken; or
(b) the MFN rate of duty applied on the day immediately preceding the date of the entry into force of this Agreement.
5. Bilateral safeguard measures shall be taken for a period not exceeding one year. In very exceptional circumstances, after review by the Joint Committee, measures may be taken up to a total maximum period of three years. No measure shall be applied to the import of a product which has previously been subject to such a measure.
6. The Joint Committee shall within 30 days from the date of notification examine the information provided under paragraph 3 in order to facilitate a mutually acceptable resolution of the matter. In the absence of such resolution, the importing Party may adopt a measure pursuant to paragraph 4 to remedy the problem, and, in the absence of mutually agreed compensation, the Party against whose product the measure is taken may take compensatory action. The bilateral safeguard measure and the compensatory action shall be immediately notified to the other Parties and the Joint Committee. In the selection of the bilateral safeguard measure and the compensatory action, priority must be given to the measure which least disturbs the functioning of this Agreement. The compensatory action shall normally consist of suspension of concessions having substantially equivalent trade effects or concessions substantially equivalent to the value of the additional duties expected to result from the bilateral safeguard measure. The Party taking compensatory action shall apply the action only for the minimum period necessary to achieve the substantially equivalent trade effects and in any event, only while the measure under paragraph 4 is being applied.
7. Upon the termination of the measure, the rate of customs duty shall be the rate which would have been in effect but for the measure.
8. In critical circumstances, where delay would cause damage which would be difficult to repair, a Party may take a provisional emergency measure pursuant to a preliminary determination that there is clear evidence that increased imports constitute a substantial cause of serious injury, or threat thereof, to the domestic industry. The Party intending to take such a measure shall immediately notify the other Parties and the Joint Committee thereof. Within 30 days of the date of the notification, the procedures set out in paragraphs 2 to 6, including for compensatory action, shall be initiated. Any compensation shall be based on the total period of application of the provisional emergency measure and of the emergency measure.
9. Any provisional measure shall be terminated within 200 days at the latest. The period of application of any such provisional measure shall be counted as part of the duration of the measure set out in paragraph 5 and any extension thereof. Any tariff increases shall be promptly refunded if the investigation described in paragraph 2 does not result in a finding that the conditions of paragraph 1 are met.
10. Five years after the date of entry into force of this Agreement, the Parties shall review in the Joint Committee whether there is need to maintain the possibility to take safeguard measures between them. If the Parties decide, after the first review, to maintain such possibility, they shall thereafter conduct biennial reviews of this matter in the Joint Committee.
Other Procurement Procedures National Competitive Bidding
Safeguarding requirements and procedures (1) The Contractor shall apply the following basic safeguarding requirements and procedures to protect covered contractor information systems. Requirements and procedures for basic safeguarding of covered contractor information systems shall include, at a minimum, the following security controls:
(i) Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
(ii) Limit information system access to the types of transactions and functions that authorized users are permitted to execute.
(iii) Verify and control/limit connections to and use of external information systems.
(iv) Control information posted or processed on publicly accessible information systems.
(v) Identify information system users, processes acting on behalf of users, or devices.
(vi) Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
(vii) Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse.
(viii) Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals.
(ix) Escort visitors and monitor visitor activity; maintain audit logs of physical access; and control and manage physical access devices.
(x) Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.
(xi) Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks.
(xii) Identify, report, and correct information and information system flaws in a timely manner.
(xiii) Provide protection from malicious code at appropriate locations within organizational information systems.
(xiv) Update malicious code protection mechanisms when new releases are available.
(xv) Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
