Implementation of Agreement Each Party must promptly execute all documents and do all such acts and things as is necessary or desirable to implement and give full effect to the provisions of this Agreement.
Safeguards Business Associate, its Agent(s) and Subcontractor(s) shall implement and use appropriate safeguards to prevent the use or disclosure of PHI other than as provided for by this Agreement. With respect to any PHI that is maintained in or transmitted by electronic media, Business Associate or its Subcontractor(s) shall comply with 45 CFR sections 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312 (technical safeguards) and 164.316 (policies and procedures and documentation requirements). Business Associate or its Agent(s) and Subcontractor(s) shall identify in writing upon request from Covered Entity all of the safeguards that it uses to prevent impermissible uses or disclosures of PHI.
Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means.
2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable).
3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically.
4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
Implementation and Review The Parties shall consult annually, or as otherwise agreed, to review the implementation of this Chapter and consider other matters of mutual interest affecting trade in services. (10) 10 Such consultations will be addressed under Article 170 (Free Trade Commission) of Chapter 14 (Administration of the Agreement).
Implementation of Changes If Tenant: (i) approves in writing the cost or savings and the estimated extension in the time for completion of Landlord’s Work, if any, and (ii) deposits with Landlord any Excess TI Costs required in connection with such Change, Landlord shall cause the approved Change to be instituted. Notwithstanding any approval or disapproval by Tenant of any estimate of the delay caused by such proposed Change, the TI Architect’s determination of the amount of Tenant Delay in connection with such Change shall be final and binding on Landlord and Tenant.
Implementation Plan The Authority shall cause to be prepared an Implementation Plan meeting the requirements of Public Utilities Code Section 366.2 and any applicable Public Utilities Commission regulations as soon after the Effective Date as reasonably practicable. The Implementation Plan shall not be filed with the Public Utilities Commission until it is approved by the Board in the manner provided by Section 4.9.
Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § 00-00-000 et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.
Human and Financial Resources to Implement Safeguards Requirements The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
Safeguarding requirements and procedures (1) The Contractor shall apply the following basic safeguarding requirements and procedures to protect covered contractor information systems. Requirements and procedures for basic safeguarding of covered contractor information systems shall include, at a minimum, the following security controls:
(i) Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
(ii) Limit information system access to the types of transactions and functions that authorized users are permitted to execute.
(iii) Verify and control/limit connections to and use of external information systems.
(iv) Control information posted or processed on publicly accessible information systems.
(v) Identify information system users, processes acting on behalf of users, or devices.
(vi) Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
(vii) Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse.
(viii) Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals.
(ix) Escort visitors and monitor visitor activity; maintain audit logs of physical access; and control and manage physical access devices.
(x) Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.
(xi) Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks.
(xii) Identify, report, and correct information and information system flaws in a timely manner.
(xiii) Provide protection from malicious code at appropriate locations within organizational information systems.
(xiv) Update malicious code protection mechanisms when new releases are available.
(xv) Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
Rights Protection Mechanisms and Abuse Mitigation ‐ Registry Operator commits to implementing and performing the following protections for the TLD:
i. In order to help registrars and registrants identify inaccurate data in the Whois database, Registry Operator will audit Whois data for accuracy on a statistically significant basis (this commitment will be considered satisfied by virtue of and for so long as ICANN conducts such audits).
ii. Work with registrars and registrants to remediate inaccurate Whois data to help ensure a more accurate Whois database. Registry Operator reserves the right to cancel a domain name registration on the basis of inaccurate data, if necessary.
iii. Establish and maintain a Domains Protected Marks List (DPML), a trademark protection service that allows rights holders to reserve registration of exact match trademark terms and terms that contain their trademarks across all gTLDs administered by Registry Operator under certain terms and conditions.
iv. At no cost to trademark holders, establish and maintain a Claims Plus service, which is a notice protection mechanism that begins at the end of ICANN’s mandated Trademark Claims period.
v. Bind registrants to terms of use that define and prohibit illegal or abusive activity.
vi. Limit the use of proxy and privacy registration services in cases of malfeasance.
vii. Consistent with the terms of this Registry Agreement, reserve the right to exclude from distribution any registrars with a history of non-‐compliance with the terms of the Registrar Accreditation Agreement.
viii. Registry Operator will be properly resourced to perform these protections.
