Password To enable you, and only you, to use the Service, you will be asked to choose a password when you register and are accepted as a customer of the Service. This password is stored in encrypted form by us. You are responsible for maintaining the confidentiality of your Funds Transfer customer number and password. No one at MIT Federal Credit Union has access to your Accounts passwords or user ID’s. You are responsible for uses of the Service whether or not actually or expressly authorized by you. Therefore, it is important that you DO NOT SHARE YOUR ACCOUNT NUMBER OR PASSWORD WITH ANYONE FOR ANY REASON. No one at MIT Federal Credit Union will know or need to know your password, and MIT Federal Credit Union employees will never ask for your password. If you wish to make a transfer to an Account of another person, you will be asked to provide a separate code word or phrase (the “Shared Secret”) that is known only to you and to the person to whom you are transferring the funds (the “Recipient”). We recommend that you do not use commonly used words, phrases or dates. In order to complete the transfer, the Recipient must provide the Shared Secret and certain other identifying information. YOU AGREE THAT YOU WILL NOT GIVE THE SHARED SECRET TO ANYONE EXCEPT THE RECIPIENT FOR ANY REASON. YOU FURTHER AGREE THAT YOU WILL INSTRUCT THE RECIPIENT NOT TO GIVE THE SHARED SECRET TO ANYONE ELSE FOR ANY REASON. If you believe your password or Shared Secret has been lost or stolen, or that someone has transferred or may transfer money from your Account without your permission, call: 000-000-0000 or fax: 000-000-0000 , or e-mail: xxxxxx@xxx.xxx, or write: Funds Transfer Administrator, MIT Federal Credit Union 000 Xxxxxxxxxx Xxxxxx, Xxxxxxxxx, XX 00000-0000. You agree to notify us AT ONCE if you believe your password has been lost or stolen. Telephoning us promptly is the best way to protect yourself from possible losses. If you never tell us, you could lose all of the money in your account (plus your maximum non-sufficient funds/overdraft (NSF/OD) line of credit). However, if you tell us within 2 business days, you can lose no more than $50 if someone used your password without your permission. If you do NOT tell us within 2 business days after you learn of the loss or theft of your password, and we can prove we could have stopped someone from using your password without your permission if you had told us, you could lose as much as $500. You can see a complete statement of all your funds transfers effected or pending at any time by clicking on the History tab. If your statement shows transfers that you did not make, notify us AT ONCE. If you do not tell us within 60 days after the transfer was posted to your statement, you may not get back any money you lost after the 60 days, if we can prove that we could have stopped someone from taking the money if you had told us in time. If a good reason (such as a long trip or a hospital stay) kept you from telling us, we will extend the time periods.
FORMAT AND CONTENT FOR REGISTRY OPERATOR MONTHLY REPORTING Registry Operator shall provide one set of monthly reports per gTLD, using the API described in draft-‐xxxxxx-‐icann-‐registry-‐interfaces, see Specification 2, Part A, Section 9, reference 5, with the following content. ICANN may request in the future that the reports be delivered by other means and using other formats. ICANN will use reasonable commercial efforts to preserve the confidentiality of the information reported until three (3) months after the end of the month to which the reports relate. Unless set forth in this Specification 3, any reference to a specific time refers to Coordinated Universal Time (UTC). Monthly reports shall consist of data that reflects the state of the registry at the end of the month (UTC).
User IDs and Password Controls All users must be issued a unique user name for accessing DHCS PHI or PI. Username must be promptly disabled, deleted, or the password changed upon the transfer or termination of an employee with knowledge of the password, at maximum within 24 hours. Passwords are not to be shared. Passwords must be at least eight characters and must be a non-dictionary word. Passwords must not be stored in readable format on the computer. Passwords must be changed every 90 days, preferably every 60 days. Passwords must be changed if revealed or compromised. Passwords must be composed of characters from at least three of the following four groups from the standard keyboard: • Upper case letters (A-Z) • Lower case letters (a-z) • Arabic numerals (0-9) • Non-alphanumeric characters (punctuation symbols)
Subscriber Data Subscriber will timely supply Netgateway, in a form acceptable to Netgateway, with all data necessary for Netgateway to perform the ongoing services to be provided hereunder. It is the sole responsibility of Subscriber to insure the completeness and accuracy of such data.
Passwords Passwords are an important aspect of computer security. A poorly chosen password may result in unauthorized access and/or exploitation of Placer County’s resources. All users, including contractors and vendors with access to the County’s systems, are responsible for the creation and protection of passwords and additionally any updates to County Password policies must be followed. Users must not use the same password for Placer County accounts and personal accounts. The reliability of passwords for maintaining confidentiality cannot be guaranteed. Always assume that someone, in addition to the intended or designated recipient, may read any and all messages and files. Any user suspecting that his/her password may have been compromised must, without delay, report the incident to Placer County IT. 10.2.4.1 Passwords must never be shared or disclosed. If a password is accidentally exposed or suspected of exposure, the password should be changed immediately. 10.2.4.2 All passwords must be changed on a specified, periodic basis. 10.2.4.3 Default passwords provided by the vendor for access to applications/systems on the network must be changed to unique and secret passwords. 10.2.4.4 Immediately inform the Information Technology Service Desk when user accounts are no longer required or will not be used for a period of 30 days or more. 10.2.4.5 All accounts not used for 90 days will be automatically disabled.
Device Data We may share certain personal information and device-identifying technical data about you and your devices with third party service providers, who will compare and add device data and fraud data from and about you to a database of similar device and fraud information in order to provide fraud management and prevention services, which include but are not limited to identifying and blocking access to the applicable service or Web site by devices associated with fraudulent or abusive activity. Such information may be used by us and our third party service providers to provide similar fraud management and prevention services for services or Web sites not provided by us. We will not share with service providers any information that personally identifies the user of the applicable device.
Workstation/Laptop encryption All workstations and laptops that process and/or store DHCS PHI or PI must be encrypted using a FIPS 140-2 certified algorithm which is 128bit or higher, such as Advanced Encryption Standard (AES). The encryption solution must be full disk unless approved by the DHCS Information Security Office.
Client Data The Subrecipient shall maintain client data demonstrating client eligibility for services provided. Such data shall include, but not be limited to, client name, address, income level or other basis for determining eligibility, and description of service provided. Such information shall be made available to Grantee monitors or their designees for review upon request.
System Logging The system must maintain an automated audit trail which can 20 identify the user or system process which initiates a request for PHI COUNTY discloses to 21 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, 22 or which alters such PHI. The audit trail must be date and time stamped, must log both successful and 23 failed accesses, must be read only, and must be restricted to authorized users. If such PHI is stored in a 24 database, database logging functionality must be enabled. Audit trail data must be archived for at least 3 25 years after occurrence.
Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.