Cloud Services You will not intentionally (a) interfere with other customers’ access to, or use of, the Cloud Service, or with its security; (b) facilitate the attack or disruption of the Cloud Service, including a denial of service attack, unauthorized access, penetration testing, crawling, or distribution of malware (including viruses, trojan horses, worms, time bombs, spyware, adware, and cancelbots); (c) cause an unusual spike or increase in Your use of the Cloud Service that negatively impacts the Cloud Service’s operation; or (d) submit any information that is not contemplated in the applicable Documentation.
Wellness i. To support the statewide goal for a healthy and productive workforce, employees are encouraged to participate in a Well-Being Assessment survey. Employees will be granted work time and may use a state computer to complete the survey.
ii. The Coalition of Unions agrees to partner with the Employer to educate their members on the wellness program and encourage participation. Eligible, enrolled subscribers who register for the Smart Health Program and complete the Well-Being Assessment will be eligible to receive a twenty-five dollar ($25) gift certificate. In addition, eligible, enrolled subscribers shall have the option to earn an annual one hundred twenty-five dollars ($125.00) or more wellness incentive in the form of reduction in deductible or deposit into the Health Savings Account upon successful completion of required Smart Health Program activities. During the term of this Agreement, the Steering Committee created by Executive Order 13-06 shall make recommendations to the PEBB regarding changes to the wellness incentive or the elements of the Smart Health Program.
Program Management 1.1.01 Implement and operate an Immunization Program as a Responsible Entity
1.1.02 Identify at least one individual to act as the program contact in the following areas:
1. Immunization Program Manager;
Network Maintenance and Management 38.1 The Parties will work cooperatively to implement this Agreement. The Parties will exchange appropriate information (for example, maintenance contact numbers, network information, information required to comply with law enforcement and other security agencies of the government, escalation processes, etc.) to achieve this desired result.
38.2 Each Party will administer its network to ensure acceptable service levels to all users of its network services. Service levels are generally considered acceptable only when End Users are able to establish connections with little or no delay encountered in the network. Each Party will provide a twenty four (24)-hour contact number for Network Traffic Management issues to the other’s surveillance management center.
38.3 Each Party maintains the right to implement protective network traffic management controls, such as “cancel to”, “call gapping” or seven (7)-digit and ten (10)-digit code gaps, to selectively cancel the completion of traffic over its network, including traffic destined for the other Party’s network, when required to protect the public-switched network from congestion as a result of occurrences such as facility failures, switch congestion or failure or focused overload. Each Party shall immediately notify the other Party of any protective control action planned or executed.
38.4 Where the capability exists, originating or terminating traffic reroutes may be implemented by either Party to temporarily relieve network congestion due to facility failures or abnormal calling patterns. Reroutes shall not be used to circumvent normal trunk servicing. Expansive controls shall be used only when mutually agreed to by the Parties.
38.5 The Parties shall cooperate and share pre-planning information regarding cross-network call-ins expected to generate large or focused temporary increases in call volumes to prevent or mitigate the impact of these events on the public-switched network, including any disruption or loss of service to the other Party’s End Users. Facsimile (FAX) numbers must be exchanged by the Parties to facilitate event notifications for planned mass calling events.
38.6 Neither Party shall use any Interconnection Service provided under this Agreement or any other service related thereto or used in combination therewith in any manner that interferes with or impairs service over any facilities of AT&T-21STATE, its affiliated companies or other connecting telecommunications carriers, prevents any carrier from using its Telecommunications Service, impairs the quality or the privacy of Telecommunications Service to other carriers or to either Party’s End Users, causes hazards to either Party’s personnel or the public, damage to either Party’s or any connecting carrier’s facilities or equipment, including any malfunction of ordering or billing systems or equipment. Upon such occurrence either Party may discontinue or refuse service, but only for so long as the other Party is violating this provision. Upon any such violation, either Party shall provide the other Party notice of the violation at the earliest practicable time.
38.7 AT&T TENNESSEE hereby commits to provide Disaster Recovery to CLEC according to the plan below.
38.7.1 AT&T TENNESSEE Disaster Recovery Plan
38.7.2 In the unlikely event of a disaster occurring that affects AT&T TENNESSEE’s long-term ability to deliver traffic to a CLEC, general procedures have been developed by AT&T TENNESSEE to hasten the recovery process in accordance with the Telecommunications Service Priority (TSP) Program established by the FCC to identify and prioritize telecommunication services that support national security or emergency preparedness (NS/EP) missions. A description of the TSP Program as it may be amended from time to time is available on AT&T TENNESSEE’s Wholesale – Southeast Region Web site. Since each location is different and could be affected by an assortment of potential problems, a detailed recovery plan is impractical. However, in the process of reviewing recovery activities for specific locations, some basic procedures emerge that appear to be common in most cases.
38.7.3 These general procedures should apply to any disaster that affects the delivery of traffic for an extended time period. Each CLEC will be given the same consideration during an outage, and service will be restored as quickly as possible. AT&T TENNESSEE reserves the right to make changes to these procedures as improvements become available or as business conditions dictate.
38.7.4 This plan will cover the basic recovery procedures that would apply to every CLEC.
SaaS Services 6.1 Our SaaS Services are audited at least yearly in accordance with the AICPA’s Statement on Standards for Attestation Engagements (“SSAE”) No. 18. We have attained, and will maintain, SOC 1 and SOC 2 compliance, or its equivalent, for so long as you are timely paying for SaaS Services. Upon execution of a mutually agreeable Non-Disclosure Agreement (“NDA”), we will provide you with a summary of our compliance report(s) or its equivalent. Every year thereafter, for so long as the NDA is in effect and in which you make a written request, we will provide that same information.
6.2 You will be hosted on shared hardware in a Tyler data center or in a third-party data center. In either event, databases containing your Data will be dedicated to you and inaccessible to our other customers.
6.3 Our Tyler data centers have fully-redundant telecommunications access, electrical power, and the required hardware to provide access to the Tyler Software in the event of a disaster or component failure. In the event any of your Data has been lost or damaged due to an act or omission of Tyler or its subcontractors or due to a defect in Tyler’s software, we will use best commercial efforts to restore all the Data on servers in accordance with the architectural design’s capabilities and with the goal of minimizing any Data loss as greatly as possible. In no case shall the recovery point objective (“RPO”) exceed a maximum of twenty-four (24) hours from declaration of disaster. For purposes of this subsection, RPO represents the maximum tolerable period during which your Data may be lost, measured in relation to a disaster we declare, said declaration will not be unreasonably withheld.
6.4 In the event we declare a disaster, our Recovery Time Objective (“RTO”) is twenty-four (24) hours. For purposes of this subsection, RTO represents the amount of time, after we declare a disaster, within which your access to the Tyler Software must be restored.
6.5 We conduct annual penetration testing of either the production network and/or web application to be performed. We will maintain industry standard intrusion detection and prevention systems to monitor malicious activity in the network and to log and block any such activity. We will provide you with a written or electronic record of the actions taken by us in the event that any unauthorized access to your database(s) is detected as a result of our security protocols. We will undertake an additional security audit, on terms and timing to be mutually agreed to by the parties, at your written request. You may not attempt to bypass or subvert security restrictions in the SaaS Services or environments related to the Tyler Software. Unauthorized attempts to access files, passwords or other confidential information, and unauthorized vulnerability and penetration test scanning of our network and systems (hosted or otherwise) is prohibited without the prior written approval of our IT Security Officer.
6.6 We test our disaster recovery plan on an annual basis. Our standard test is not client-specific. Should you request a client-specific disaster recovery test, we will work with you to schedule and execute such a test on a mutually agreeable schedule. At your written request, we will provide test results to you within a commercially reasonable timeframe after receipt of the request.
6.7 We will be responsible for importing back-up and verifying that you can log-in. You will be responsible for running reports and testing critical processes to verify the returned Data.
6.8 We provide secure Data transmission paths between each of your workstations and our servers.
6.9 Tyler data centers are accessible only by authorized personnel with a unique key entry. All other visitors to Tyler data centers must be signed in and accompanied by authorized personnel. Entry attempts to the data center are regularly audited by internal staff and external auditors to ensure no unauthorized access.
6.10 Where applicable with respect to our applications that take or process card payment data, we are responsible for the security of cardholder data that we possess, including functions relating to storing, processing, and transmitting of the cardholder data and affirm that, as of the Effective Date, we comply with applicable requirements to be considered PCI DSS compliant and have performed the necessary steps to validate compliance with the PCI DSS. We agree to supply the current status of our PCI DSS compliance program in the form of an official Attestation of Compliance, which can be found at xxxxx://xxx.xxxxxxxxx.xxx/about- us/compliance, and in the event of any change in our status, will comply with applicable notice requirements.
Child Care The County will continue to support the concept of non-profit child care facilities similar to the “Kid’s at Work” program established in the Public Works Department.
Classroom Management The certificated classroom teacher demonstrates in his/her performance a competent level of knowledge and skill in organizing the physical and human elements in the educational setting.
Service Management Effective support of in-scope services is a result of maintaining consistent service levels. The following sections provide relevant details on service availability, monitoring of in-scope services and related components.
Orthodontics We Cover orthodontics used to help restore oral structures to health and function and to treat serious medical conditions such as: cleft palate and cleft lip; maxillary/mandibular micrognathia (underdeveloped upper or lower jaw); extreme mandibular prognathism; severe asymmetry (craniofacial anomalies); ankylosis of the temporomandibular joint; and other significant skeletal dysplasias.
Electric Storage Resources Developer interconnecting an electric storage resource shall establish an operating range in Appendix C of its LGIA that specifies a minimum state of charge and a maximum state of charge between which the electric storage resource will be required to provide primary frequency response consistent with the conditions set forth in Articles 9.5.5, 9.5.5.1, 9.5.5.2, and 9.5.5.3 of this Agreement. Appendix C shall specify whether the operating range is static or dynamic, and shall consider (1) the expected magnitude of frequency deviations in the interconnection; (2) the expected duration that system frequency will remain outside of the deadband parameter in the interconnection; (3) the expected incidence of frequency deviations outside of the deadband parameter in the interconnection; (4) the physical capabilities of the electric storage resource; (5) operational limitations of the electric storage resources due to manufacturer specification; and (6) any other relevant factors agreed to by the NYISO, Connecting Transmission Owner, and Developer. If the operating range is dynamic, then Appendix C must establish how frequently the operating range will be reevaluated and the factors that may be considered during its reevaluation. Developer’s electric storage resource is required to provide timely and sustained primary frequency response consistent with Article 9.5.5.2 of this Agreement when it is online and dispatched to inject electricity to the New York State Transmission System and/or receive electricity from the New York State Transmission System. This excludes circumstances when the electric storage resource is not dispatched to inject electricity to the New York State Transmission System and/or dispatched to receive electricity from the New York State Transmission System. If Developer’s electric storage resource is charging at the time of a frequency deviation outside of its deadband parameter, it is to increase (for over-frequency deviations) or decrease (for under-frequency deviations) the rate at which it is charging in accordance with its droop parameter. Developer’s electric storage resource is not required to change from charging to discharging, or vice versa, unless the response necessitated by the droop and deadband settings requires it to do so and it is technically capable of making such a transition.
