System Security (a) If any party hereto is given access to the other party’s computer systems or software (collectively, the “Systems”) in connection with the Services, the party given access (the “Availed Party”) shall comply with all of the other party’s system security policies, procedures and requirements that have been provided to the Availed Party in advance and in writing (collectively, “Security Regulations”), and shall not tamper with, compromise or circumvent any security or audit measures employed by such other party. The Availed Party shall access and use only those Systems of the other party for which it has been granted the right to access and use.
(b) Each party hereto shall use commercially reasonable efforts to ensure that only those of its personnel who are specifically authorized to have access to the Systems of the other party gain such access, and use commercially reasonable efforts to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its personnel of the restrictions set forth in this Agreement and of the Security Regulations.
(c) If, at any time, the Availed Party determines that any of its personnel has sought to circumvent, or has circumvented, the Security Regulations, that any unauthorized Availed Party personnel has accessed the Systems, or that any of its personnel has engaged in activities that may lead to the unauthorized access, use, destruction, alteration or loss of data, information or software of the other party hereto, the Availed Party shall promptly terminate any such person’s access to the Systems and immediately notify the other party hereto. In addition, such other party hereto shall have the right to deny personnel of the Availed Party access to its Systems upon notice to the Availed Party in the event that the other party hereto reasonably believes that such personnel have engaged in any of the activities set forth above in this Section 9.2(c) or otherwise pose a security concern. The Availed Party shall use commercially reasonable efforts to cooperate with the other party hereto in investigating any apparent unauthorized access to such other party’s Systems.
Internet Security The Service utilizes a comprehensive security strategy to protect your accounts and transactions conducted over the Internet. Prior to activating your access to the Service, our Internet Banking Department will verify your identity and authorization against information associated with the Eligible Account (s) that you request to be linked to the Service. Access IDs and Passcodes - One of the main security features protecting the Service is the unique combination of your Access Identification Code (Access ID) and Passcode. During the enrollment process, you will be asked to select a unique Access ID, and then choose a Passcode that will be used to gain access to the Service. You determine your own Passcode, which is encrypted in our database. Neither this Institution nor its Service Providers have access to this information. The Service will automatically deactivate your account after three unsuccessful login attempts within a 24-hour time frame. You may reset your passcode online or you may contact this Institution for assistance. Because your Passcode is used to access your accounts, you should treat it as you would any other sensitive personal data. • You should carefully select a Passcode that is hard to guess. • You should not use words based on your name, address or other personal information. • Special characters may be used to increase security. • Do NOT use dictionary words. The “Help” link within the Service will offer tips on choosing a secure Passcode that you can remember. • Keep your Passcode safe. • Memorize your Passcode and do NOT write it down. • You should also change your Passcode occasionally, such as every 90 days. • A Passcode should be changed immediately if you suspect that your Passcode has been compromised. This can be done at any time from the “User Services” menu after you log on to the Service. NEITHER THIS INSTITUTION NOR ITS SERVICE PROVIDERS WILL CONTACT YOU VIA TELEPHONE OR EMAIL REQUESTING PERSONAL INFORMATION, YOUR ACCESS ID, OR YOUR PASSCODE. IF YOU ARE CONTACTED BY ANYONE REQUESTING THIS INFORMATION, PLEASE CONTACT US IMMEDIATELY.
Network Security The AWS Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. AWS will maintain access controls and policies to manage what access is allowed to the AWS Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. AWS will maintain corrective action and incident response plans to respond to potential security threats.
Physical Security Contractor shall ensure that Medi-Cal PII is used and stored in an area that is physically safe from access by unauthorized persons during working hours and non- working hours. Contractor agrees to safeguard Medi-Cal PII from loss, theft or inadvertent disclosure and, therefore, agrees to:
A. Secure all areas of Contractor facilities where personnel assist in the administration of the Medi-Cal program and use or disclose Medi-Cal PII. The Contractor shall ensure that these secure areas are only accessed by authorized individuals with properly coded key cards, authorized door keys or access authorization; and access to premises is by official identification.
B. Ensure that there are security guards or a monitored alarm system with or without security cameras 24 hours a day, 7 days a week at Contractor facilities and leased facilities where a large volume of Medi-Cal PII is stored.
C. Issue Contractor personnel who assist in the administration of the Medi-Cal program identification badges and require County Workers to wear the identification badges at facilities where Medi-Cal PII is stored or used.
D. Store paper records with Medi-Cal PII in locked spaces, such as locked file cabinets, locked file rooms, locked desks or locked offices in facilities which are multi-use (meaning that there are personnel other than contractor personnel using common areas that are not securely segregated from each other.) The contractor shall have policies which indicate that Contractor and their personnel are not to leave records with Medi-Cal PII unattended at any time in vehicles or airplanes and not to check such records in baggage on commercial airlines.
E. Use all reasonable measures to prevent non-authorized personnel and visitors from having access to, control of, or viewing Medi-Cal PII.
Password Security You are responsible for maintaining adequate security and control of any and all User IDs, Passwords, hints, personal identification numbers (PINs), or any other codes that you use to access the Account. Do not discuss, compare, or share information about your account number or password unless you are willing to give them full use of your money. Any loss or compromise of the foregoing information and/or your personal information may result in unauthorized access to your Account by third-parties and the loss or theft of any funds held in your Account and any associated accounts, including your Account. Checks and electronic withdrawals are processed by automated methods, and anyone who obtains your account number or access device could use it to withdraw money from your account, with or without your permission. You are responsible for keeping your email address and telephone number up to date in order to receive any notices or alerts that we may send you. We assume no responsibility for any loss that you may sustain due to compromise of your account login credentials due to no fault of ours and/or your failure to follow or act on any notices or alerts that we may send to you. If you believe your Account information has been compromised, or that someone has transferred or may transfer money from your account without your permission, contact us immediately, through Synapse, at xxxx@xxxxxxxxx.xxx or call at +0(000) 000-0000. You agree to promptly review all Account and transaction records and other Communications that we make available to you and to promptly report any discrepancy to us.
Personnel Security 6.1 Staff recruitment in accordance with government requirements for pre- employment checks;
6.2 Staff training and awareness of Departmental security and any specific contract requirements.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
E7 Security The Authority shall be responsible for maintaining the security of the Authority premises in accordance with its standard security requirements. The Contractor shall comply with all security requirements of the Authority while on the Authority premises, and shall ensure that all Staff comply with such requirements.
DTC DIRECT REGISTRATION SYSTEM AND PROFILE MODIFICATION SYSTEM (a) Notwithstanding the provisions of Section 2.04, the parties acknowledge that the Direct Registration System (“DRS”) and Profile Modification System (“Profile”) shall apply to uncertificated American Depositary Shares upon acceptance thereof to DRS by DTC. DRS is the system administered by DTC pursuant to which the Depositary may register the ownership of uncertificated American Depositary Shares, which ownership shall be evidenced by periodic statements issued by the Depositary to the Owners entitled thereto. Profile is a required feature of DRS which allows a DTC participant, claiming to act on behalf of an Owner of American Depositary Shares, to direct the Depositary to register a transfer of those American Depositary Shares to DTC or its nominee and to deliver those American Depositary Shares to the DTC account of that DTC participant without receipt by the Depositary of prior authorization from the Owner to register such transfer.
(b) In connection with and in accordance with the arrangements and procedures relating to DRS/Profile, the parties understand that the Depositary will not verify, determine or otherwise ascertain that the DTC participant which is claiming to be acting on behalf of an Owner in requesting a registration of transfer and delivery as described in subsection (a) has the actual authority to act on behalf of the Owner (notwithstanding any requirements under the Uniform Commercial Code). For the avoidance of doubt, the provisions of Sections 5.03 and 5.08 shall apply to the matters arising from the use of the DRS. The parties agree that the Depositary’s reliance on and compliance with instructions received by the Depositary through the DRS/Profile System and in accordance with this Deposit Agreement shall not constitute negligence or bad faith on the part of the Depositary.
Airport Security The Contractor shall be familiar with and conduct its operations in accordance with all regulations and directives of the Authority and the Transportation Security Administration, and any other federal, state or local government having jurisdiction over the airport, with respect to the maintenance of airport security.
