Organizational Security It is the responsibility of the individuals across the organization to comply with these practices and standards. To facilitate the corporate adherence to these practices and standards, the function of information security provides:
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.
Audit Controls a. System Security Review. CONTRACTOR must ensure audit control mechanisms that record and examine system activity are in place. All systems processing and/or storing PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.
Paper Document Controls In order to comply with the following paper document controls, the Contractor agrees to:
A. Dispose of Medi-Cal PII in paper form through confidential means, such as cross cut shredding and pulverizing.
B. Not remove Medi-Cal PII from the premises of the Contractor except for identified routine business purposes or with express written permission of DHCS.
C. Not leave faxes containing Medi-Cal PII unattended and keep fax machines in secure areas. The Contractor shall ensure that faxes contain a confidentiality statement notifying persons receiving faxes in error to destroy them. Contractor personnel shall verify fax numbers with the intended recipient before sending.
D. Use a secure, bonded courier with signature of receipt when sending large volumes of Medi-Cal PII. The Contractor shall ensure that disks and other transportable media sent through the mail are encrypted using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI.
Organization; Powers; Subsidiaries The Borrower and its Material Subsidiaries are duly organized, validly existing and in good standing (to the extent such concept is applicable in the relevant jurisdiction) under the laws of the jurisdiction of its organization, have all requisite power and authority to carry on their respective business as now conducted and, except where the failure to do so, individually or in the aggregate, would not reasonably be expected to result in a Material Adverse Effect, are qualified to do business in, and are in good standing (to the extent such concept is applicable) in, every jurisdiction where such qualification is required. All of the outstanding shares of capital stock and other equity interests on the Closing Date, to the extent owned by the Borrower or any Subsidiary, of each Material Subsidiary are validly issued and outstanding and fully paid and nonassessable (if applicable) and all such shares and other equity interests are owned, beneficially and of record, by the Borrower or such other Subsidiary on the Closing Date free and clear of all Liens, other than Liens permitted under Section 6.02; provided that any untruth, misstatement or inaccuracy of the foregoing representation in this sentence shall only be deemed a breach of such representation to the extent such untruth, misstatement or inaccuracy is material to the interests of the Lenders. As of the Closing Date, there are no outstanding commitments or other obligations of the Borrower or any Subsidiary to issue, and no options, warrants or other rights of any Person other than the Borrower or any Subsidiary to acquire, any shares of any class of capital stock or other equity interests of any Material Subsidiary, except as disclosed on Schedule 3.01.
Security Controls for State Agency Data In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.138, Contractor understands, acknowledges, and agrees that if, pursuant to this Contract, Contractor is or will be authorized to access, transmit, use, or store data for System Agency, Contractor is required to meet the security controls the System Agency determines are proportionate with System Agency’s risk under the Contract based on the sensitivity of System Agency’s data and that Contractor must periodically provide to System Agency evidence that Contractor meets the security controls required under the Contract.
Organizational Power; Authorization The execution, delivery and performance by each Loan Party of the Loan Documents to which it is a party are within such Loan Party’s organizational powers and have been duly authorized by all necessary organizational, and if required, shareholder, partner or member, action. This Agreement has been duly executed and delivered by the Borrower, and constitutes, and each other Loan Document to which any Loan Party is a party, when executed and delivered by such Loan Party, will constitute, valid and binding obligations of the Borrower or such Loan Party (as the case may be), enforceable against it in accordance with their respective terms, except as may be limited by applicable bankruptcy, insolvency, reorganization, moratorium, or similar laws affecting the enforcement of creditors’ rights generally and by general principles of equity.
National Security 28.01 The Canadian government, either directly or through its agencies, may instruct the Employer with respect to the security of information and materials and the personnel permitted to do certain work. The Union recognizes that the Employer is obliged to meet such instructions and that for such reason the Employer may refuse certain Employees access to the work or may transfer Employees covered by such instructions.
Financial Controls At all times, the Charter School shall maintain appropriate governance and managerial procedures and financial controls which procedures and controls shall include, but not be limited to: (1) commonly accepted accounting practices and the capacity to implement them (2) a checking account; (3) adequate payroll procedures; (4) procedures for the creation and review of monthly and quarterly financial reports, which procedures shall specifically identify the individual who will be responsible for preparing such financial reports in the following fiscal year; (5) internal control procedures for cash receipts, cash disbursements and purchases; and (6) maintenance of asset registers and financial procedures for grants in accordance with applicable state and federal law.
