Customer Requirements Customer will be required to maintain complex passwords for their User accounts where applicable. For any such passwords LightEdge will provide a secure URL that any User can access to change passwords. All User passwords are set to a ninety (90) day password expiration schedule by default. LightEdge is not responsible for unexpected use of Services whether by ex-employees, compromised User passwords or any other misuse of Customer accounts. Customer shall be responsible for all costs incurred by such unexpected use of Service. Customer shall be fully responsible for providing to LightEdge at Customer’s own expense and in a timely manner the following: - All security for its Services and systems used or accessible in connection with Service; - Cooperative testing of all Customer-provided hardware, software, and Services for compatibility with Service; - Designating an Authorized Contact(s) to be the point of contact to interface with LightEdge Technical Support; - All cabling necessary to support Service; and - Physical and remote management access to any and all Servers onto which Service is installed.
CERTIFICATION REGARDING DRUG-FREE WORKPLACE REQUIREMENTS 1. The Contractor certifies that it will provide a drug-free workplace by:
a. Publishing a statement notifying employees that the unlawful manufacture, distribution, dispensing, possession or use of a controlled substance is prohibited in the Contractor’s workplace and specifying the actions that will be taken against employees for violation of such prohibition;
System Requirements Apple Software is supported only on Apple-branded hardware that meets specified system requirements as indicated by Apple.
DRUG-FREE WORKPLACE REQUIREMENTS Contractor will comply with the requirements of the Drug-Free Workplace Act of 1990 and will provide a drug-free workplace by taking the following actions:
a. Publish a statement notifying employees that unlawful manufacture, distribution, dispensation, possession or use of a controlled substance is prohibited and specifying actions to be taken against employees for violations.
b. Establish a Drug-Free Awareness Program to inform employees about:
1) the dangers of drug abuse in the workplace;
2) the person's or organization's policy of maintaining a drug-free workplace;
3) any available counseling, rehabilitation and employee assistance programs; and,
4) penalties that may be imposed upon employees for drug abuse violations.
c. Every employee who works on the proposed Agreement will:
1) receive a copy of the company's drug-free workplace policy statement; and,
2) agree to abide by the terms of the company's statement as a condition of employment on the Agreement. Failure to comply with these requirements may result in suspension of payments under the Agreement or termination of the Agreement or both and Contractor may be ineligible for award of any future State agreements if the department determines that any of the following has occurred: the Contractor has made false certification, or violated the certification by failing to carry out the requirements as noted above. (Gov. Code §8350 et seq.)
ORDERING REQUIREMENTS Eligible Purchasers shall order Goods and/or Services from this Contract, consistent with the terms hereof and by using any ordering mechanism agreeable both to Contractor and Purchaser but including, at a minimum, a purchase order. When practicable, Contractor and Purchaser also shall use telephone orders, email orders, web- based orders, and similar procurement methods (collectively “Purchaser Order”). All Purchase Orders must reference the Contract number. The terms of this Contract shall apply to any Purchase Order and, in the event of any conflict, the terms of this Contract shall prevail. Notwithstanding any provision to the contrary, in no event shall any ‘click-agreement,’ software or web-based application terms and conditions, or any other agreement modify the terms and conditions of this Contract.
Export Requirements The Program, Documentation and all related technical information or materials are subject to export controls and U.S. Government export regulations. You will comply strictly with all legal requirements established under these controls and will not, in connection with its limited evaluation rights hereunder, export, re-export, divert, transfer or disclose, directly or indirectly the Program, Documentation and any related technical information or materials without the prior approval of the U.S.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Minimum Requirements Consultant shall, at its expense, procure and maintain for the duration of the Agreement insurance against claims for injuries to persons or damages to property which may arise from or in connection with the performance of the Agreement by the Consultant, its agents, representatives, employees or subconsultants. Consultant shall also require all of its subconsultants to procure and maintain the same insurance for the duration of the Agreement. Such insurance shall meet at least the following minimum levels of coverage:
Child Abuse Reporting Requirements A. Grantees shall comply with child abuse and neglect reporting requirements in Texas Family Code Chapter 261. This section is in addition to and does not supersede any other legal obligation of the Grantee to report child abuse.
B. Grantee shall use the Texas Abuse Hotline Website located at xxxxx://xxx.xxxxxxxxxxxxxx.xxx/Login/Default.aspx as required by the System Agency. Grantee shall retain reporting documentation on site and make it available for inspection by the System Agency.
Training Requirements Grantee shall:
A. Authorize and require staff (including volunteers) to attend training, conferences, and meetings as directed by DSHS;
B. Appropriately budget funds in order to meet training requirements in a timely manner, and ensure that staff and volunteers are trained as specified in the training requirements listed at xxxxx://xxx.xxxx.xxxxx.xxx/hivstd/training/ and as otherwise specified by DSHS. Grantee shall document that these training requirements are met; and
C. Ensure that staff hired for HIV and syphilis testing are trained to perform blood draws within three (3) months of employment.
