Payment Security To secure all of CAISO’s payment obligations to Owner under this Agreement, CAISO agrees to grant Owner a security interest and lien in the following collateral (collectively, the “Collateral”): (a) all past, present and future accounts and other amounts Responsible Utility owes CAISO at any time pursuant to Section 41 of the CAISO Tariff attributable to invoices submitted by Owner under this Agreement (collectively, the “Accounts”), (b) the RMR Owner Facility Trust Account, all funds in the RMR Owner Facility Trust Account at any time, and all funds paid on account of any Accounts, (c) all proceeds of the Collateral, if any, and (d) all of CAISO’s right, title and interest in the Collateral. CAISO represents and warrants to Owner that (a) CAISO has the authority to grant such security interest, (b) CAISO will have good, marketable and exclusive title to all of the Collateral, (c) such security interest and lien will at all times be a valid, enforceable and first-priority lien on the Collateral, and (d) such security interest will be duly perfected by the filing of a financing statement under the California Uniform Commercial Code describing the Collateral in the office of the Secretary of State of California and the delivery of a written notice of Owner’s security interest to the bank with which the RMR Owner Facility Trust Account is maintained. If CAISO defaults on its obligation to pay under this Agreement, Owner shall be entitled to enforce such securityinterest, to exercise its rights in the Collateral, to collect the Accounts from Responsible Utility, to collect all funds in the RMR Owner Facility Trust Account, and to exercise all other rights and remedies under the California Uniform Commercial Code. CAISO agrees to promptly execute and deliver all financing statements and other documents Owner reasonably requests, including but not limited to a written notice of Owner’s security interest in the Collateral to the bank with which the RMR Owner Facility Trust Account is maintained, in order to maintain, perfect and enforce such security interest.
Security Requirements 11.1 The Supplier shall comply, and shall procure the compliance of the Suppliers Personnel, with the Security Policy and the Security Plan and the Supplier shall ensure that the Security Plan produced by the Supplier fully complies with the Security Policy.
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53). Contractor also shall provide technical and organizational safeguards against accidental, unlawful, or unauthorized access or use, destruction, loss, alteration, disclosure, transfer, commingling, or processing of such information that ensure a level of security appropriate to the risks presented by the processing of County Data, Contractor personnel and/or subcontractor personnel and affiliates approved by County to perform work under this Contract may use or disclose County personal and confidential information only as permitted in this Contract. Any other use or disclosure requires express approval in writing by the County of Orange. No Contractor personnel and/or subcontractor personnel or affiliate shall duplicate, disseminate, market, sell, or disclose County personal and confidential information except as allowed in this Contract. Contractor personnel and/or subcontractor personnel or affiliate who access, disclose, market, sell, or use County personal and confidential information in a manner or for a purpose not authorized by this Contract may be subject to civil and criminal sanctions contained in applicable federal and state statutes. Contractor shall take all reasonable measures to secure and defend all locations, equipment, systems, and other materials and facilities employed in connection with the Services against hackers and others who may seek, without authorization, to disrupt, damage, modify, access, or otherwise use Contractor systems or the information found therein; and prevent County data from being commingled with or contaminated by the data of other customers or their users of the Services and unauthorized access to any of County data. Contractor shall also continuously monitor its systems for potential areas where security could be breached. In no case shall the safeguards of Contractor’s data privacy and information and cyber security program be less stringent than the safeguards used by County. Without limiting any other audit rights of County, County shall have the right to review Contractor’s data privacy and information and cyber security program prior to commencement of Services and from time to time during the term of this Contract. All data belongs to the County and shall be destroyed or returned at the end of the contract via digital wiping, degaussing, or physical shredding as directed by County.
Payment Security Mechanism (A) Letter of Credit (LC):
MANAGEMENT SECURITY Section 1. The Federation hereby accepts liability for any damage to or loss of state property that is the proximate cause of action taken by striking employees of the bargaining unit, provided, however, liability under this Section shall be restricted to physical damage to real and personal property and shall not include any alleged loss of revenue or other incidental or punitive damage sought by the Employer.
Additional security requirements The following provisions apply in respect of any Additional Security provided:
Information Security Requirements In cases where the State is not permitted to manage/modify the automation equipment (server/computer/other) that controls testing or monitoring devices, the Contractor agrees to update and provide patches for the automation equipment and any installed operating systems or applications on a quarterly basis (at minimum). The Contractor will submit a report to the State of updates installed within 30 days of the installation as well as a Plan of Actions and Milestones (POA&M) to remediate any vulnerabilities ranging from Critical to Low. The contractor will provide an upgrade path or compensatory security controls for any operating systems and applications listed as beyond “end-of-life” or EOL, within 90 days of the EOL and complete the EOL system’s upgrade within 90 days of the approved plan.
Electronic PHI Security Rule Obligations 5.1 With respect to Electronic PHI, Business Associate shall: