Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.
Internet Access to Contract and Pricing Information Access by Authorized Users to Contract terms and pricing information shall be made available and publically posted on the OGS website. To that end, OGS shall publically post the Contract Pricelist, including all subsequent changes in the Contract offerings (adds, deletes, price revisions), Contractor contact information, and the Contract terms and conditions, throughout the Contract term.
Data Access Access to Contract and State Data The Contractor shall provide to the Client Agency access to any data, as defined in Conn. Gen Stat. Sec. 4e-1, concerning the Contract and the Client Agency that are in the possession or control of the Contractor upon demand and shall provide the data to the Client Agency in a format prescribed by the Client Agency and the State Auditors of Public Accounts at no additional cost.
Purchase Order Flip via Ariba Network (AN) The online process allows suppliers to submit invoices via the AN for catalog and non- catalog goods and services. Contractors have the ability to create an invoice directly from their Inbox in their AN account by simply “flipping” the purchase order into an invoice. This option does not require any special software or technical capabilities. For the purposes of this section, the Contractor warrants and represents that it is authorized and empowered to and hereby grants the State and the third-party provider of MFMP the right and license to use, reproduce, transmit, distribute, and publicly display within the system the information outlined above. In addition, the Contractor warrants and represents that it is authorized and empowered to and hereby grants the State and the third-party provider the right and license to reproduce and display within the system the Contractor’s trademarks, system marks, logos, trade dress, or other branding designation that identifies the products made available by the Contractor under the Contract.
Data Storage Where required by applicable law, Student Data shall be stored within the United States. Upon request of the LEA, Provider will provide a list of the locations where Student Data is stored.
Originating Switched Access Detail Usage Data A category 1101XX record as defined in the EMI Telcordia Practice BR-010-200- 010.
Data Access Control Persons entitled to use data processing systems gain access only to the Personal Data that they have a right to access, and Personal Data must not be read, copied, modified or removed without authorization in the course of processing, use and storage. Measures: • As part of the SAP Security Policy, Personal Data requires at least the same protection level as “confidential” information according to the SAP Information Classification standard. • Access to Personal Data is granted on a need-to-know basis. Personnel have access to the information that they require in order to fulfill their duty. SAP uses authorization concepts that document grant processes and assigned roles per account (user ID). All Customer Data is protected in accordance with the SAP Security Policy. • All production servers are operated in the Data Centers or in secure server rooms. Security measures that protect applications processing Personal Data are regularly checked. To this end, SAP conducts internal and external security checks and penetration tests on its IT systems. • SAP does not allow the installation of software that has not been approved by SAP. • An SAP security standard governs how data and data carriers are deleted or destroyed once they are no longer required.
Data Input Control It will be possible to retrospectively examine and establish whether and by whom Personal Data have been entered, modified or removed from SAP data processing systems. Measures: • SAP only allows authorized personnel to access Personal Data as required in the course of their duty. • SAP has implemented a logging system for input, modification and deletion, or blocking of Personal Data by SAP or its subprocessors within the Cloud Service to the extent technically possible.
Mail Order Catalog Warnings In the event that, the Settling Entity prints new catalogs and sells units of the Products via mail order through such catalogs to California consumers or through its customers, the Settling Entity shall provide a warning for each unit of such Product both on the label in accordance with subsection 2.4 above, and in the catalog in a manner that clearly associates the warning with the specific Product being purchased. Any warning provided in a mail order catalog shall be in the same type size or larger than other consumer information conveyed for such Product within the catalog and shall be located on the same display page of the item. The catalog warning may use the Short-Form Warning content described in subsection 2.3(b) if the language provided on the Product label also uses the Short-Form Warning.
Terminating Switched Access Detail Usage Data A category 1101XX record as defined in the EMI Telcordia Practice BR-010-200- 010.
