New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Child Abuse Reporting Requirement Grantee will:
a. comply with child abuse and neglect reporting requirements in Texas Family Code Chapter 261. This section is in addition to and does not supersede any other legal obligation of the Grantee to report child abuse.
b. develop, implement and enforce a written policy that includes at a minimum the System Agency’s Child Abuse Screening, Documenting, and Reporting Policy for Grantees/Providers and train all staff on reporting requirements.
c. use the System Agency Child Abuse Reporting Form located at xxxxx://xxx.xxxx.xxxxx.xx.xx/Contact Us/report abuse.asp as required by the System Agency.
d. retain reporting documentation on site and make it available for inspection by the System Agency.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
Fund Valuation and Financial Reporting Services (1) Account for Fund share purchases, sales, exchanges, transfers, dividend reinvestments, and other Fund share activity as reported by the Fund’s transfer agent on a timely basis.
(2) Apply equalization accounting as directed by the Fund.
(3) Determine net investment income (earnings) for the Fund as of each valuation date. Account for periodic distributions of earnings to shareholders and maintain undistributed net investment income balances as of each valuation date.
(4) Maintain a general ledger and other accounts, books, and financial records for the Fund in the form as agreed upon.
(5) Determine the net asset value of the Fund according to the accounting policies and procedures set forth in the Fund’s current prospectus.
(6) Calculate per share net asset value, per share net earnings, and other per share amounts reflective of Fund operations at such time as required by the nature and characteristics of the Fund.
(7) Communicate to the Fund, at an agreed upon time, the per share net asset value for each valuation date.
(8) Prepare monthly reports that document the adequacy of accounting detail to support month-end ledger balances.
(9) Prepare monthly security transactions listings.
Child Abuse Reporting Requirements A. Grantees shall comply with child abuse and neglect reporting requirements in Texas Family Code Chapter 261. This section is in addition to and does not supersede any other legal obligation of the Grantee to report child abuse.
B. Grantee shall use the Texas Abuse Hotline Website located at xxxxx://xxx.xxxxxxxxxxxxxx.xxx/Login/Default.aspx as required by the System Agency. Grantee shall retain reporting documentation on site and make it available for inspection by the System Agency.
Certified and Minority Business Enterprises Reports Upon Customer request, the Contractor shall report to the requesting Customer the Contractor’s spend with certified and other minority business enterprises in the provision of commodities or services related to the Customer’s orders. These reports shall include the period covered, the name, minority code, and Federal Employer Identification Number of each minority business utilized during the period; commodities and services provided by the minority business enterprise, and the amount paid to each minority business enterprise on behalf of the Customer.
Regulation M Compliance The Company has not, and to its knowledge no one acting on its behalf has, (i) taken, directly or indirectly, any action designed to cause or to result in the stabilization or manipulation of the price of any security of the Company to facilitate the sale or resale of any of the Securities, (ii) sold, bid for, purchased, or, paid any compensation for soliciting purchases of, any of the Securities, or (iii) paid or agreed to pay to any Person any compensation for soliciting another to purchase any other securities of the Company, other than, in the case of clauses (ii) and (iii), compensation paid to the Company’s placement agent in connection with the placement of the Securities.
Human and Financial Resources to Implement Safeguards Requirements The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Pro Forma Financial Information The pro forma financial statements included in the Registration Statement, the Time of Sale Disclosure Package and the Final Prospectus include assumptions that provide a reasonable basis for presenting the significant effects directly attributable to the transactions and events described therein, the related pro forma adjustments give appropriate effect to those assumptions, and the pro forma adjustments reflect the proper application of those adjustments to the historical financial statements amounts in the pro forma financial statements included in the Registration Statement, the Time of Sale Disclosure Package and the Final Prospectus. The pro forma financial statements included in the Registration Statement, the Time of Sale Disclosure Package and the Final Prospectus comply as to form in all material respects with the application requirements of Regulation S-X under the Exchange Act.
