Personnel Controls The County Department/Agency agrees to advise County Workers who have access to Pll, of the confidentiality of the information, the safeguards required to protect the information, and the civil and criminal sanctions for non- compliance contained in applicable federal and state laws. For that purpose, the County Department/Agency shall implement the following personnel controls:
Personal Controls a. Employee Training. All workforce members who assist in the performance of functions or activities on behalf of COUNTY in connection with Agreement, or access or disclose PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, must complete information privacy and security training, at least annually, at CONTRACTOR’s expense. Each workforce member who receives information privacy and security training must sign a certification, indicating the member’s name and the date on which the training was completed. These certifications must be retained for a period of six (6) years following the termination of Agreement.
Restrictive Controls Either Party may use protective network traffic management controls such as 7-digit and 10-digit code gaps set at appropriate levels on traffic toward each other's network, when required, to protect the public switched network from congestion due to facility failures, switch congestion, or failure or focused overload. CLEC and CenturyLink will immediately notify each other of any protective control action planned or executed.
Physical Architecture 59.2.1 CenturyLink's network architecture in any given local exchange area and/or LATA can vary markedly from another local exchange area/LATA. Using one or more of the NIMs herein, the Parties will agree to a physical architecture plan for a specific LATA, or if appropriate based on other requirements in Section 59, Local Calling Area. The physical architecture plan, as described in the Local Interconnection POI Profile, will be discussed during joint implementation planning. CLEC and CenturyLink agree to Interconnect their networks through existing and/or new Interconnection Facilities between CLEC switch(es) and CenturyLink's End Office Switch(es) and/or Tandem Switch(es). The physical architecture plan will be in accordance with Forecasting and Planning requirements in Article IV.
Security Controls Annually, upon Fund’s reasonable request, Transfer Agent shall provide Fund’s Chief Information Security Officer or his or her designee with a copy of its corporate information security controls that form the basis for Transfer Agent’s Security Policy and an opportunity to discuss Transfer Agent’s information security measures, and a high level summary of any vulnerability testing conducted by Transfer Agent on its information security controls, with a qualified member of Transfer Agent’s information technology management team. Transfer Agent shall review its Security Policy annually.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Expansive Controls Where the capability exists, originating or terminating traffic reroutes may be implemented by either Party to temporarily relieve network congestion due to facility failures or abnormal calling patterns. Reroutes will not be used to circumvent normal trunk servicing. Expansive controls will only be used when mutually agreed to by the Parties.
