New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Facility Requirements 1. Maintain wheelchair accessibility to program activities according to governing law, including the Americans With Disabilities Act (ADA), as applicable.
2. Provide service site(s) that will promote attainment of Contractor’s program objectives. Arrange the physical environment to support those activities.
3. Decrease program costs when possible by procuring items at no cost from County surplus stores and by accepting delivery of such items by County.
Covenants Concerning Collateral, Etc The Guarantor further covenants with the Agent as follows: (a) the Collateral, to the extent not delivered to the Agent pursuant to Section 4 hereof or disposed of as permitted by the Credit Agreement, will be kept at those locations listed on the Perfection Certificate, as the same may be amended from time to time as herein provided, and the Guarantor will not remove the Collateral from such locations without providing at least fifteen (15) days prior written notice to the Agent except (i) to another location listed on the Perfection Certificate, or (ii) to another location of the Guarantor or one of its Subsidiaries or one of the other Subsidiaries of the Borrower, in each case, that is located within the United States but not listed on the Perfection Certificate, as amended from time to time (any such location, an “Unlisted Location”), provided, that the aggregate value of the Collateral located at such Unlisted Location shall not exceed $1,000,000, (iii) motor vehicles, or (iv) the removal of Collateral for up to thirty (30) days to repair such Collateral, in each case, in the ordinary course of business, (b) except for the security interest herein granted and Permitted Liens, the Guarantor shall be the owner of, or have other rights in or power to transfer, the Collateral free from any right or claim of any other person or any lien, security interest or other encumbrance, and the Guarantor shall defend the same against all claims and demands of all persons at any time claiming the same or any interests therein adverse to the Agent, (c) the Guarantor shall not pledge, mortgage or create, or suffer to exist any right of any person in or claim by any person to the Collateral, or any security interest, lien or other encumbrance in the Collateral in favor of any person other than the Agent, except for Permitted Liens, (d) the Guarantor will keep the Collateral in good order and repair and will not use the same in violation of law or any policy of insurance thereon, (e) the Guarantor will permit the Agent, or its designee, to inspect the Collateral at any reasonable time during normal business hours, wherever located, (f) the Guarantor will pay promptly when due all taxes, assessments, governmental charges and levies upon the Collateral incurred in connection with the use or operation of the Collateral or incurred in connection with this Agreement, (g) the Guarantor will continue to operate its business in compliance in all material respects with all applicable provisions of the federal Fair Labor Standards Act, as amended, and with all applicable provisions of federal, state and local statutes and ordinances dealing with the control, shipment, storage or disposal of hazardous materials or substances, (h) the Guarantor will not sell or otherwise dispose, or offer to sell or otherwise dispose, of the Collateral or any interest therein except for dispositions permitted by the Credit Agreement, and (i) with each annual Compliance Certificate delivered by Borrower pursuant to Section 6.02(a) of the Credit Agreement, the Guarantor shall cause Borrower to provide any information updating the Perfection Certificate, including, without limitation, any new locations at which any Collateral is located.
Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.
Proposed Policies and Procedures Regarding New Online Content and Functionality By October 31, 2017, the School will submit to OCR for its review and approval proposed policies and procedures (“the Plan for New Content”) to ensure that all new, newly-added, or modified online content and functionality will be accessible to people with disabilities as measured by conformance to the Benchmarks for Measuring Accessibility set forth above, except where doing so would impose a fundamental alteration or undue burden.
a) When fundamental alteration or undue burden defenses apply, the Plan for New Content will require the School to provide equally effective alternative access. The Plan for New Content will require the School, in providing equally effective alternate access, to take any actions that do not result in a fundamental alteration or undue financial and administrative burdens, but nevertheless ensure that, to the maximum extent possible, individuals with disabilities receive the same benefits or services as their nondisabled peers. To provide equally effective alternate access, alternates are not required to produce the identical result or level of achievement for persons with and without disabilities, but must afford persons with disabilities equal opportunity to obtain the same result, to gain the same benefit, or to reach the same level of achievement, in the most integrated setting appropriate to the person’s needs.
b) The Plan for New Content must include sufficient quality assurance procedures, backed by adequate personnel and financial resources, for full implementation. This provision also applies to the School’s online content and functionality developed by, maintained by, or offered through a third-party vendor or by using open sources.
c) Within thirty (30) days of receiving OCR’s approval of the Plan for New Content, the School will officially adopt, and fully implement the amended policies and procedures.
Collateral Requirements All amounts deposited or invested with financial institutions in excess of any insurance limit shall be collateralized in accordance with the Public Funds Investment Act, 30 ILCS 235/. The Superintendent or designee shall keep the Board informed of collateral agreements.
Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.
Annual Collateral Verification Each year, at the time of delivery of annual financial statements with respect to the preceding Fiscal Year pursuant to Section 5.1(c), Company shall deliver to Collateral Agent a certificate of an Authorized Officer either (i) confirming that there has been no change in such information since the date of the Collateral Questionnaire delivered on the Closing Date or the date of the most recent certificate delivered pursuant to this Section 5.1(o) or (ii) identifying such changes;
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
CREDIT AND COLLATERAL REQUIREMENTS The applicable credit and collateral requirements are specified on the Cover Sheet.
