New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Right to Review Tax Returns Upon request, each party shall make available to the other party the portion of Pre-Separation Period Tax Returns that relates to the ALC Group that the first party is responsible for preparing under this Article III.
Bulk Registration Data Access to Icann Periodic Access to Thin Registration Data. In order to verify and ensure the operational stability of Registry Services as well as to facilitate compliance checks on accredited registrars, Registry Operator will provide ICANN on a weekly basis (the day to be designated by ICANN) with up-to-date Registration Data as specified below. Data will include data committed as of 00:00:00 UTC on the day previous to the one designated for retrieval by ICANN.
Maintenance of and Access to Records The Servicer will maintain each Receivable File in the United States (it being understood that the Receivable Files, or any part thereof, may be maintained at the offices of any Person to whom the Servicer has delegated responsibilities in accordance with Section 6.5). The Servicer will make available to the Issuer and the Indenture Trustee or their duly authorized representatives, attorneys or auditors a list of locations of the Receivable Files upon request. The Servicer will provide access to the Receivable Files, and the related accounts records, and computer systems maintained by the Servicer at such times as the Issuer or the Indenture Trustee direct, but only upon reasonable notice and during the normal business hours at the respective offices of the Servicer.
Access to Records after Closing (a) For a period of ------------------------------- six years after the Closing Date, Parent and its representatives shall have reasonable access to all of the books and records of the Companies to the extent that such access may reasonably be required by Parent in connection with matters relating to or affected by the operations of the Companies prior to the Closing Date. Such access shall be afforded by Buyer upon receipt of reasonable advance notice and during normal business hours. Parent shall be solely responsible for any costs or expenses incurred by it pursuant to this Section 13.6(a). If Buyer --------------- or the Companies shall desire to dispose of any of such books and records prior to the expiration of such six-year period, Buyer shall, prior to such disposition, give Parent a reasonable opportunity, at Parent's expense, to segregate and remove such books and records as Parent may select.
(b) For a period of six years after the Closing Date, Buyer and its representatives shall have reasonable access to all of the books and records relating to the Companies which Parent or any of its Affiliates may retain after the Closing Date. Such access shall be afforded by Parent and its Affiliates upon receipt of reasonable advance notice and during normal business hours. Buyer shall be solely responsible for any costs and expenses incurred by it pursuant to this Section 13.6(b). If Parent or any of its Affiliates shall --------------- desire to dispose of any of such books and records prior to the expiration of such six-year period, Parent shall, prior to such disposition, give Buyer a reasonable opportunity, at Buyer's expense, to segregate and remove such books and records as Buyer may select.
Right to Reject Investment In contrast, we have the right to reject your subscription for any reason or for no reason, in our sole discretion. If we reject your subscription, any money you have given us will be returned to you.
Fraud, Waste, and Abuse Contractor understands that HHS does not tolerate any type of fraud, waste, or abuse. Violations of law, agency policies, or standards of ethical conduct will be investigated, and appropriate actions will be taken. Pursuant to Texas Government Code, Section 321.022, if the administrative head of a department or entity that is subject to audit by the state auditor has reasonable cause to believe that money received from the state by the department or entity or by a client or contractor of the department or entity may have been lost, misappropriated, or misused, or that other fraudulent or unlawful conduct has occurred in relation to the operation of the department or entity, the administrative head shall report the reason and basis for the belief to the Texas State Auditor’s Office (SAO). All employees or contractors who have reasonable cause to believe that fraud, waste, or abuse has occurred (including misconduct by any HHS employee, Grantee officer, agent, employee, or subcontractor that would constitute fraud, waste, or abuse) are required to immediately report the questioned activity to the Health and Human Services Commission's Office of Inspector General. Contractor agrees to comply with all applicable laws, rules, regulations, and System Agency policies regarding fraud, waste, and abuse including, but not limited to, HHS Circular C-027. A report to the SAO must be made through one of the following avenues: ● SAO Toll Free Hotline: 1-800-TX-AUDIT ● SAO website: xxxx://xxx.xxxxx.xxxxx.xx.xx/ All reports made to the OIG must be made through one of the following avenues: ● OIG Toll Free Hotline 0-000-000-0000 ● OIG Website: XxxxxxXxxxxXxxxx.xxx ● Internal Affairs Email: XxxxxxxxXxxxxxxXxxxxxxx@xxxx.xxxxx.xx.xx ● OIG Hotline Email: XXXXxxxxXxxxxxx@xxxx.xxxxx.xx.xx. ● OIG Mailing Address: Office of Inspector General Attn: Fraud Hotline MC 1300 P.O. Box 85200 Austin, Texas 78708-5200
Public Records Law The Contractor shall assist the County in fulfilling all obligations of the County under the Washington Public Records Act (chapter 42.56 of the Revised Code of Washington). In the event that the Contractor fails to fulfill its obligations pursuant to this section and due in whole or in part to such failure a court of competent jurisdiction imposes a penalty upon the County for violation of the Public Records Act, Contractor shall indemnify the County for that penalty, as well as for all costs and attorney fees incurred by the County in the litigation giving rise to such a penalty. The obligations created by this section shall survive the termination of this contract.
ACCESS TO RECORDS AND REPORTS The Contractor must maintain an acceptable cost accounting system. The Contractor agrees to provide the Sponsor, the Federal Aviation Administration, and the Comptroller General of the United States or any of their duly authorized representatives access to any books, documents, papers, and records of the contractor which are directly pertinent to the specific contract for the purpose of making audit, examination, excerpts and transcriptions. The Contractor agrees to maintain all books, records and reports required under this contract for a period of not less than three years after final payment is made and all pending matters are closed.
Right to Refuse to Cross Picket Lines (a) All employees covered by this Agreement shall have the right to refuse to cross a picket line arising out of a dispute as defined in the appropriate legislation. Any employees failing to report for duty shall be considered to be absent without pay.
(b) Failure to cross a picket line encountered in carrying out the Employer's business shall not be considered a violation of this Agreement nor shall it be grounds for disciplinary action.
