PCI Compliance A. The Acquiring Bank will provide The Merchant with appropriate training on PCI PED and/or DSS rules and regulations in respect of The Merchants obligations. Initial training will be provided and at appropriate intervals as and when relevant changes are made to such rules and regulations.
B. The Acquiring Bank will ensure that The Merchant is kept informed of any relevant new, or changes to, PCI PED and/or DSS compliance rules and regulations.
C. The Merchant will comply with PCI PED and/or DSS, and resulting obligations, in respect of establishing, and maintaining, the required security controls.
D. The Merchant will ensure that all its appropriate staff (existing and new) are knowledgeable in their responsibilities with respect to PCI PED and/or DSS compliance.
E. The Merchant must be able to demonstrate compliance with PCI PED and/or DSS and maintain measures necessary to successfully pass regular compliance certification checks.
F. The Merchant will notify The Acquiring Bank immediately should it become evident that data security standards have been compromised. The Merchant will also provide all assistance necessary to assist The Acquiring Bank and its agents to investigate and obtain any required evidence of a security breach.
G. The Merchant hereby agrees and undertakes to fully indemnify The Acquiring Bank from and against all actions, claims, losses, charges, costs and damages which The Acquiring Bank may suffer or incur as a result of The Merchants failure to comply with PCI PED and/or DSS.
H. Further to the conditions set out in Section 34 below, The Acquiring Bank reserves the right to terminate this agreement with The Merchant if The Merchant:
i. Refuses to accept, or commence, any remedial action(s) required under its obligation to PCI PED and/or DSS.
ii. Fails to maintain its PCI PED and/or DSS obligations and/or consistently fails compliance certification checks.
iii. Receives continuing penalties Fraud notifications or alerts of in any case where the Acquiring bank may be asked by the schemes to take action against the Merchant. اهيلع ةقداصملا تمت دق هنأ نم ةيلمع يأ ذيفنت دعب دكأتلا رجاتلا ىلع بجي .10 لمحتب هرارقإ متو ةقاطبلا لماح ةطساوب بولطملا وحنلا ىلعو ةرشابم .ةيلمعلا كلت ذيفنت نع هتيلوؤسم لماك يأ تحت ةيلمع نم رثكأ ىلإ ةيلمعلا ةميق ميسقتب موقي لاأب رجاتلا دهعتي .11 لاير )500( ةميقب نيتيلمع ذفني نأ لاثملا ليبس ىلعف ،قلاطلإا ىلع فرظ ةعباتلا عفدلا ةقاطب سفن مادختساب لاير )1000( يلامجلإا اهغلبم عئاضبل اذه ربتعي ثيحب ؛ىرخأ عفد تاقاطب ةيأ وأ تاعوفدملل ةيدوعسلا ةكبشلل ءاغلإ و زاهجلا فاقيا ةلاحلا هذه يف كنبلل قحيو ،اًمامت ًاروظحم فرصتلا .ةيقافتلاا ةكبشلا ةقاطبب لقأ وأ رثكأ وأ لايرب ةرركم تايلمع ءارجإ رجاتلل قحي لا .12 غلابم وأ تايلمع ددع قيقحت ضرغب هب ةصاخلا نامتئلاا ةقاطب وأ ةيدوعسلا ءاغلإ و زاهجلا فاقيا كنبلل قحيو .هيلع ةررقملا موسرلا عفد بنجتل تايلمع .رجاتلا باسح نم ةررقملا موسرلا مصخ يف قحلاب ظافتحلاا عم ةيقافتلاا لمحُي نل هلاعأ ةحضوملا تامازتللااو تاءارجلإاب ديقتلا مدعو هقافخإ نأ رجاتلا رقي وأ فيلاكت وأ تابلاطم وأ ىوعد ةيأ نع اهريغ وأ تناك ةينوناق ،ةيلوؤسم ةيأ كنبلا ةراسخ وأ ةيمكارتلا رارضلأا وأ رئاسخلا كلذ يف امب رئاسخ وأ رارضأ وأ فيراصم مازتللااب رجاتلا للاخإ ببسب رجاتلا كنب اهدبكتي وأ اهل ضرعتي دق يتلا ،حابرلأا مدع ببسب ركذ امم يلأ رجاتلا كنب ضرعت لاح يفو .ةدراولا تابلطتملاو تاميلعتلاب ىوعد نم هيلع بترتي دق ام عيمج رجاتلا لمحتي ،ةروكذملا تاءارجلإاب رجاتلا مازتلا مدع ةجيتن رجاتلا كنب قحلت دق رئاسخ وأ رارضأ وأ فيراصم وأ فيلاكت وأ تابلاطم وأ .تاءارجلإاو طورشلاو تابلطتملا هذهب رجاتلا مازتلا عفدلا تاقاطب ةعانص رايعم عم قفاوتلا .9 PCI Compliance مادختساب ةصاخلا دعاوقلا ىلع بسانملا بيردتلا رجاتلل رجاتلا كنب مدقي .أ ،عفدلا تاقاطب ةعانصب قلعتت يتلاو ةيرسلا ةيصخشلا ماقرلأا لاخدإ زاهج تامازتلاب قلعتي اميف عفدلا تاقاطب ةعانص تانايب ةيامح رايعم ىلع اًضيأو تارييغت يأ ىلع وأ ديدج وه ام ىلع رجاتلا علاطإ ماود نم رجاتلا كنب دكأتي .ب ماقرلأا لاخدإ زاهج مادختساب ةصاخلا مازتللاا دعاوقو تاعيرشتلاب ةقلاع تاذ تانايب ةيامح رايعمب وأ ،عفدلا تاقاطبب قلعتي ام لك وأ ةيرسلا ةيصخشلا .عفدلا تاقاطب ةعانص ،عفدلا تاقاطبل ةيرسلا ةيصخشلا ماقرلأا لاخدإ ئدابمو ريياعمب رجاتلا مزتلي .ج قلعتي اميف ةرداصلا اهتاعيرشتو ،عفدلا تاقاطب تانايب نمأ ريياعمب اًضيأو .ةبولطملا ةيامحلا طباوض قيبطتو سيسأتب )نيدجتسملاو نييلاحلا( نيصتخملا نيفظوملا علاطإ نم رجاتلا دكأتي .د ةيصخشلا ماقرلأا لاخدإب ةصاخلا مازتللاا دعاوقب قلعتي اميف مهتايلوؤسمب .عفدلا تاقاطب تانايب نمأ ريياعمو ،عفدلا تاقاطبل ةيرسلا ةيصخشلا ماقرلأا لاخدإب ةصاخلا مازتللاا دعاوق حضوي نأ رجاتلا ىلع بجي .ـه ةظفاحملاو ،عفدلا تاقاطب تانايب نمأ ريياعم كلذكو عفدلا تاقاطبل ةيرسلا مازتللاا ىدمل ةيرودلا تارابتخلاا ةداهش زايتجلا ةيرورضلا ريياعملا ىلع .حاجنب ريياعم كاهتنا نم ققحتلا روف رجاتلا كنب راعشإب رجاتلا موقي نأ بجي .و كنب ةدعاسمل يرورض وه ام لك ميدقت رجاتلا ىلع بجي اًضيأو ،ةيامحلا ةبولطملا نيهاربلاو ةلدلأا يف قيقحتلا نم نيصتخملا هيفظومو رجاتلا .ةيامحلا قارتخا تابثلإ رجاتلا كنبل ةلماكلا ةيامحلاب ةيقافتلاا هذه بجومب رجاتلا مزتليو دهعتي .ز تابلاطم وأ ىوعد ةيأ نع ،اهريغ وأ تناك ةينوناق ،ةيلوؤسم ةيأ هليمحت مدعو رارضلأا وأ رئاسخلا كلذ يف امب رئاسخ وأ رارضأ وأ فيراصم وأ فيلاكت وأ ببسب رجاتلا كنب اهدبكتي وأ اهل ضرعتي دق يتلا ،حابرلأا ةراسخ وأ ةيمكارتلا كنب ظفتحي ،هاندأ 34 مقر ةداملا يف اهعضو مت يتلا طورشلا ىلإ ةفاضإ .ح :يتلآاب رجاتلا مايق ةلاح يف رجاتلا عم ةيقافتلاا هذه ءاهنإ قحب رجاتلا هتامازتلا هيلع هيلمت بولطم يزارتحا ءارجإ يأ ذاختا وأ لوبق هضفر .i وأ عفدلا تاقاطبل ةيرسلا ةيصخشلا ماقرلأا لاخدإ ئدابمو ريياعمب .عفدلا تاقاطب تانايب نمأ ريياعمب ماقرلأا لاخدإ ئدابمو ريياعمو دعاوقب مازتللااو ةظفاحملا يف هقافخإ .ii ،عفدلا تاقاطب تانايب نمأ ريياعمب وأ عفدلا تاقاطبل ةيرسلا ةيصخشلا .مازتللاا تارابتخا زايتجا يف لشفلا و/وأ تاريذحتلاو تاهيبنتلا هملاتسا وأ هيلع ةرمتسملا تامارغلا ضرف .iii تاعوفدملا ماظن لبق نم ةيلمع يأ صوصخب ريوزتلاب ةقلعتملا مزلالا ءارجلإا ذاختا رجاتلا كنب نم بلطي دق اهللاخ نم يتلاو ،يملاعلا 10. Transaction(s) to be in Saudi Riyals: All MADA-POS transactions must be denominated in Saudi Riyals (SR).
Information Technology Enterprise Architecture Requirements If this Contract involves information technology-related products or services, the Contractor agrees that all such products or services are compatible with any of the technology standards found at xxxxx://xxx.xx.xxx/iot/2394.htm that are applicable, including the assistive technology standard. The State may terminate this Contract for default if the terms of this paragraph are breached.
Standards Compliance Registry Operator shall comply with relevant existing RFCs and those published in the future by the Internet Engineering Task Force (IETF), including all successor standards, modifications or additions thereto relating to the DNS and name server operations including without limitation RFCs 1034, 1035, 1123, 1982, 2181, 2182, 2671, 3226, 3596, 3597, 4343, and 5966. DNS labels may only include hyphens in the third and fourth position if they represent valid IDNs (as specified above) in their ASCII encoding (e.g., “xn--ndk061n”).
Security of State Information The Contractor represents and warrants that it has implemented and it shall maintain during the term of this Contract the highest industry standard administrative, technical, and physical safeguards and controls consistent with NIST Special Publication 800-53 (version 3 or higher) and Federal Information Processing Standards Publication 200 and designed to (i) ensure the security and confidentiality of State Data; (ii) protect against any anticipated security threats or hazards to the security or integrity of the State Data; and (iii) protect against unauthorized access to or use of State Data. Such measures shall include at a minimum: (1) access controls on information systems, including controls to authenticate and permit access to State Data only to authorized individuals and controls to prevent the Contractor employees from providing State Data to unauthorized individuals who may seek to obtain this information (whether through fraudulent means or otherwise); (2) industry-standard firewall protection; (3) encryption of electronic State Data while in transit from the Contractor networks to external networks; (4) measures to store in a secure fashion all State Data which shall include multiple levels of authentication; (5) dual control procedures, segregation of duties, and pre-employment criminal background checks for employees with responsibilities for or access to State Data; (6) measures to ensure that the State Data shall not be altered or corrupted without the prior written consent of the State; (7) measures to protect against destruction, loss or damage of State Data due to potential environmental hazards, such as fire and water damage; (8) staff training to implement the information security measures; and (9) monitoring of the security of any portions of the Contractor systems that are used in the provision of the services against intrusion on a twenty-four (24) hour a day basis.
O.S.H.A. and Environmental Compliance (a) Except as could not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, each Borrower has duly complied with, and its facilities, business, assets, property, leaseholds, Real Property and Equipment are in compliance in all material respects with, the provisions of the Federal Occupational Safety and Health Act, the Environmental Protection Act, RCRA and all other Environmental Laws; there have been no outstanding citations, notices or orders of non-compliance issued to any Borrower or relating to its business, assets, property, leaseholds or Equipment under any such laws, rules or regulations.
(b) Except as could not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, each Borrower has been issued all required federal, state and local licenses, certificates or permits relating to all applicable Environmental Laws.
(i) There are no visible signs of material releases, spills, discharges, leaks or disposal (collectively referred to as “Releases”) of Hazardous Substances at, upon, under or within any Real Property including any premises leased by any Borrower; (ii) to the best knowledge of Borrowers, there are no underground storage tanks or polychlorinated biphenyls on the Real Property including any premises leased by any Borrower, (iii) to the best knowledge of Borrowers, the Real Property including any premises leased by any Borrower has never been used as a treatment, storage or disposal facility of Hazardous Waste; and (iv) to the best knowledge of Borrowers, no Hazardous Substances are present on the Real Property including any premises leased by any Borrower, excepting such quantities as are handled in accordance with all applicable manufacturer’s instructions and governmental regulations and in proper storage containers and as are necessary for the operation of the commercial business of any Borrower or of its tenants.
Environmental Compliance and Reports Borrower shall comply in all respects with any and all Environmental Laws; not cause or permit to exist, as a result of an intentional or unintentional action or omission on Borrower’s part or on the part of any third party, on property owned and/or occupied by Borrower, any environmental activity where damage may result to the environment, unless such environmental activity is pursuant to and in compliance with the conditions of a permit issued by the appropriate federal, state or local governmental authorities; shall furnish to Lender promptly and in any event within thirty (30) days after receipt thereof a copy of any notice, summons, lien, citation, directive, letter or other communication from any governmental agency or instrumentality concerning any intentional or unintentional action or omission on Borrower’s part in connection with any environmental activity whether or not there is damage to the environment and/or other natural resources. Additional Assurances. Make, execute and deliver to Lender such promissory notes, mortgages, deeds of trust, security agreements, assignments, financing statements, instruments, documents and other agreements as Lender or its attorneys may reasonably request to evidence and secure the Loans and to perfect all Security Interests.
Privacy Compliance The Provider shall comply with all applicable federal, state, and local laws, rules, and regulations pertaining to Student Data privacy and security, all as may be amended from time to time.
Monthly MWBE Contractor Compliance Report A. In accordance with 5 NYCRR § 142.10, Contractor is required to report Monthly MWBE Contractor Compliance to OGS during the term of the Contract for the preceding month’s activity, documenting progress made towards achievement of the Contract MWBE goals. OGS requests that all Contractors use the New York State Contract System (“NYSCS”) to report subcontractor and supplier payments made by Contractor to MWBEs performing work under the Contract. The NYSCS may be accessed at xxxxx://xx.xxxxxxxxxxxxxx.xxx/. This is a New York State- based system that all State agencies and authorities will be implementing to ensure uniform contract compliance reporting throughout New York State.
B. When a Contractor receives a payment from a State agency, it is the Contractor’s responsibility to pay its subcontractors and suppliers in a timely manner. On or after the first day of each month, the Contractor will receive an email or fax notification (“audit notice”) indicating that a representative of its company needs to log-in to the NYSCS to report the company’s MWBE subcontractor and supplier payments for the preceding month. The Contractor must also report when no payments have been made to a subcontractor or supplier in a particular month with entry of a zero dollar value in the NYSCS. Once subcontractor and supplier payments have been entered into the NYSCS, the subcontractor(s) and supplier(s) will receive an email or fax notification advising them to log into the NYSCS to confirm that they actually received the reported payments from the Contractor. It is the Contractor’s responsibility to educate its MWBE subcontractors and suppliers about the NYSCS and the need to confirm payments made to them in the NYSCS.
C. To assist in the use of the NYSCS, OGS recommends that all Contractors and MWBE subcontractors and suppliers sign up for the following two webinar trainings offered through the NYSCS: “Introduction to the System – Vendor training” and “Contract Compliance Reporting - Vendor Training” to become familiar with the NYSCS. To view the training schedule and to register visit: xxxxx://xx.xxxxxxxxxxxxxx.xxx/events.asp
D. As soon as possible after the Contract is approved, Contractor should visit xxxxx://xx.xxxxxxxxxxxxxx.xxx and click on “Account Lookup” to identify the Contractor’s account by company name. Contact information should be reviewed and updated if necessary by choosing “Change Info.” It is important that the staff member who is responsible for reporting payment information for the Contractor be listed as a user in the NYSCS. Users who are not already listed may be added through “Request New User.” When identifying the person responsible, please add “- MWBE Contact” after his or her last name (i.e., Xxxx Xxx – MWBE Contact) to ensure that the correct person receives audit notices from the NYSCS. NYSCS Technical Support should be contacted for any technical support questions by clicking on the links for “Contact Us & Support” then “Technical Support” on the NYSCS website.
E. If Contractor is unable to report MWBE Contractor Compliance via the NYSCS, Contractor must submit a Monthly MWBE Contractor Compliance Report on Form MWBE 102 to OGS, by the 10th day of each month during the term of the Contract, for the preceding month’s activity to: OGS MWBE Office, 00xx Xxxxx Xxxxxxx Xxxxx, Xxxxxx Xxxxx Xxxxx, Xxxxxx, XX 00000. Phone: 000-000-0000; Fax: 000-000-0000.
F. It is the Contractor’s responsibility to report subcontractor and supplier payments. Failure to respond to payment audits in a timely fashion through the NYSCS, or by paper to OGS, may jeopardize future payments pursuant to the MWBE liquidated damages provisions in clause IX below.
Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.
Contractor Compliance Contractor represents and warrants to pay, at its sole expense, for all applicable permits, licenses, tariffs, tolls and fees to give all notices and comply with all laws, ordinances, rules and regulations of any governmental entity in conjunction with the performance of obligations under the Contract. Prior to award and during the Contract term and any renewals thereof, Contractor must establish to the satisfaction of the Commissioner that it meets or exceeds all requirements of the Bid/Contract and any applicable laws, including but not limited to, permits, insurance coverage, licensing, proof of coverage for worker’s compensation, and shall provide such proof as required by the Commissioner. Failure to do so may constitute grounds for the Commissioner to cancel or suspend this Contract, in whole or in part, or to take any other action deemed necessary by the Commissioner.
