Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
System Security Review All systems processing and/or storing County PHI or PI must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.
Aviation Security 1. In accordance with their rights and obligations under international law, the Parties reaffirm that their obligation to each other to protect the security of civil aviation against acts of unlawful interference forms an integral part of this Agreement. Without limiting the generality of their rights and obligations under international law, the Parties shall in particular act in conformity with the provisions of the Convention on Offenses and Certain Other Acts Committed on Board Aircraft, done at Tokyo September 14, 1963, the Convention for the Suppression of Unlawful Seizure of Aircraft, done at The Hague December 16, 1970, the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation, done at Montreal September 23, 1971, and the Protocol for the Suppression of Unlawful Acts of Violence at Airports Serving International Civil Aviation, done at Montreal February 24, 1988.
2. The Parties shall provide upon request all necessary assistance to each other to prevent acts of unlawful seizure of civil aircraft and other unlawful acts against the safety of such aircraft, of their passengers and crew, and of airports and air navigation facilities, and to address any other threat to the security of civil air navigation.
3. The Parties shall, in their mutual relations, act in conformity with the aviation security standards and appropriate recommended practices established by the International Civil Aviation Organization and designated as Annexes to the Convention; they shall require that operators of aircraft of their registry, operators of aircraft who have their principal place of business or permanent residence in their territory, and the operators of airports in their territory act in conformity with such aviation security provisions.
4. Each Party agrees to observe the security provisions required by the other Party for entry into, for departure from, and while within the territory of that other Party and to take adequate measures to protect aircraft and to inspect passengers, crew, and their baggage and carry-on items, as well as cargo and aircraft stores, prior to and during boarding or loading. Each Party shall also give positive consideration to any request from the other Party for special security measures to meet a particular threat.
5. When an incident or threat of an incident of unlawful seizure of aircraft or other unlawful acts against the safety of passengers, crew, aircraft, airports or air navigation facilities occurs, the Parties shall assist each other by facilitating communications and other appropriate measures intended to terminate rapidly and safely such incident or threat.
6. When a Party has reasonable grounds to believe that the other Party has departed from the aviation security provisions of this Article, the aeronautical authorities of that Party may request immediate consultations with the aeronautical authorities of the other Party. Failure to reach a satisfactory agreement within 15 days from the date of such request shall constitute grounds to withhold, revoke, limit, or impose conditions on the operating authorization and technical permissions of an airline or airlines of that Party. When required by an emergency, a Party may take interim action prior to the expiry of 15 days.
Application Security The ISP will require that in-house application development be governed by a documented secure software development life cycle methodology, which will include deployment rules for new applications and changes to existing applications in live production environments.
Diversity Report The Contractor shall report to each Customer, spend with certified and other minority business enterprises. These reports shall include the period covered, the name, minority code and Federal Employer Identification Number of each minority business utilized during the period, Commodities provided by the minority business enterprise, and the amount paid to each minority business on behalf of each purchasing agency ordering under the terms of this Contract.
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
(2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program.
(3) DTI shall comply with its Information Security Program.
Transaction Security Each of the Parties agrees that the Transaction Security shall rank and secure the Credit Facility Liabilities, the Hedging Liabilities and the Pari Passu Debt Liabilities (subject to the terms of this Agreement) pari passu and without any preference between them (but only to the extent that such Transaction Security is expressed to secure those Liabilities).
Royalty Report The term “Royalty Report” shall have the meaning ascribed to such term as provided in Section 4.4.6.
Zone File Access Agreement Registry Operator will enter into an agreement with any Internet user, which will allow such user to access an Internet host server or servers designated by Registry Operator and download zone file data. The agreement will be standardized, facilitated and administered by a Centralized Zone Data Access Provider, which may be ICANN or an ICANN designee (the “CZDA Provider”). Registry Operator (optionally through the CZDA Provider) will provide access to zone file data per Section 2.1.3 of this Specification and do so using the file format described in Section 2.1.4 of this Specification. Notwithstanding the foregoing, (a) the CZDA Provider may reject the request for access of any user that does not satisfy the credentialing requirements in Section 2.1.2 below; (b) Registry Operator may reject the request for access of any user that does not provide correct or legitimate credentials under Section 2.1.2 below or where Registry Operator reasonably believes will violate the terms of Section 2.1.5. below; and, (c) Registry Operator may revoke access of any user if Registry Operator has evidence to support that the user has violated the terms of Section 2.1.5 below.
ASSOCIATION SECURITY 5.01 The Hospital will deduct from each nurse covered by this Agreement an amount equal to the regular monthly Association dues designated by the Association. The deduction period for a part-time nurse may be extended where the nurse does not receive any pay in a particular month. Where a nurse has no dues deducted during the payroll period from which dues are normally deducted, that deduction shall be made in the next payroll period provided the nurse has earnings in the next payroll period. If the failure to deduct dues results from an error by the Hospital, then, as soon as the error is called to its attention by the union, the Hospital shall make the deduction in the manner agreed to by the parties. If there is no agreement, the Hospital shall make the deduction in the manner prescribed by the union.
5.02 Such dues shall be deducted monthly and in the case of newly employed nurses, such deductions shall commence in the month following their date of hire.
5.03 The amount of the regular monthly dues shall be those authorized by the Association and the Vice-President, Finance of the Association shall notify the Hospital of any changes therein and such notification shall be the Hospital's conclusive authority to make the deduction specified. In the case of any local dues levies, notification will be made by the local treasurer and such notification shall be the Hospital’s conclusive authority to make the deduction specified.
5.04 In consideration of the deducting and forwarding of Association dues by the Hospital, the Association agrees to indemnify and save harmless the Hospital against any claims or liabilities arising or resulting from the operation of this Article.
5.05 The amounts so deducted shall be remitted monthly to the Vice-President, Finance of the Association, no later than the end of the month following the month in which the dues were deducted. In remitting such dues, the Hospital shall provide a list of nurses from whom deductions were made, their work site (if the bargaining unit covers more than one site) and the nurses’ social insurance numbers, amount of dues deducted and, where feasible, the Hospital shall also provide the job classification, and status of the nurses. The list shall also include deletions and additions from the preceding month highlighting new hires, resignations, terminations, new unpaid leave of absence of greater than one (1) month and returns from leaves of absence. A copy of this list will be sent concurrently to the local Association. Where the parties agree, the Hospital may also provide the information in an electronic format or on a computer disk. If the central parties are able to agree on a template for dues related information, it will be distributed and jointly recommended to the Hospitals.
5.06 The Hospital agrees that an officer of the Association or Union representative shall be allowed a reasonable period during regular working hours to interview newly hired nurses during their probationary period. During such interview, membership forms may be provided to the nurse. These interviews shall be scheduled in advance as determined by local negotiation and may be arranged collectively or individually by the Hospital. NOTE: The list provided for in Article 5.05 shall include any other information that is currently provided to ONA. Additionally, the Hospital will provide each nurse with a T-4 Supplementary Slip showing the dues deducted in the previous year for income tax purposes where such information is or becomes readily available through the Hospital's payroll system.
