System Security Controls Sample Clauses

System Security Controls. In order to comply with the following system security controls, the Contractor agrees to:
Sample 1Sample 2Sample 3See All (38)
AutoNDA by SimpleDocs
System Security Controls. In order to comply with the following system security controls, the Contractor agrees to: A. Ensure that all Contractor systems containing Medi-Cal PII provide an automatic timeout after no more than 20 minutes of inactivity. B. Ensure that all Contractor systems containing Medi-Cal PII display a warning banner stating that data is confidential, systems are logged, and system use is for business purposes only. User shall be directed to log off the system if they do not agree with these requirements. C. Ensure that all Contractor systems containing Medi-Cal PII log successes and failures of user authentication and authorizations granted. The system shall log all data changes and system accesses conducted by all users (including all levels of users, system administrators, developers, and auditors). The system shall have the capability to record data access for specified users when requested by authorized management personnel. A log of all system changes shall be maintained and be available for review by authorized management personnel. D. Ensure that all Contractor systems containing Medi-Cal PII use role based access controls for all user authentication, enforcing the principle of least privilege. E. Ensure that all Contractor data transmissions over networks outside of the Contractor’s control are encrypted end-to-end using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI, when transmitting Medi-Cal PII. The Contractor shall encrypt Medi-Cal PII at the minimum of 128 bit AES or 3DES (Triple DES) if AES is unavailable. F. Ensure that all Contractor systems that are accessible via the Internet or store Medi-Cal PII actively use either a comprehensive third-party real-time host based intrusion detection and prevention program or be protected at the perimeter by a network based IDS/IPS solution.
Sample 1Sample 2Sample 3See All (19)
System Security Controls. A. System The system must provide an automatic after no more than 20 minutes of inactivity.
Sample 1
System Security Controls. In order to comply with the following system security controls, the Contractor agrees to: A. Ensure that all Contractor systems containing Medi-Cal PII provide an automatic timeout after no more than 20 minutes of inactivity. B. Ensure that all Contractor systems containing Medi-Cal PII display a warning banner stating that data is confidential, systems are logged, and system use is for business purposes only. User shall be directed to log off the system if they do not agree with these requirements. Addendum A – page 5 C. Ensure that all Contractor systems containing Medi-Cal PII log successes and failures of user authentication and authorizations granted. The system shall log all data changes and system accesses conducted by all users (including all levels of users, system administrators, developers, and auditors). The system shall have the capability to record data access for specified users when requested by authorized management personnel. A log of all system changes shall be maintained and be available for review by authorized management personnel. D. Ensure that all Contractor systems containing Medi-Cal PII use role based access controls for all user authentication, enforcing the principle of least privilege. E. Ensure that all Contractor data transmissions over networks outside of the Contractor’s control are encrypted end-to-end using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI, when transmitting Medi-Cal PII. The Contractor shall encrypt Medi-Cal PII at the minimum of 128 bit AES or 3DES (Triple DES) if AES is unavailable.
Sample 1
System Security Controls 
Sample 1Sample 2Sample 3See All (30)

Related to System Security Controls

  • Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.

  • Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.

  • Indenture Controls If and to the extent that any provision of the Notes limits, qualifies or conflicts with a provision of this Indenture, such provision of this Indenture shall control.

  • Security Controls for State Agency Data In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.138, Contractor understands, acknowledges, and agrees that if, pursuant to this Contract, Contractor is or will be authorized to access, transmit, use, or store data for System Agency, Contractor is required to meet the security controls the System Agency determines are proportionate with System Agency’s risk under the Contract based on the sensitivity of System Agency’s data and that Contractor must periodically provide to System Agency evidence that Contractor meets the security controls required under the Contract.

  • Data Integrity Control Personal Data will remain intact, complete and current during processing activities.

  • CONTROL SYSTEM (a) SELLER shall provide and maintain a quality control system to an industry recognized Quality Standard and in compliance with any other specific quality requirements identified in this Contract. (b) Records of all quality control inspection work by SELLER shall be kept complete and available to LOCKHEED XXXXXX and its customers.

  • Administrative Controls The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.

  • Quality control system (i) The Contractor shall establish a quality control mechanism to ensure compliance with the provisions of this Agreement (the “Quality Assurance Plan” or “QAP”). (ii) The Contractor shall, within 30 (thirty) days of the Appointed Date, submit to the Authority’s Engineer its Quality Assurance Plan which shall include the following: (a) organisation, duties and responsibilities, procedures, inspections and documentation; (b) quality control mechanism including sampling and testing of Materials, test frequencies, standards, acceptance criteria, testing facilities, reporting, recording and interpretation of test results, approvals, check list for site activities, and proforma for testing and calibration in accordance with the Specifications for Road and Bridge Works issued by MORTH, relevant IRC specifications and Good Industry Practice; and (c) internal quality audit system. The Authority’s Engineer shall convey its approval to the Contractor within a period of 21 (twenty-one) days of receipt of the QAP stating the modifications, if any, required, and the Contractor shall incorporate those in the QAP to the extent required for conforming with the provisions of this Clause 11.2. (iii) The Contractor shall procure all documents, apparatus and instruments, fuel, consumables, water, electricity, labour, Materials, samples, and qualified personnel as are necessary for examining and testing the Project Assets and workmanship in accordance with the Quality Assurance Plan. (iv) The cost of testing of Construction, Materials and workmanship under this Article 11 shall be borne by the Contractor.

  • Security Systems The Service may not be compatible with security systems. You may be required to maintain a telephone connection through your local exchange carrier in order to use any alarm monitoring functions for any security system installed in your home or business. You are responsible for contacting the alarm monitoring company to test the compatibility of any alarm monitoring or security system with the Service.

  • Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!