Physical and Environmental Security DST shall: (i) restrict entry to DST’s area(s) where Fund Confidential Information is stored, accessed, or processed solely to DST’s personnel or DST authorized third party service providers for such access; and (ii) implement commercially reasonable practices for infrastructure systems, including fire extinguishing, cooling, and power, emergency systems and employee safety.
Personnel Security 6.1 Staff recruitment in accordance with government requirements for pre- employment checks;
6.2 Staff training and awareness of Departmental security and any specific contract requirements.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Physical Security Contractor shall ensure that Medi-Cal PII is used and stored in an area that is physically safe from access by unauthorized persons during working hours and non- working hours. Contractor agrees to safeguard Medi-Cal PII from loss, theft or inadvertent disclosure and, therefore, agrees to:
A. Secure all areas of Contractor facilities where personnel assist in the administration of the Medi-Cal program and use or disclose Medi-Cal PII. The Contractor shall ensure that these secure areas are only accessed by authorized individuals with properly coded key cards, authorized door keys or access authorization; and access to premises is by official identification.
B. Ensure that there are security guards or a monitored alarm system with or without security cameras 24 hours a day, 7 days a week at Contractor facilities and leased facilities where a large volume of Medi-Cal PII is stored.
C. Issue Contractor personnel who assist in the administration of the Medi-Cal program identification badges and require County Workers to wear the identification badges at facilities where Medi-Cal PII is stored or used.
D. Store paper records with Medi-Cal PII in locked spaces, such as locked file cabinets, locked file rooms, locked desks or locked offices in facilities which are multi-use (meaning that there are personnel other than contractor personnel using common areas that are not securely segregated from each other.) The contractor shall have policies which indicate that Contractor and their personnel are not to leave records with Medi-Cal PII unattended at any time in vehicles or airplanes and not to check such records in baggage on commercial airlines.
E. Use all reasonable measures to prevent non-authorized personnel and visitors from having access to, control of, or viewing Medi-Cal PII.
Separate Central and Local Terms The collective agreement shall consist of two parts. Part “A” shall comprise those terms which are central terms. Part “B” shall comprise those terms which are local terms.
Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means.
2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable).
3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically.
4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
Password Security You are responsible for maintaining adequate security and control of any and all User IDs, Passwords, hints, personal identification numbers (PINs), or any other codes that you use to access the Account. Do not discuss, compare, or share information about your account number or password unless you are willing to give them full use of your money. Any loss or compromise of the foregoing information and/or your personal information may result in unauthorized access to your Account by third-parties and the loss or theft of any funds held in your Account and any associated accounts, including your Account. Checks and electronic withdrawals are processed by automated methods, and anyone who obtains your account number or access device could use it to withdraw money from your account, with or without your permission. You are responsible for keeping your email address and telephone number up to date in order to receive any notices or alerts that we may send you. We assume no responsibility for any loss that you may sustain due to compromise of your account login credentials due to no fault of ours and/or your failure to follow or act on any notices or alerts that we may send to you. If you believe your Account information has been compromised, or that someone has transferred or may transfer money from your account without your permission, contact us immediately, through Synapse, at xxxx@xxxxxxxxx.xxx or call at +0(000) 000-0000. You agree to promptly review all Account and transaction records and other Communications that we make available to you and to promptly report any discrepancy to us.
Physical Security of Media DST shall implement controls, consistent with applicable prevailing industry practices and standards, that are designed to deter the unauthorized viewing, copying, alteration or removal of any media containing Fund Data. Removable media on which Fund Data is Schedule 10.2 p.3 stored by DST (including thumb drives, CDs, and DVDs, and PDAS) will be encrypted based on DST encryption policies.
Project Manager, County The County shall appoint a Project Manager to act as liaison between the County and the Subrecipient during the term of this Contract. The County’s Project Manager shall coordinate the activities of the County staff assigned to work with the Subrecipient.
PREVAILING WAGE RATES - PUBLIC WORKS AND BUILDING SERVICES CONTRACTS If any portion of work being Bid is subject to the prevailing wage rate provisions of the Labor Law, the following shall apply:
