Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).
Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.
Permitted Uses and Disclosures of PHI and the third party notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
Identification and Disclosure of Privacy and Security Offices Business Associate and Subcontractors shall provide, within ten (10) days of the execution of this agreement, written notice to the Covered Entity’s contract/grant manager the names and contact information of both the HIPAA Privacy Officer and HIPAA Security Officer. This information must be updated any time either of these contacts changes.
Permitted Use and Disclosures Each Party hereto may use or disclose Information disclosed to it by the other Party to the extent such use or disclosure: (i) is reasonably necessary in complying with Applicable Laws or otherwise submitting information to tax or other governmental authorities, (ii) is provided by the receiving Party to Third Parties, on a strictly as-needed basis, for consulting services, conducting Preclinical or Clinical Development, CMC/Process Development, Manufacturing, external testing, market research, or otherwise exercising its rights or performing its obligations hereunder; provided, that such Third Parties are obligated to maintain the confidentiality of such other Party’s Information as set forth herein for the benefit of such other Party for a period of at least the term of the agreement with such Third Party and for a period of *** thereafter; (iii) is included in submissions by the receiving Party to Governmental Authorities to facilitate the issuance of approvals for NDAs and NDA Equivalents for the Product, provided that reasonable measures shall be taken to assure confidential treatment of such Information; or (iv) is to Third Parties in connection with a receiving Party’s efforts to secure financing or enter into strategic partnerships, provided such Information is disclosed only on a need-to-know basis and under confidentiality provisions at least as stringent as those in this Agreement. Additionally, Bayer may disclose to Mitsui any Information received from Licensee hereunder; provided, that such disclosure is reasonably considered by Bayer to be necessary to comply with the terms and conditions of the Patent License Agreement; and further provided, that Mitsui is obligated to maintain the confidentiality of Licensee’s Information as set forth herein for the benefit of Licensee. Notwithstanding the foregoing, if a receiving Party is required to make any such disclosure of the disclosing Party’s confidential Information, other than pursuant to a confidentiality agreement, the receiving Party will give reasonable advance notice to the disclosing Party of such disclosure and, save to the extent inappropriate in the case of patent applications, will use its reasonable efforts to secure confidential treatment of such Information prior to its disclosure (whether through protective orders or otherwise).
City Requirements Design, construction, materials, sizing, other specifications, permitting, inspections, testing, documentation and furnishing of as-built drawings, and acceptance of completed infrastructure shall be in accordance with City Requirements. Design and construction shall be by professionals licensed in the state of North Carolina to do the relevant work. City approval of the design of the Improvements shall be required prior to construction, as set forth in City Requirements. If Developer is connecting to the County sewer system, the City may require Developer to furnish the contract providing for such connection.
LIMITATIONS ON REVERSE ENGINEERING, DECOMPILATION AND DISASSEMBLY You may not reverse engineer, decompile, or disassemble the Software, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation.
PERMITTED USES AND DISCLOSURES BY CONTRACTOR Except as otherwise limited in this Schedule, Contractor may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, County as specified in the Agreement; provided that such use or disclosure would not violate the Privacy Rule if done by County.
