General Security Requirements. The application/system must meet the general security standards based upon ISO 17799 – Code of Practice for Information Security and ISO 27799 – Security Management in Health Using ISO 17799. • The application must run on an operating system that is consistently and currently supported by the operating systems vendor. Applications under maintenance are expected to always be current in regards to the current version of the relevant operating system. • For applications hosted by OCHCA, OCHCA will routinely apply patches to both the operating system and subsystems as updated releases are available from the operating system vendor and or any third party vendors. The vendors must keep their software current and compatible with such updated releases in order for the application to operate in this environment. • Vendors must provide timely updates to address any applicable security vulnerabilities found in the application. • OCHCA utilizes a variety of proactive, generally available, monitoring tools to assess and manage the health and performance of the application server, network connectivity, power etc. The application must function appropriately while the monitoring tools are actively running. • All application services must run as a true service and not require a user to be logged into the application for these services to continue to be active. OCHCA will provide an account with the appropriate security level to logon as a service, and an account with the appropriate administrative rights to administer the application. The account password must periodically expire, as per OCHCA policies and procedures. • In order for the application to run on OCHCA server and network resources, the application must not require the end users to have administrative rights on the server or subsystems.
General Security Requirements. The Contractor (and/or any subcontractor) shall comply with information security and privacy requirements, Enterprise Performance Life Cycle (EPLC) processes, HHS Enterprise Architecture requirements to ensure information is appropriately protected from initiation to expiration of the contract. All information systems development or enhancement tasks supported by the contractor shall follow the HHS EPLC framework and methodology or and in accordance with the HHS Contract Closeout Guide (2012). HHS EA requirements may be located here: xxxxx://xxx.xxx.xxx/ocio/ea/documents/proplans.html.
General Security Requirements. (a) GA will maintain a written, information security program designed to protect the confidentiality, integrity and availability of Confidential Information in paper or other records and within its information system, including computers, devices, applications, and any wireless systems, and designed to perform the following core information security functions:
General Security Requirements. (a) Special Agent shall have a written, comprehensive information security program for the establishment and maintenance of a security system covering all electronic equipment, including its computers and any wireless system that, at a minimum, has the following elements:
General Security Requirements. The following requirements apply to all components of the Tribal Lottery System, including the Manufacturing Computer, the Central Computer, the Electronic Accounting System and Player Terminals. SPOKANE TRIBE
General Security Requirements. Vendor / Bidder should have the security controls in place to protect sensitive and/or confidential information shared with the vendor. • Ensure that any agent, including a vendor or subcontractor, to whom ReBIT provides access to information systems, agrees to implement reasonable and appropriate safeguards to ensure the confidentiality, integrity, and availability of the information systems. • Vendors will not copy any ReBIT’s data obtained while performing services under this RFP to any media, including hard drives, flash drives, or other electronic device, other than as expressly approved by ReBIT. • All personnel who will be part of this engagement deployed at ReBIT’s premises will need to adhere ReBIT’s security policy. • All personnel who will be part of this engagement will need to sign NDA with ReBIT. • Vendor / Bidder should carry out Background checks which includes Address, Education, past employment and criminal checks for all personnel that will be deployed at ReBIT for the implementation. • Vendor shall disclose the origin of all software components used in the product including any open source or 3rd party licensed components.
General Security Requirements. Signatory shall comply with the HIPAA Security Rule as if the HIPAA Security Rule applied to Individually Identifiable information that is TI regardless of whether Signatory is a Covered Entity or a Business Associate. Signatory shall also comply with the security requirements stated in Section 12 of this Common Agreement and specific additional requirements as described in the QTF and applicable SOPs, to the extent that such requirements are not already included in the HIPAA Security Rule, with respect to all Individually Identifiable information that is TI as if such information were Protected Health Information and Signatory were a Covered Entity or Business Associate. Notwithstanding anything else in this Section 12, none of these requirements shall apply to any federal agency or Public Health Authority.
General Security Requirements. All Parties will provide information, data back-up procedures, and information security so as to reasonably ensure that any Proprietary Information provided by another Party is not lost, stolen, modified, disclosed to or accessed by any other party (other than those permitted parties under Section 11 of this Agreement) without the Disclosing Party’s prior written approval. Such security measures will equal or exceed standard industry practices for similar entities dealing with Proprietary Information. All Parties warrant to the other Parties that it will reasonably monitor, evaluate and adjust its information security systems and procedures, its data security systems, and its processes in response to relevant changes in technology, changes in the sensitivity of any Proprietary Information, and internal and external threats to information security. All Parties will promptly notify the Disclosing Party of: (a) any unauthorized possession, use, or knowledge or attempt thereof, of the data-processing files, transmission messages, or other Lender Proprietary Information by any person or entity that may become known; (b) the effect of such; and (c) the corrective action the Receiving Party has taken in response thereto.
General Security Requirements. The Supplier shall:
General Security Requirements. 1. GA shall have a written, comprehensive information security program for the establishment and maintenance of a security system covering all electronic equipment, including its computers and any wireless system that, at a minimum, have the following elements:
