Cybersecurity Training A. Contractor represents and warrants that it will comply with the requirements of Section 2054.5192 of the Texas Government Code relating to cybersecurity training and required verification of completion of the training program.
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
Security Standards The Provider shall implement and maintain commercially reasonable security procedures and practices that otherwise meet or exceed industry standards designed to protect Student Data from unauthorized access, destruction, use, modification, or disclosure, including but not limited to the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of the Student Data (a "Security Breach"). For purposes of the DPA and this Exhibit G, "Security Breach" does not include the good faith acquisition of Student Data by an employee or agent of the Provider or LEA for a legitimate educational or administrative purpose of the Provider or LEA, so long as the Student Data is used solely for purposes permitted by SOPPA and other applicable law, and so long as the Student Data is restricted from further unauthorized disclosure.
Safety Training Pursuant to Missouri Revised Statute Section 292.675, Contractors and subcontractors who sign a contract to work on public works projects must provide a 10-hour OSHA construction safety program, or similar program approved by the Department of Labor and Industrial Relations, to be completed by their on-site employees within sixty (60) days of beginning work on the construction project. Contractors and subcontractors in violation of this provision will forfeit to the public body $2,500 plus $100 a day for each employee who is employed without training. Public bodies and contractors may withhold/assess these penalties from the payment due to those contractors and subcontractors if found to be in non-compliance.
Personal Information security breach Supplier/Service Provider’s Obligations
Special Analyses It is hereby certified that these regulations will not have a significant economic impact on a substantial number of small entities. This certification is based on the fact that it is unlikely that a substantial number of small entities will hold REMIC residual interests. Therefore, a Regulatory Flexibility Analysis under the Regulatory Flexibility Act (5 U.S.C. chapter 6) is not required. It has been determined that this Treasury decision is not a significant regulatory action as defined in Executive Order 12866. Therefore, a regulatory assessment is not required. It also has been determined that sections 553(b) and 553(d) of the Administrative Procedure Act (5 U.S.C. chapter 5) do not apply to these regulations. Drafting Information The principal author of these regulations is Xxxxxxxx Xxxxxxxxxx. However, other personnel from the IRS and Treasury Department participated in their development. List of Subjects 26 CFR Part 1 Income taxes, Reporting and record keeping requirements.
Security Safeguards (1) Each party acknowledges that it is solely responsible for determining and communicating to the other the appropriate technological, physical, and organizational security measures required to protect Personal Data.
Quality Assurance The parties endorse the underlying principles of the Company’s Quality Management System, which seeks to ensure that its services are provided in a manner which best conforms to the requirements of the contract with its customer. This requires the Company to establish and maintain, implement, train and continuously improve its procedures and processes, and the employees to follow the procedures, document their compliance and participate in the improvement process. In particular, this will require employees to regularly and reliably fill out documentation and checklists to signify that work has been carried out in accordance with the customer’s specific requirements. Where necessary, training will be provided in these activities.
CHILD ABUSE REPORTING CONTRACTOR hereby agrees to annually train all staff members, including volunteers, so that they are familiar with and agree to adhere to its own child and dependent adult abuse reporting obligations and procedures as specified in California Penal Code section 11165.7, AB 1432, and Education Code 44691. To protect the privacy rights of all parties involved (i.e., reporter, child and alleged abuser), reports will remain confidential as required by law and professional ethical mandates. A written statement acknowledging the legal requirements of such reporting and verification of staff adherence to such reporting shall be submitted to the LEA.
