Overarching. This Partnership Agreement is overarching and leading for all existing major Partnership Agreements between the Parties. Where existing Partnership Agreements between the Parties conflict with this agreement, this Partnership Agreement will prevail. Collaboration within the context of existing partnerships will take place in accordance with the principles and agreements as laid down in this Partnership Agreement.
Overarching. The Customer's service provider is responsible for the operation and management of the customer's technical platform and is normally responsible for the operation and management of solutions established in the platform. It is important for the Supplier to adhere to the technical solutions established on the Customer's technical platform as well as existing routines, within the operation and management of solutions established on the Customer's technical platform. There is also the option to apply the “shared management” principle, where the Customer’s service provider can provide everything from Network as a Service up to Software as a Service. Operations and/or application management for a service delivery (client/server/devices/applications) can thus be performed by an external supplier. Typical examples of shared management are solutions for medical devices (MD), building automation (BA) and other technical administrative devices (TD), where the Customer's service provider manages the Customer’s technological platform to the desired level, while the Customer manages the system solution. A dedicated server zone model for solutions using shared management is being established. It ensures the necessary separation and access control in relation to solutions that are hosted and managed entirely by the Customer's service provider. Operation and management must not be carried out via direct access. Instead, a compulsory management solution has been set up based on Citrix XenDesktop, ensuring access control as well as necessary traceability and the logging of activities. In addition, there is a VPN portal for external suppliers which requires two-factor authentication when attempting to log in. Furthermore, the Customer has a standardised managed file transfer service (MFT service) for the controlled and secure transmission of authorised data between the Customer and the Supplier. The Customer's service provider has established fixed freeze periods, where there is strict regulation of the changes that can be made to the infrastructure or to established solutions. In the event of larger operational events within the Customer’s platform, temporary freeze periods may be established. Figure 5 - MD management principle
Overarching. 1. Was the Energy Project evaluable?
Overarching. 1.1 Effective July 6, 2022, Nova Scotia Public Health is no longer requiring individuals to self- isolate if they, or an individual they live with, have symptoms of COVID-19. Despite this, the University strongly encourages Members in this situation to remain outside of the workplace until such time as they, or the individual they live with, have recovered.
Overarching. The Customer's network has been built up with network elements from Extreme Networks (formerly Avaya). There is extensive use of Shortest Path Bridging (SPB) in the network. SPB allows any VLAN to be migrated to any other part of the network as an L2VSN (L2 Virtual Service Network) without having to reconfigure all the nodes in the network. Fabric Attach and Fabric Connect are also used in the Customer’s network to automate network configuration, for both wireless and wired networks. The shared regional data centres (SDS) utilise network elements from Cisco and the use of MPLS. This means that communication between the Customer's network and HSØ is based on IPv4 and not Layer 2.
Overarching. The Customer is obliged to comply with Norwegian laws and regulation, and imposes strict requirements on compliance with relevant laws regarding information security in the procurement, establishment, operation, management and disposal of its systems. Information security is about ensuring that the information processed by the system: • cannot be accessed by unauthorised persons (confidentiality) • cannot be altered inadvertently or by unauthorised persons (integrity) • is available on demand (accessibility) A requirement is for the solution offered to satisfy the requirements of section 25 of the General Data Protection Regulation (GDPR) – Data protection by design and by default, see: • The Data Protection Authority guidelines on Data Protection by Design and by Default - xxxxx://xxx.xxxxxxxxxxxx.xx/en/regulations-and-tools/guidelines/data- protection-by-design-and-by-default/ • Data Protection Authority information about GDPR requirements on data protection by design and by default in the healthcare sector - xxxxx://xxx.xxxxxxxxxxxx.xx/personvern-pa-ulike-omrader/forskning-helse-og- velferd/leverandorer-og-utviklere-i-helse--og-omsorgssektoren/ (in Norwegian) • GDPR – Article 25, Data protection by design and by default - xxxx://xxx- xxx.xxxxxx.xx/xxxxx-xxxxxxx/XX/XXX/XXX/?xxx=XX:X:0000:000:XXXX The Customer is required to comply with the Code of Conduct for information security from the Norwegian Directorate of eHealth, see: • The “Code of conduct” Normen - xxxxx://xxxxxx.xx/normen/documents-in-english xxxxx://xxxxxx.xx/normen To support the customer's commitments and information security requirements, the South- Eastern Norway Regional Health Authority has defined a set of information security requirements in the "Security framework management system". The set of requirements includes requirements for infrastructure, systems and service, as well as for suppliers and persons responsible for the operation and management of infrastructure, systems and services for the Customer, see also: • xxxxx://xxx.xxxxx-xxxxxx.xx/informasjonssikkerhet-og-personvern/ledelsessystem- for-informasjonssikkerhet The supplier is expected to have incorporated these principles and ensure that they are complied with. The Customer’s service provider uses ISO 27001 as a standard for security management.
Overarching. 14. Both parties will:
Overarching. Within the context of local and state jurisdictional responsibilities, local government should enjoy maximum autonomy and be subject to minimum state intervention. Jurisdiction o It is recognised that both local government and state government have legitimate interests and jurisdictional responsibilities. o Local governments’ legitimate interests and autonomous jurisdiction responsibilities are for the good rule and government of their local areas. o The state government’s legitimate interests and jurisdiction responsibilities are for the good rule and government of the entire state. In exercising this jurisdiction the state has the responsibility to set, regulate and enforce appropriate policies and standards for the good of the entire community and which have state-wide and regional impacts and implications. In doing so, the state regulates activities and functions which may involve local government. During the development, regulation and enforcement of appropriate community standards, local government will not be the specific focus of the state, even though in some areas of activity local governments may be the sole providers or the only entities operating in this sector or area of activity.
Overarching. 1.1 The Parties recognize the necessary flexibility in mode of course delivery, given the unusual circumstances, specifically:
Overarching a. The Grantee shall maintain accurate and up-to-date contact information on the MRC, in the State Emergency System for Advanced Registration of Volunteer Health Professionals, which is the State Emergency Registry of Volunteers in Pennsylvania (SERVPA), and on the National MRC website throughout the Grant year, if receiving MRC funding.
