Audit Controls P. Contractor agrees to an annual system security review by the County to assure that systems processing and/or storing Medi-Cal PII are secure. This includes audits and keeping records for a period of at least three (3) years. A routine procedure for system review to catch unauthorized access to Medi-Cal PII shall be established by the Contractor.
Access Controls a. Authorized Access - DST shall have controls that are designed to maintain the logical separation such that access to systems hosting Fund Data and/or being used to provide services to Fund will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to Fund Data.
Infrastructure (a) The Borrower has and will maintain a sufficient infrastructure to conduct its business as presently conducted and as contemplated to be conducted following its execution of this Agreement.
Information regarding Interconnection Facilities 4.2.1 The SPD shall be required to obtain all information from the STU/CTU/concerned authority with regard to the Interconnection Facilities as is reasonably necessary to enable it to design, install and operate all interconnection plant and apparatus on the SPD’s side of the Delivery Point to enable delivery of electricity at the Delivery Point. The transmission of power up to the point of interconnection where the metering is done for energy accounting shall be the responsibility of the SPD at his own cost.
Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Systems The details of any systems work will be determined after a thorough business analysis. System's work will be billed on a time and material basis. Investors Bank provides an allowance of 10 systems hours for data extract set up and reporting extract set up. Additional hours will be billed on a time and material basis.
Access Toll Connecting Trunk Group Architecture 9.2.1 If CBB chooses to subtend a Verizon access Tandem, CBB’s NPA/NXX must be assigned by CBB to subtend the same Verizon access Tandem that a Verizon NPA/NXX serving the same Rate Center Area subtends as identified in the LERG.
Supervisory Control and Data Acquisition (SCADA) Capability The wind plant shall provide SCADA capability to transmit data and receive instructions from the ISO and/or the Connecting Transmission Owner for the Transmission District to which the wind generating plant will be interconnected, as applicable, to protect system reliability. The Connecting Transmission Owner for the Transmission District to which the wind generating plant will be interconnected and the wind plant Developer shall determine what SCADA information is essential for the proposed wind plant, taking into account the size of the plant and its characteristics, location, and importance in maintaining generation resource adequacy and transmission system reliability in its area.
Information Systems The Official Agency in conjunction with the Authority will meet the relevant requirements of Articles 131 to 136 of Regulation (EU) 2017/625 and Implementing Regulation (EU) 2019/1715 as appropriate to the Official Agency. The Official Agency shall record appropriate data in the Official Agency Premises Inspection database (OAPI), which will be further developed over the life of the contract. Data should be entered into the database on an ongoing basis but shall be entered within one month of the activity taking place, unless otherwise agreed with the Authority.
