Exceptional Access to Thick Registration Data In case of a registrar failure, deaccreditation, court order, etc. that prompts the temporary or definitive transfer of its domain names to another registrar, at the request of ICANN, Registry Operator will provide ICANN with up-‐to-‐date data for the domain names of the losing registrar. The data will be provided in the format specified in Specification 2 for Data Escrow. The file will only contain data related to the domain names of the losing registrar. Registry Operator will provide the data as soon as commercially practicable, but in no event later than five (5) calendar days following ICANN’s request. Unless otherwise agreed by Registry Operator and ICANN, the file will be made available for download by ICANN in the same manner as the data specified in Section 3.1 of this Specification.
Use of Customer Name Contractor may use County’s name without County’s prior written consent only in Contractor’s customer lists. Any other use of County’s name by Contractor must have the prior written consent of County.
Additional Acceptable Uses of Student Data Contractor is prohibited from using Student Data for any secondary use not described in this agreement except: a. for adaptive learning or customized student learning purposes; b. to market an educational application or product to a parent or legal guardian of a student if Contractor did not use Data, shared by or collected per this Contract, to market the educational application or product; c. to use a recommendation engine to recommend to a student i. content that relates to learning or employment, within the third-party contractor's internal application, if the recommendation is not motivated by payment or other consideration from another party; or
User IDs and Password Controls All users must be issued a unique user name for accessing DHCS PHI or PI. Username must be promptly disabled, deleted, or the password changed upon the transfer or termination of an employee with knowledge of the password, at maximum within 24 hours. Passwords are not to be shared. Passwords must be at least eight characters and must be a non-dictionary word. Passwords must not be stored in readable format on the computer. Passwords must be changed every 90 days, preferably every 60 days. Passwords must be changed if revealed or compromised. Passwords must be composed of characters from at least three of the following four groups from the standard keyboard: • Upper case letters (A-Z) • Lower case letters (a-z) • Arabic numerals (0-9) • Non-alphanumeric characters (punctuation symbols)
Workstation/Laptop encryption All workstations and laptops that process and/or store County PHI or PI must be encrypted using a FIPS 140-2 certified algorithm which is 128bit or higher, such as Advanced Encryption Standard (AES). The encryption solution must be full disk unless approved by the County Information Security Office.
