Notification of Xxxxxx and Unauthorized Release (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release.
Admission and Enrollment of Students For a student to be accepted and enrolled into a dual credit program, the STUDENT shall:
Entity Accounts Not Required to Be Reviewed, Identified or Reported Unless the Reporting Singaporean Financial Institution elects otherwise, either with respect to all New Entity Accounts or, separately, with respect to any clearly identified group of such accounts, where the implementing rules in Singapore provide for such election, a credit card account or a revolving credit facility treated as a New Entity Account is not required to be reviewed, identified, or reported, provided that the Reporting Singaporean Financial Institution maintaining such account implements policies and procedures to prevent an account balance owed to the Account Holder that exceeds $50,000.
PROCEDURE FOR DEALING WITH SAFETY ISSUES OR INCIDENTS 11.1 The Employer, the Employees and the Union agree that for the purposes of s. 81 of the WHS Act matters about work health and safety arising at the workplace shall be resolved in accordance with this procedure.
Security and Validation Procedures The Scheduling Coordinator shall apply to the Meter Data of the Scheduling Coordinator Metered Entities that it represents the security and validation procedures prescribed by the relevant Local Regulatory Authority. If the relevant Local Regulatory Authority has not prescribed any such procedures, the Scheduling Coordinator shall apply the procedures set forth in the CAISO Tariff. Meter Data submitted by a Scheduling Coordinator for Scheduling Coordinator Metered Entities shall conform to these standards unless the CAISO has, at its discretion, exempted the Scheduling Coordinator from these standards.
Data Security and Unauthorized Data Release The Requester and Approved Users, including the Requester’s IT Director, acknowledge NIH’s expectation that they have reviewed and agree to manage the requested controlled-access dataset(s) and any Data Derivatives of controlled-access datasets according to NIH’s expectations set forth in the current NIH Security Best Practices for Controlled-Access Data Subject to the GDS Policy and the Requester’s IT security requirements and policies. The Requester, including the Requester’s IT Director, agree that the Requester’s IT security requirements and policies are sufficient to protect the confidentiality and integrity of the NIH controlled-access data entrusted to the Requester. If approved by NIH to use cloud computing for the proposed research project, as outlined in the Research and Cloud Computing Use Statements of the Data Access Request, the Requester acknowledges that the IT Director has reviewed and understands the cloud computing guidelines in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH GDS Policy. The Requester and PI agree to notify the appropriate DAC(s) of any unauthorized data sharing, breaches of data security, or inadvertent data releases that may compromise data confidentiality within 24 hours of when the incident is identified. As permitted by law, notifications should include any known information regarding the incident and a general description of the activities or process in place to define and remediate the situation fully. Within 3 business days of the DAC notification, the Requester agrees to submit to the DAC(s) a detailed written report including the date and nature of the event, actions taken or to be taken to remediate the issue(s), and plans or processes developed to prevent further problems, including specific information on timelines anticipated for action. The Requester agrees to provide documentation verifying that the remediation plans have been implemented. Repeated violations or unresponsiveness to NIH requests may result in further compliance measures affecting the Requester. All notifications and written reports of data security incidents and policy compliance violations should be sent to the DAC(s) indicated in the Addendum to this Agreement. NIH, or another entity designated by NIH may, as permitted by law, also investigate any data security incident or policy violation. Approved Users and their associates agree to support such investigations and provide information, within the limits of applicable local, state, tribal, and federal laws and regulations. In addition, Requester and Approved Users agree to work with the NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law.
Reporting of Unauthorized Disclosure The Contractor shall immediately report to the State any unauthorized disclosure of confidential information.
Accounts Not Required to Be Reviewed, Identified, or Reported Unless the Reporting Financial Institution elects otherwise, either with respect to all Preexisting Individual Accounts or, separately, with respect to any clearly identified group of such accounts, where the implementing rules in the jurisdiction provide for such an election, the following accounts are not required to be reviewed, identified, or reported as Reportable Accounts:
Verification of Use 20 a. Pursuant to Multnomah County policy, Management must 21 require the completion of a certification form by the employee’s health care provider 22 and any other verifications required for under the provisions of the FMLA, OFLA, or 23 their successors.
Medical Verification The Town may require medical verification of an employee’s absence if the Town perceives the employee is abusing sick leave or has used an excessive amount of sick leave. The Town may require medical verification of an employee’s absence to verify that the employee is able to return to work with or without restrictions.
