PCI Compliance A. The Acquiring Bank will provide The Merchant with appropriate training on PCI PED and/or DSS rules and regulations in respect of The Merchants obligations. Initial training will be provided and at appropriate intervals as and when relevant changes are made to such rules and regulations.
Software compliance Unless explicitly agreed, software being used and developed to provide the service should: ● Be licensed under an open source and permissive license (like MIT, BSD, Apache 2.0,...). ● The license should provide unlimited access rights to the EGI community. ● Have source code publicly available via a public source code repository (if needed a mirror can be put in place under the EGI organisation in GitHub13.) All releases should be appropriately tagged. ● Adopt best practices: ○ Defining and enforcing code style guidelines. ○ Using Semantic Versioning. ○ Using a Configuration Management frameworks such as Ansible. ○ Taking security aspects into consideration through at every point in time. ○ Having automated testing in place. ○ Using code reviewing. 9 xxxxx://xxx.xxx.xx/about/policy/policies_procedures.html 10 xxxxx://xxxx.xxx.xx/wiki/OMB 11 xxxx://xxx.xxx.xx/ 12 xxxxx://xxx.xxx.xx/portal/index.php?Page_Type=NGI&id=4 13 xxxxx://xxxxxx.xxx/EGI-Foundation ○ Treating documentation as code. ○ Documentation should be available for Developers, administrators, and end users.
Privacy Compliance The Provider shall comply with all applicable federal, state, and local laws, rules, and regulations pertaining to Student Data privacy and security, all as may be amended from time to time.
Program Compliance The School Board shall be responsible for monitoring the program to provide technical assistance and to ensure program compliance.
Standards Compliance DNS. Registry Operator shall comply with relevant existing RFCs and those published in the future by the Internet Engineering Task Force (IETF), including all successor standards, modifications or additions thereto relating to the DNS and name server operations including without limitation RFCs 1034, 1035, 1123, 1982, 2181, 2182, 2671, 3226, 3596, 3597, 4343, and 5966. DNS labels may only include hyphens in the third and fourth position if they represent valid IDNs (as specified above) in their ASCII encoding (e.g., “xn--ndk061n”).
Export Control Compliance User acknowledges that Center is an open laboratory for fundamental research that has many foreign persons as its employees and students. User understands and agrees that under no circumstances will User bring export control-listed items, or unpublished software source code or technical information in the form of defense articles or technical data regulated by the International Traffic in Arms Regulations (ITAR), to Center. Use of Center or facilities for activity subject to the ITAR, including the development, assembly or fabrication of defense articles identified on the US Munitions List, is prohibited.
License Compliance HP may audit Customer compliance with the software license terms. Upon reasonable notice, HP may conduct an audit during normal business hours (with the auditor’s costs being at HP’s expense). If an audit reveals underpayments then Customer will pay to HP such underpayments. If underpayments discovered exceed five (5) percent of the contract price, Customer will reimburse HP for the auditor costs.
OSHA Compliance To the extent applicable to the services to be performed under this Agreement, Contractor represents and warrants, that all articles and services furnished under this Agreement meet or exceed the safety standards established and promulgated under the Federal Occupational Safety and Health Law (Public Law 91-596) and its regulations in effect or proposed as of the date of this Agreement.
FERPA Compliance In connection with all FERPA Records that Contractor may create, receive or maintain on behalf of University pursuant to the Underlying Agreement, Contractor is designated as a University Official with a legitimate educational interest in and with respect to such FERPA Records, only to the extent to which Contractor (a) is required to create, receive or maintain FERPA Records to carry out the Underlying Agreement, and (b) understands and agrees to all of the following terms and conditions without reservation:
HIPAA Compliance If this Contract involves services, activities or products subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Contractor covenants that it will appropriately safeguard Protected Health Information (defined in 45 CFR 160.103), and agrees that it is subject to, and shall comply with, the provisions of 45 CFR 164 Subpart E regarding use and disclosure of Protected Health Information.
