Safeguards Business Associate, its Agent(s) and Subcontractor(s) shall implement and use appropriate safeguards to prevent the use or disclosure of PHI other than as provided for by this Agreement. With respect to any PHI that is maintained in or transmitted by electronic media, Business Associate or its Subcontractor(s) shall comply with 45 CFR sections 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312 (technical safeguards) and 164.316 (policies and procedures and documentation requirements). Business Associate or its Agent(s) and Subcontractor(s) shall identify in writing upon request from Covered Entity all of the safeguards that it uses to prevent impermissible uses or disclosures of PHI.
Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means. 2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable). 3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically. 4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § ▇▇-▇▇-▇▇▇ et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.
Safeguard Measures Neither Party shall take safeguard action against services and service suppliers of the other Party from the date of entry into force of this Agreement. Neither Party shall initiate or continue any safeguard investigations in respect of services and service suppliers of the other Party.
Safeguarding 3.1. The LA has overarching responsibility for safeguarding and promoting the welfare of all children and young people in their area. They have statutory functions under the 1989 and 2004 Children Acts which make it clear, and the ‘Working Together to safeguard Children’ 2018 guidance sets these out in detail. 3.2. The provider must follow the EYFS and have clear safeguarding policies and procedures in place that are in line with the LA guidance and procedures for responding to and reporting suspected or actual abuse and neglect. A lead practitioner must take responsibility for safeguarding and all staff must have training to identify signs of abuse and neglect. The provider must have regard to ‘Working Together to Safeguard Children’ 2018 guidance. 3.3. The LA has set the following safeguarding criteria for childcare providers as a condition of funding: • All childcare providers must sign up to the identified agreement protocols as set out in the multi-agency safeguarding arrangements, these may include but not be limited to; the Local Safeguarding Children Board (LSCB) compact (and future safeguarding children’s partnership arrangements), to receive Public Protection Notices (PPN) and Multi-Agency Risk Assessment Conference (MARAC) and the Dorset Information Sharing Charter (DISC). • Providers are required to complete and return an Annual Safeguarding/Inclusion Self- Assessment. Follow up visits or phone calls may be undertaken by the Early Years Team to support providers with developing their safeguarding and inclusion practice. This process should support providers with their ongoing self-evaluation. • Providers are required to address any identified areas of development in their safeguarding/child protection practice identified through observation and Self-Assessment process, or by other professionals. • All providers must ensure that all staff are appropriately trained in safeguarding. Designated Safeguarding Leads and their Deputy Safeguarding Leads must attend the Multi agency training provided at least every 3 years and any other identified training for their role. • All new providers will be required to undergo relevant safeguarding training prior to joining the Directory of Providers for Early Education Funding. • All providers must collate and provide self-assessment/auditing information as requested by the relevant Local Safeguarding Partners. • All providers to ensure that any actions or recommendations set by Ofsted during inspection or the LA during visits are progressed. 3.4. In addition to this Safeguarding Leads, Deputy Leads and Childminder Safeguarding Leads are encouraged to attend appropriate and recommended Safeguarding networks/forums to keep updated.