Security of Information Unless otherwise specifically authorized by the DOH IT Security Officer, Contractor receiving confidential information under this contract assures that: It is compliant with the applicable provisions of the Washington State Office of the Chief Information Officer’s policy, Securing Information Technology Assets, available at ▇▇▇▇://▇▇▇.▇▇.▇▇▇/ocio. It will provide DOH copies of its IT security policies, practices and procedures upon the request of the DOH IT Security Officer. DOH may at any time conduct an audit of the Contractor’s security practices and/or infrastructure to assure compliance with the security requirements of this contract. It has implemented physical, electronic and administrative safeguards that are consistent with ISB IT security standards and guidelines to prevent unauthorized access, use, modification or disclosure of DOH Confidential Information in any form. This includes, but is not limited to, restricting access to specifically authorized individuals and services through the use of: Documented access authorization and change control procedures; Card key systems that restrict, monitor and log access; Locked racks for the storage of servers that contain Confidential Information or AES encryption (128bit or stronger) to protect confidential data at rest; Documented patch management practices that assure all network systems are running critical security updates within 6 days of release when the exploit is in the wild, and within 30 days of release for all others; Documented anti-virus strategies that assure all systems are running the most current anti-virus signatures within 1 day of release; Complex passwords that are systematically enforced and expire at least every 180 days; Strong (Two Factor) authentication mechanisms that assure the identity of individuals who access Confidential Information; Account lock-out after 5 failed authentication attempts for a minimum of 20 minutes, or for Confidential Information, until administrator reset; AES encrypted (128bit or stronger) sessions for all data transmissions. Firewall rules and network address translation that isolate database servers from web servers and public networks; Regular review of firewall rules and configurations to assure compliance with authorization and change control procedures; Log management and intrusion detection/prevention systems; A documented and tested incident response plan Any breach of this clause may result in termination of the contract and the demand for return of all personal information.
Furnishing of Information and Inspection of Receivables The Servicer will furnish or cause to be furnished to the Administrative Agent and each Lender from time to time such information with respect to the Pool Receivables and the other Collateral as the Administrative Agent or any Lender may reasonably request. The Servicer will, at the Servicer’s expense, during regular business hours with prior written notice, (i) permit the Administrative Agent and each Lender or their respective agents or representatives to (A) examine and make copies of and abstracts from all books and records relating to the Pool Receivables or other Collateral, (B) visit the offices and properties of the Servicer for the purpose of examining such books and records and (C) discuss matters relating to the Pool Receivables, the other Collateral or the Servicer’s performance hereunder or under the other Transaction Documents to which it is a party with any of the officers, directors, employees or independent public accountants of the Servicer (provided that representatives of the Servicer are present during such discussions) having knowledge of such matters and (ii) without limiting the provisions of clause (i) above, during regular business hours, at the Servicer’s expense, upon prior written notice from the Administrative Agent, permit certified public accountants or other auditors acceptable to the Administrative Agent to conduct a review of its books and records with respect to the Pool Receivables and other Collateral; provided, that the Servicer shall be required to reimburse the Administrative Agent for only one (1) such review pursuant to clause (ii) above in any twelve-month period unless an Event of Default has occurred and is continuing.
Termination of Information and Inspection Covenants The covenants set forth in Sections 2.1 and 2.2 shall terminate as to Investors and be of no further force or effect when the sale of securities pursuant to a registration statement filed by the Company under the Act in connection with the firm commitment underwritten offering of its securities to the general public is consummated or when the Company first becomes subject to the periodic reporting requirements of Sections 12(g) or 15(d) of the 1934 Act, whichever event shall first occur.
Availability of Information To make DHCS PI and PII available to the DHCS and/or 15 COUNTY for purposes of oversight, inspection, amendment, and response to requests for records, 16 injunctions, judgments, and orders for production of DHCS PI and PII. If CONTRACTOR receives 17 DHCS PII, upon request by COUNTY and/or DHCS, CONTRACTOR shall provide COUNTY and/or 18 DHCS with a list of all employees, contractors and agents who have access to DHCS PII, including 19 employees, contractors and agents of its subcontractors and agents.
Accessibility of Information Technology Contractor represents and warrants that any software/ hardware/ communications system/ equipment (collectively “technology”), if any, provided under this Agreement adheres to the standards and/or specifications as may be set forth in the Section 508 of the Rehabilitation Act of 1973 standards guide and is fully compliant with WCAG 2.0 AA standards for accessibility and compliant with any applicable FCC regulations. Technology that will be used on a mobile device must also be navigable with Voiceover on iOS devices in addition to meeting WCAG 2.0 level AA. If portions of the technology or user experience are alleged to be non-compliant or non- accessible at any point, District will provide Contractor with notice of such allegation and Contractor shall use its best efforts to make the technology compliant and accessible. If a state or federal department, office or regulatory agency, or if any other third party administrative agency or organization (“Claimants”), make a claim, allegation, initiates legal or regulatory process, or if a court finds or otherwise determines that technology is non-compliant or non-accessible, Contractor shall indemnify, defend and hold harmless the District from and against any and all such claims, allegations, liabilities, damages, penalties, fees, costs (including but not limited to reasonable attorneys’ fees), arising out of or related to ▇▇▇▇▇▇▇▇▇’ claims. Contractor shall also fully indemnify District for the full cost of any user accommodation that is found to be necessary due to an identifiable lack of accessibility in the Contractor’s technology. If necessary, an independent 3rd party accessibility firm using POUR standards (Perceivable, Operable, Understandable and Robust) may be used to validate the accessibility of the technology.