System Protection To prevent compromise of systems which contain DSHS Data or through which that Data passes:
a. Systems containing DSHS Data must have all security patches or hotfixes applied within 3 months of being made available.
b. The Contractor will have a method of ensuring that the requisite patches and hotfixes have been applied within the required timeframes.
c. Systems containing DSHS Data shall have an Anti-Malware application, if available, installed.
d. Anti-Malware software shall be kept up to date. The product, its anti-virus engine, and any malware database the system uses, will be no more than one update behind current.
System Use (a) An electronic site access system may be used on site, subject to the requirements of this statement.
(b) The system operates via:
(i) a facial recognition device; and
(ii) an electronic gate.
(c) The system will be installed at the access and egress point/s of the site and will only be utilised to identify presence on site.
(d) The purpose for which the electronic site access system will be implemented is to ensure:
(i) avoiding unauthorised access to site;
(ii) confirmation and co-ordination of effort in emergency situations; and
(iii) confirmation that all entrants to site have received a site specific induction;
(e) The only personal data collected by the system is a site entrant’s:
(i) image;
(ii) first & last name;
(iii) mobile phone number;
(iv) email address; and
(v) employer’s name. (the Collected Data)
(f) The Collected Data will only be held or used for the purposes specified above, unless otherwise by consent or required by law.
(g) The Employer will not use the electronic site access control system to verify who was on a site at a particular time for the purpose of:
(i) evaluating whether a variation claim regarding labour costs made by a subcontractor can be substantiated;
(ii) taking disciplinary action against an Employee, or assisting a subcontractor to take disciplinary action against its own employees, regarding their start and finish times; or
(iii) otherwise generally tracking a worker’s movements whilst on the site.
System and Data Access Services a. System. Subject to the terms and conditions of this Addendum and solely for the purpose of providing access to Fund Data as set forth herein, State Street hereby agrees to provide the Fund, or certain third parties approved by State Street that serve as the Fund`s investment advisors, investment managers or fund accountants (the "Fund Accountants") or as the Fund`s independent auditors (the "Auditor"), with access to State Street`s Multicurrency HORIZONR Accounting System and the other information systems described in Attachment A (collectively, the "System") on a remote basis solely on the computer hardware, system software and telecommunication links described in Attachment B (the "Designated Configuration") or on any designated substitute or back-up equipment configuration consented to in writing by State Street, such consent not to be unreasonably withheld.
System Protection Facilities Developer shall, at its expense, install, operate and maintain System Protection Facilities as a part of the Large Generating Facility or Developer’s Attachment Facilities. Connecting Transmission Owner shall install at Developer’s expense any System Protection Facilities that may be required on the Connecting Transmission Owner’s Attachment Facilities or the New York State Transmission System as a result of the interconnection of the Large Generating Facility and Developer’s Attachment Facilities.
System Logging The system must maintain an automated audit trail which can 20 identify the user or system process which initiates a request for PHI COUNTY discloses to 21 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, 22 or which alters such PHI. The audit trail must be date and time stamped, must log both successful and 23 failed accesses, must be read only, and must be restricted to authorized users. If such PHI is stored in a 24 database, database logging functionality must be enabled. Audit trail data must be archived for at least 3 25 years after occurrence.