Do you need a report
Materials to be prepared for ant insurance claims: claim application; A valid identity document of the applicant; The diagnosis certificate, detailed list of medical expenses and medical records of the insured issued by the medical institution; Original insurance policy; The medical insurance reimbursement certificate of the insured issued by the medical institution; Other certificates and materials that can be provided to confirm the nature, cause and loss degree of the insured accident.
Ant insurance claims need to meet the following three conditions: claims: claims need to be manually reviewed by Alipay, reviewed by customer service and submitted with claims materials. And survey: materials to be prepared: claim application, insurance contract, valid identity certificate of the insured, applicant's bank savings card and insurance policy. Audit: the amount of claims from different insurance companies: the account balance may not be settled or the account balance after deduction; Success Care Payment: The insurance company will complete the payment within 3 working days, subject to the insurance contract.
What is the specific process of Tianjin equal insurance evaluation?
Equal insurance evaluation process
1. Evaluation preparation stage: signing contract confidentiality agreement, preparing classification report, filing form, evaluation scheme and checklist. Submit materials to the competent department of municipal public security organs: classified report on information system security level protection and filing form for information system security level protection.
2. Investigation and scheme preparation: Business investigation, asset investigation, confirmation, scanning scheme preparation After the project team is established, the staff will go to the tested unit to investigate, get to know the evaluated system, sort out relevant materials, and carry out the next evaluation after reaching an understanding.
3. On-site evaluation: After the preparation of evaluation tools, on-site evaluation, vulnerability detection, safety technology evaluation and safety management evaluation enter the detection stage, the members of the evaluation agency's project team will complete the evaluation work according to the materials sorted out before.
What is the difference between temporary and long-term medical insurance filing?
Generally, if you want to go to a foreign hospital for medical treatment or be referred to a foreign hospital for medical treatment, you need to apply for medical treatment in different places for the record.
The validity period of temporary filing is relatively short. If it exceeds the time limit, you have to re-file it or go back to the local medical insurance center for reimbursement. It is suitable for patients who seek medical treatment temporarily in other places.
Those who live in different places for a long time can apply to the local medical insurance center for long-term filing. The advantage is that there is no need for repeated filing, which is convenient for medical reimbursement.
Waiting for the 2.0 configuration list?
Safe physical environment
1. 1 physical location selection
This requirement includes:
A) The location of the computer room should be in a building with shockproof, windproof and rainproof capabilities;
B) The computer room site should be avoided in the top floor or basement of the building, otherwise waterproof and moisture-proof measures should be strengthened.
1.2 physical access control
The entrance and exit of the computer room should be guarded by special personnel or equipped with electronic access control system to control, identify and record the personnel entering.
1.3 anti-theft and vandalism
This requirement includes:
A) The equipment or main components shall be fixed, and obvious indelible signs shall be set;
B) Communication cables shall be laid in hidden and safe places.
1.4 lightning protection
Various cabinets, facilities and equipment shall be safely grounded through the grounding system.
1.5 fire control
This requirement includes:
A) The computer room shall be equipped with an automatic fire-fighting system, which can automatically detect fire, alarm and extinguish fire;
B) Building materials with fire resistance grade shall be used for the computer room, related workshops and auxiliary rooms.
1.6 Waterproof and moistureproof
This requirement includes:
A) Measures should be taken to prevent rainwater from penetrating through the windows, roofs and walls of the computer room;
B) Measures should be taken to prevent water vapor condensation and the transfer and infiltration of groundwater in the computer room.
1.7 antistatic
Anti-static floor or ground should be adopted, and necessary grounding anti-static measures should be taken.
1.8 temperature and humidity control
Automatic temperature and humidity adjustment facilities should be set up to make the temperature and humidity change in the machine room within the allowable range of equipment operation.
1.9 power supply
This requirement includes:
A) Set voltage stabilizer and overvoltage protection equipment on the power supply line of the machine room;
B) Short-term standby power supply shall be provided to at least meet the normal operation requirements of the equipment in case of power failure.
1. 10 electromagnetic protection
Power cables and communication cables should be laid in isolation to avoid mutual interference.
2 secure communication network
2. 1 network architecture
This requirement includes:
A) Dividing different network areas and assigning addresses to each network area according to the principle of easy management and control;
B) Important network areas should be avoided to be deployed at the border, and reliable technical isolation measures should be taken between important network areas and other network areas.
2.2 Communication transmission
Verification technology should be adopted to ensure the integrity of data in the communication process.
2.3 Trusted verification
Based on the trusted root, the system boot program, system program, important configuration parameters and communication application program of communication equipment can be credibly verified, and the alarm will be given after the credibility damage is detected, and the verification results will form an audit record and be sent to the security management center.
3 Safe area boundary
3. 1 border protection
It should be ensured that cross-border access and data flow are communicated through the controlled interface provided by the border equipment.
3.2 Access control
This requirement includes:
A) Access control rules should be set between network boundaries or regions according to access control policies. By default, the controlled interface rejects all communication except communication;
B) Delete redundant or invalid access control rules, optimize the access control list and minimize the number of access control rules;
C) Check the source address, destination address, source port, destination port and protocol, etc. , so as to allow/deny data packets in and out;
D) It should be able to provide explicit access permission/denial capability for input and output data streams according to session state information.
3.3 Intrusion Prevention
Network attacks should be monitored at key network nodes.
3.4 Prevent malicious code.
Malicious code should be detected and cleared at key network nodes, and the protection mechanism of malicious code should be upgraded and updated.
3.5 Safety audit
This requirement includes:
A) conducting security audits at network boundaries and important network nodes, covering every user, and auditing important user behaviors and important security events;
B) The audit record shall include the date and time of the event, the user, the event type, whether the event was successful or not, and other information related to the audit;
C) Audit records shall be protected and backed up regularly to avoid accidental deletion, modification or overwriting.
3.6 Trusted verification
Based on the trusted root, the system boot program, system program, important configuration parameters and border protection application of the border equipment can be credibly verified, and an alarm will be given when its credibility is detected to be damaged, and the verification results will form an audit record and be sent to the security management center.
4 secure computing environment
4. 1 certification
This requirement includes:
A) Identity identification and authentication shall be carried out for the logged-in users. Identity recognition is unique, and identity authentication information has complex requirements and should be changed regularly;
B) It should have the function of handling login failure, and configure and enable relevant measures such as ending the session, limiting the number of illegal logins, and automatically quitting the login connection after overtime;
C) During remote management, necessary measures should be taken to prevent the authentication information from being eavesdropped during network transmission.
4.2 Access control
This requirement includes:
A) Accounts and permissions should be assigned to logged-in users:
B) The default account should be renamed or deleted, and the default password of the default account should be modified; .
C) Redundant and expired accounts shall be deleted or stopped in time to avoid * * * enjoying the existence of accounts;
D) The minimum authority required by administrative users should be granted, so as to realize the authority separation of administrative users.
4.3 Safety audit
This requirement includes:
A) The security audit function should be turned on to cover every user and audit important user behaviors and important security incidents;
B) The audit record shall include the date and time of the event, the user, the event type, whether the event was successful or not, and other information related to the audit;
C) Audit records shall be protected and backed up regularly to avoid accidental deletion, modification or overwriting.
4.4 Intrusion Prevention.
This requirement includes:
A) The principle of minimum installation shall be followed, and only necessary components and applications shall be installed;
B) Unnecessary system services, default access and high-risk ports should be closed;
C) Management terminals managed through the network should be restricted by setting terminal access mode or network address range;
D) The data validity check function shall be provided to ensure that the contents input through the man-machine interface or communication interface meet the requirements set by the system;
E) We should be able to find possible known vulnerabilities and fix them in time after full testing and evaluation.
4.5 Preventing Malicious Code
Anti-malicious code software should be installed or software with corresponding functions should be configured, and the anti-malicious code base should be updated regularly.
4.6 Trusted verification
Based on the trusted root, the system boot program, system program, important configuration parameters and application programs of the computing device can be credibly verified, and the alarm will be given when the credibility is detected to be damaged, and the verification results will form an audit record and be sent to the security management center.
4.7 data integrity
Verification technology should be adopted to ensure the integrity of important data during transmission.
4.8 Data Backup and Recovery
This requirement includes:
A) Local data backup and recovery functions of important data shall be provided;
B) Remote data backup function shall be provided, and important data shall be transmitted to standby sites in batches on a regular basis through communication networks.
4.9 Protection of Residual Information
Ensure that the storage space where the authentication information is located is completely emptied before it is released or redistributed.
4. 10 Personal information protection
This requirement includes:
A) Collect and save only the personal information of users required for business;
B) Unauthorized access and illegal use of users' personal information are prohibited.
5 Safety Management Center
5. 1 system management
This requirement includes:
A) The identity of the system administrator should be authenticated, and only the system management operations can be carried out through specific commands or operation interfaces, and these operations should be audited;
B) The system administrator should configure, control and manage the resources and operation of the system, including user identity, system resource configuration, system loading and startup, system operation exception handling, data and equipment backup and recovery, etc.
5.2 Audit management
This requirement includes:
A) The identity of the audit administrator should be authenticated, and only specific commands or operation interfaces are allowed to conduct security audit operations, and these operations should be audited;
B) Audit records shall be analyzed by the audit administrator and processed according to the analysis results, including storage, management and inquiry of audit records according to safety audit policies.
6 Safety management system
6. 1 security policy
The overall policy and security strategy of network security work should be formulated, and the overall goal, scope, principles and security framework of institutional security work should be defined.
6.2 Management system
This requirement includes:
A) Establish a safety management system according to the main management contents in safety management activities; .
B) Establish operating procedures for daily management operations performed by managers or operators.
6.3 Preparation and release
This requirement includes:
A) A special department or personnel shall be designated or authorized to formulate the safety management system;
B) The safety management system shall be issued in a formal and effective manner, and the version shall be controlled.
6.4 Review and revision
The rationality and applicability of the safety management system should be demonstrated and checked regularly, and the safety management system that is insufficient or needs improvement should be revised.
7. Safety management organization
7. 1 post setting
This requirement includes:
A) Set up functional departments of network security management, set up posts of security supervisor and person in charge of all aspects of security management, and define the responsibilities of each person in charge;
B) Establish the posts of system administrator, audit administrator and security administrator, and define the responsibilities of each department and post.
7.2 staffing
There should be a certain number of system administrators, audit administrators and security administrators.
7.3 Authorization and approval
This requirement includes:
A) Define the authorized examination and approval items, examination and approval departments and approvers according to the responsibilities of each department and post;
B) Should be aimed at system changes and important operations. Physical access and system access are subject to the approval process.
7.4 Communication and cooperation
This requirement includes:
A) Strengthen cooperation and communication among various managers, internal organizations and network security management departments, and hold regular coordination meetings to jointly deal with network security issues;
B) Cooperation and communication with network security functional departments, various suppliers, industry experts and security organizations should be strengthened;
C) Establish a contact list of outreach units, including their names, cooperation contents, contacts and contact information.
7.5 Audit and inspection
Security checks should be conducted regularly, including daily operation of the system, system vulnerabilities and data backup.
8 safety management personnel
8. 1 Recruitment
This requirement includes:
A) Special departments or personnel shall be designated or authorized to be responsible for personnel recruitment;
B) Review the identity, safety background, professional qualification or qualification of the hired personnel.
8.2 Resignation
All access rights of off-duty personnel shall be terminated in time, and all kinds of identification documents, keys, badges and other software and hardware equipment provided by the organization shall be retrieved.
8.3 Safety awareness education and training
Safety awareness education and job skills training should be conducted for all kinds of personnel, and relevant safety responsibilities and disciplinary measures should be informed.
8.4 External personnel access management
This requirement includes:
A) External personnel shall submit a written application before actually entering the controlled area, be accompanied by a special person after approval, and be registered for the record;
B) External personnel shall submit a written application before accessing the controlled network access system, and after approval, an account will be opened by a special person, with authority assigned and registered for the record;
C) After the outsiders leave the site, all access rights shall be cleared in time.
9 Safety construction management
9. 1 Classification and archiving
This requirement includes:
A) The safety protection level of the protected object and the method and reason for determining the level shall be stated in writing;
B) Organize relevant departments and relevant safety technical experts to demonstrate and verify the rationality and correctness of the classification results;
C) Ensure that the grading results are approved by relevant departments;
D) The filing materials shall be submitted to the competent department and the corresponding public security organ for filing.
9.2 Safety Scheme Design
This requirement includes:
A) Basic safety measures should be selected according to the safety protection level, and safety measures should be supplemented and adjusted according to the risk analysis results;
B) Design a safety scheme according to the safety protection level of the protected object;
C) Organize relevant departments and relevant safety experts to demonstrate and review the rationality and correctness of the safety scheme, which can be formally implemented only after approval.
9.3 Product Procurement and Use
This requirement includes:
A) Ensure that the procurement and use of network security products comply with relevant national regulations;
B) Ensure that the procurement and use of password products and services meet the requirements of the national password management department.
9.4 Self-developed software
This requirement includes:
A) The development environment should be physically isolated from the actual operation environment, and the test data and test results should be controlled;
B) Security should be tested during software development, and possible malicious codes should be detected before software installation.
9.5 Outsourcing software development
This requirement includes:
A) Possible malicious code should be detected before software delivery;
B) The developer shall be guaranteed to provide software design documents and user's guide.
9.6 Project implementation
This requirement includes:
A) Special departments or personnel shall be designated or authorized to be responsible for the management of the project implementation process;
B) A safety project implementation plan shall be made to control the project implementation process.
9.7 Test acceptance
This requirement includes:
A) Make a test acceptance plan, conduct test acceptance according to the test acceptance plan, and form a test acceptance report;
B) Before going online, a safety test shall be conducted and a safety test report shall be issued.
9.8 System Delivery
This requirement includes:
A) Make a handover list, and count the handed-over equipment, software and documents according to the handover list;
B) Technical personnel responsible for operation and maintenance shall be trained in corresponding skills;
C) Construction process documents and operation and maintenance documents shall be provided.
9.9 Grade evaluation
This requirement includes:
A) Regularly carry out rating evaluation, and if it is found that it does not meet the requirements of the corresponding grade protection standards, it shall be rectified in time;
B) In case of major changes or grade changes, grade evaluation shall be conducted;
C) Ensure that the selection of evaluation institutions conforms to the relevant provisions of the state.
9. 10 service provider selection
This requirement includes:
A) Ensure that the selection of service providers conforms to relevant national regulations;
B) Sign relevant agreements with the selected service providers, and specify the network security-related obligations of all parties in the whole service supply chain.
10 safe operation management
10. 1 environmental management
This requirement includes:
A) Designate special departments or personnel to be responsible for the safety of the computer room, manage the computer room personnel, and regularly maintain and manage the power supply and distribution, air conditioning, temperature and humidity control, fire fighting and other facilities in the computer room;
B) The safety management of the computer room shall be specified, including physical access, goods access and environmental safety. ;
C visitors should not be received in important areas, and paper documents and mobile media containing sensitive information should not be placed at will.
10.2 asset management
A list of assets related to the protected objects shall be compiled and kept, including the responsible department, importance and location of the assets.
10.3 media management
This requirement includes:
A) The media should be stored in a safe environment, and all kinds of media should be controlled and protected. The storage environment should be managed by special personnel, and the inventory should be made regularly according to the inventory list of archived media;
B) Control the personnel selection, packaging and delivery of media during physical transmission, and register and record the archiving and inquiry of media.
10.4 equipment maintenance management
This requirement includes:
A) Designate special departments or personnel to regularly maintain and manage all kinds of equipment (including backup and redundant equipment) and lines;
B) Provisions shall be made for the maintenance and management of supporting facilities, software and hardware, including the responsibilities of maintenance personnel, the examination and approval of maintenance and services, and the supervision and control of the maintenance process.
10.5 vulnerability and risk management
Necessary measures should be taken to identify security loopholes and hidden dangers, and the discovered security loopholes and hidden dangers should be repaired in time or after evaluating the possible impact.
10.6 network and system security management.
This requirement includes:
A) Network and system operation and maintenance management should be divided into different administrator roles, and the responsibilities and authorities of each role should be defined;
B) Special departments or personnel shall be designated to manage accounts and control the application, establishment and deletion of accounts;
C) Establish a network and system security management system, and stipulate security policy, account management, configuration management, log management, daily operation, upgrade patch, password update period, etc.
D) Formulate the configuration and operation manual of important equipment, and optimize the configuration of equipment according to the manual;
E) The operation and maintenance log shall be recorded in detail, including daily inspection, operation and maintenance records, parameter setting and modification, etc.
10.7 malicious code prevention management
This requirement includes:
A) All users should understand the prevention of malicious code and check the malicious code before connecting foreign computers or storage devices to the system;
B) Provisions shall be made for the requirements of malicious code prevention, including authorized use of malicious code prevention software, upgrade of malicious code base, regular killing of malicious code, etc.
C) Regularly check the upgrade of malicious code base, and timely analyze and deal with the intercepted malicious code.
10.8 configuration management
Basic configuration information shall be recorded and saved, including network topology, software components installed by each device, version and patch information of software components, configuration parameters of each device or software component, etc.
10.9 password management
This requirement includes:
A) National and industry standards related to passwords shall be followed;
B) Cryptographic technologies and products certified and approved by the national cryptographic management department shall be used.
10. 10 change management
The change requirements should be clearly defined, and a change plan should be made according to the change requirements before the change, and the change plan can only be implemented after examination and approval.
10. 1 1 backup and recovery management
This requirement includes:
A) Identify important business information, system data and software systems that need to be backed up regularly;
B) The backup mode, backup frequency and storage medium retention period of backup information shall be specified;
C) According to the importance of the data and its influence on the system operation, formulate the backup strategy and recovery strategy, backup program and recovery program of the data.
10. 12 security incident handling
This requirement includes:
A) Report the discovered security vulnerabilities and suspicious events to the security management department in time;
B) Establish a management system for reporting and handling security incidents, define the reporting, handling and response processes of different security incidents, and define the management responsibilities for on-site handling of security incidents, incident reporting and post-event recovery.
C) In the process of reporting and responding to security incidents, analyze and determine the causes of the incidents, collect evidence, record the handling process, and summarize experiences and lessons.
10. 13 emergency plan management
This requirement includes:
A) Emergency plans for important events shall be formulated, including emergency handling procedures and system recovery procedures;
B) Regularly train the relevant personnel of the system on emergency plans, and conduct drills on emergency plans.
10. 14 outsourcing operation and maintenance management
This requirement includes:
A) Ensure that the selection of outsourced operation and maintenance service providers conforms to relevant national regulations;
B) Sign relevant agreements with the selected outsourcing operation and maintenance service providers, and clearly specify the scope and work content of outsourcing operation and maintenance.
Is it okay to report to the community in six days?
You can't.
The personnel in the epidemic risk area must report to the local community in time, and consciously isolate at home or obey the centralized isolation arranged by the local epidemic prevention center headquarters. We should actively cooperate with the command of the local epidemic prevention department, support their work, do a good job in temperature measurement and nucleic acid detection, and do a good job in self-protection. Everyone will fight the COVID-19 epidemic and keep everyone healthy and safe!