Common use of Applicable Laws and Compliance with Federal Standards Clause in Contracts

Applicable Laws and Compliance with Federal Standards. Subcontractor is fully responsible and accountable for ensuring compliance with HIPAA and the Privacy Act, and Customer security and privacy directives and handbooks. This includes conducting compliant risk assessments, routine vulnerability scanning, system patching and change management procedures, and the completion of an acceptable contingency plan for each system. Subcontractor’s control procedures must be equivalent to those procedures used to secure Customer systems. All external internet connections to Customer’s network involving Customer information must be reviewed and approved by Customer prior to implementation. Subcontractor must receive, gather, store, back up, maintain, use, disclose and dispose of Customer information only in compliance with the terms of this Agreement, and applicable Federal and Customer information confidentiality and security laws, regulations and policies. If Federal or Customer information confidentiality and security laws, regulations and policies become applicable to Customer information or information systems after execution of this Agreement, the Parties agree to negotiate in good faith to implement the information confidentiality and security laws, regulations and policies in this Agreement.

Applicable Laws and Compliance with Federal Standards. Subcontractor is fully responsible and accountable for ensuring compliance with HIPAA and the Privacy Act, and Customer security and privacy directives and handbooks. This includes conducting compliant risk assessments, routine vulnerability scanning, system patching and change management procedures, and the completion of an acceptable contingency plan for each system. Subcontractor’s control procedures must be equivalent to those procedures used to secure Customer systems. All external internet connections to Customer’s network involving Customer information must be reviewed and approved by Customer prior to implementation. Subcontractor must receive, gather, store, back up, maintain, use, disclose and dispose of Customer information only in compliance with the terms of this AgreementBAA, and applicable Federal and Customer information confidentiality and security laws, regulations and policies. If Federal or Customer information confidentiality and security laws, regulations and policies become applicable to Customer information or information systems after execution of this AgreementBAA, the Parties agree to negotiate in good faith to implement the information confidentiality and security laws, regulations and policies in this AgreementBAA.