Compliance with Security Standards Sample Clauses

Compliance with Security Standards. Vendor shall, upon request of NYC Health + Hospitals, provide evidence of on-going compliance with industry standard security controls related to: 5.1 Access Control, including identity and access management policies, practices, and technologies that support and ensure authorization, secure authentication, role-based access, auditable access, and timely access termination, as well as Vendor policies and procedures related to access control and identity management. For the solution delivered to the System, Vendor will additionally ensure standard federation or integration protocols are used for Active Directory (AD) authentication. 5.2 Asset management, including Vendor’s policies and procedures for “bring your own device” and personal device management procedures, and for data inventory, data flow, data classification, data labeling, and data handling (including disposal). 5.3 Business continuity and disaster recovery, including Vendor’s policies and procedures regarding data availability, data backup, data recovery, data retention and disaster recovery service levels, physical and environmental security to ensure that data center utilities are in optimal condition, secure, safeguarded against risks, monitored, maintained, redundant, and regularly tested. The policies and procedures shall ensure that the Vendor: 5.3.1 operates a mirror system at a hardened data center facility in the United States that is geographically remote from the primary system on which the subscription services are hosted (the “Secondary Backup Facility”). 5.3.2 conducts periodic backup of NYC Health + Hospitals data and stores such backup data in the Secondary Backup Facility. 5.4 Data protection, including Vendor’s policies and procedures that ensure that: 5.4.1 applications and programming applications and interfaces are designed, developed, deployed, and tested in accordance with leading industry standards and adhere to applicable legal, statutory, or regulatory compliance obligations; 5.4.2 data input and output integrity routines (i.e., reconciliation and edit checks) have been implemented for application interfaces and databases to prevent manual or systematic processing errors, corruption of data, or misuse, including encryption, penetration testing, vulnerability management, malicious code execution and data management solutions employed to ensure controlled access to data, to secure data while at rest, in transit and in use; 5.4.3 baseline security configurations are imple...
Sample 1Sample 2Sample 3See All (8)
AutoNDA by SimpleDocs
Compliance with Security Standards. (a) Agent agrees that it shall, in the performance of any and all work under These General Terms and Conditions, use appropriate safeguards to assure the security of all personal and proprietary data PRINCIPAL shares with the Agent. (b) Agent further asserts that it complies with all security standards as defined in the ISO/IEC17799:2000 Information TechnologyCode of practice for information security management or similar standards, as applicable to the level of risk and types of data shared. Any subcontracting by the Agent subjects its authorized subcontractors to the same provision. Upon PRINCIPAL’s written permission for Agent to use any subcontractor as set forth in These General Terms and Conditions, Agent agrees to notify PRINCIPAL of the physical location of each subcontractor and to provide confirmation of the subcontractor’s agreement to these security standards. (c) Upon PRINCIPAL request, which shall not occur more than once per calendar year, Agent shall provide a completed security audit conducted by a qualified external auditing firm. Any such provided security audit must have been completed no more than six months prior to the date of any such PRINCIPAL request. If Agent has not performed a security audit within six (6) months prior to the date of such an PRINCIPAL request, Agent shall procure (at Agent’s expense) a qualified external auditing firm to conduct an independent security audit within thirty (30) days of the request. Further, Agent agrees to provide evidence of any and all mitigation activities performed as a result of the security audit. Upon PRINCIPAL request, Agent shall conduct security penetration tests and provide the results of these tests to PRINCIPAL where personal information of PRINCIPAL consumers, customers, or employees are stored, processed or accessed by Agent. Agent agrees to provide evidence of any and all mitigation activities performed as a result of the penetration test.
Sample 1Sample 2
Compliance with Security Standards. Surescripts shall comply with the applicable requirements of the Security Standards.
Sample 1Sample 2
Compliance with Security Standards. Customer shall regularly test and monitor the effectiveness of the security practices and procedures in the Information Security Program, and will evaluate and adjust its Information Security Program and information security safeguards in light of the results of the testing and monitoring, any material changes to its operations or business arrangements, or any other circumstances that Customer knows or reasonably should know may have a material effect on its Information Security Program and information security safeguards.
Sample 1

Related to Compliance with Security Standards

  • Compliance with Standards Although the standards for workmanship, material, and equipment have been selected in these specifications as a basis of reference, standards and specifications of the other bank member countries and recommendations of standards international organizations will be acceptable provided they are substantially equivalent to the designated standards and provided furthermore that the contractor submits for approval detailed specifications which he proposes to use. Reference to brand names or catalog numbers if any in these specifications have been made only for that equipment for which it has been determined that a degree of standardization is necessary to maintain certain essential features. And in certain cases such references have also been made for purposes of convenience to specify the requirements, in either case offers of alternative goods, which have similar characteristics and provide performance and quality at lease equal to those specified are acceptable. If the contractor offers materials, equipment, design calculations or tests, which conform to standards other than those specified, full details of the differences between the proposed standards and that specified in so far as they affect the design or purpose of the equipment, are to be supplied by the contractor if called upon to do so by the engineer, where required by the engineer for approval purposes, the contractor shall supply, without charge, duplicate copies of the proposed standards with English translations of the relevant portions. The contractor shall have available in his place of business (or in his supplier’s works) the relevant copies of standards or codes used for the use of the Engineer.

  • Compliance with Accessibility Standards All parties to this Agreement shall ensure that the plans for and the construction of all projects subject to this Agreement are in compliance with standards issued or approved by the Texas Department of Licensing and Regulation (TDLR) as meeting or consistent with minimum accessibility requirements of the Americans with Disabilities Act (P.L. 101-336) (ADA).

  • COMPLIANCE WITH SEC RULES If, at any time during which AVIF is serving as an investment medium for variable life insurance Contracts, 1940 Act Rules 6e-3(T) or, if applicable, 6e-2 are amended or Rule 6e-3 is adopted to provide exemptive relief with respect to Mixed and Shared Funding, AVIF agrees that it will comply with the terms and conditions thereof and that the terms of this Section 5 shall be deemed modified if and only to the extent required in order also to comply with the terms and conditions of such exemptive relief that is afforded by any of said rules that are applicable.

  • Compliance with FCPA Each of the Credit Parties and their Subsidiaries is in compliance with the Foreign Corrupt Practices Act, 15 U.S.C. §§ 78dd-1, et seq., and any foreign counterpart thereto. None of the Credit Parties or their Subsidiaries has made a payment, offering, or promise to pay, or authorized the payment of, money or anything of value (a) in order to assist in obtaining or retaining business for or with, or directing business to, any foreign official, foreign political party, party official or candidate for foreign political office, (b) to a foreign official, foreign political party or party official or any candidate for foreign political office, and (c) with the intent to induce the recipient to misuse his or her official position to direct business wrongfully to such Credit Party or its Subsidiary or to any other Person, in violation of the Foreign Corrupt Practices Act, 15 U.S.C. §§ 78dd-1, et seq.

  • Compliance with Statutes Rules and Regulations

  • Compliance with TIA Every amendment, waiver or supplement of this Indenture or the Securities shall comply with the TIA as then in effect.

  • Compliance with OFAC None of the Company and its Subsidiaries or, to the Company’s knowledge, any director, officer, agent, employee or affiliate of the Company and its Subsidiaries or any other person acting on behalf of the Company and its Subsidiaries, is currently subject to any U.S. sanctions administered by the Office of Foreign Assets Control of the U.S. Department of the Treasury (“OFAC”), and the Company will not, directly or indirectly, use the proceeds of the Offering hereunder, or lend, contribute or otherwise make available such proceeds to any subsidiary, joint venture partner or other person or entity, for the purpose of financing the activities of any person currently subject to any U.S. sanctions administered by OFAC.

  • Compliance with Regulations The contractor (hereinafter includes consultants) will comply with the Acts and the Regulations relative to Non-discrimination in Federally-assisted programs of the U.S. Department of Transportation, Federal Highway Administration, as they may be amended from time to time, which are herein incorporated by reference and made a part of this contract.

  • Compliance with Rules To comply with, and to require the Contractors to comply with, all rules, regulations, ordinances and laws bearing on the conduct of the work on the Improvements, including the requirements of any insurer issuing coverage on the Project and the requirements of any applicable supervising boards of fire underwriters.

  • Compliance with Xxxxx Xxxxx and Related Act requirements. All rulings and interpretations of the Xxxxx- Xxxxx and Related Acts contained in 29 CFR parts 1, 3, and 5 are herein incorporated by reference in this contract.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!