Computer Security Safeguards Sample Clauses

The Computer Security Safeguards clause requires parties to implement and maintain appropriate measures to protect computer systems and data from unauthorized access, breaches, or other security threats. Typically, this involves using firewalls, encryption, secure passwords, and regular security audits to ensure sensitive information is kept safe. The core function of this clause is to reduce the risk of data breaches and cyberattacks, thereby protecting both parties’ confidential information and ensuring compliance with relevant data protection laws.
POPULAR SAMPLE Copied 1 times
Computer Security Safeguards. The Contractor agrees to comply with the general computer security safeguards, system security controls, and audit controls in this section. In order to comply with the following general computer security safeguards, the Contractor agrees to: A. Encrypt portable computer devices, such as laptops and notebook computers that process and/or store Medi-Cal PII, with a solution using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution. One source of recommended solutions is specified on the California Strategic Sourced Initiative (CSSI) located at the following link: ▇▇▇.▇▇.▇▇▇.▇▇.▇▇▇/▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇▇. The Contractor shall use an encryption solution that is full-disk unless otherwise approved by DHCS. B. Encrypt workstations where Medi-Cal PII is stored using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI. C. Ensure that only the minimum necessary amount of Medi-Cal PII is downloaded to a laptop or hard drive when absolutely necessary for current business purposes. D. Encrypt all electronic files that contain Medi-Cal PII when the file is stored on any removable media type device (i.e. USB thumb drives, floppies, CD/DVD, etc.) using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI. E. Ensure that all emails sent outside the Contractor’s e-mail environment that include Medi-Cal PII are sent via an encrypted method using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI. F. Ensure that all workstations, laptops and other systems that process and/or store Medi-Cal PII have a commercial third-party anti-virus software solution and are updated when a new anti-virus definition/software release is available. G.Ensure that all workstations, laptops and other systems that process and/or store Medi-Cal PII have current security patches applied and up-to-date.
View SourceView Similar (48)
Computer Security Safeguards. The Contractor agrees to comply with the general computer security safeguards, system security controls, and audit controls in this section. In order to comply with the following general computer security safeguards, the Contractor agrees to: A. Encrypt portable computer devices, such as laptops and notebook computers that process and/or store Medi-Cal PII, with a solution using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution. One source of recommended solutions is specified on the California Strategic Sourced Initiative (CSSI) located at the following link: ▇▇▇.▇▇.▇▇▇.▇▇.
View SourceView Similar (9)
Computer Security Safeguards. Requesting Program agrees to comply with the general computer security safeguards, system security controls, and audit controls in this section. General Computer Security Safeguards: 1. Encrypt portable computer devices, such as but not limited to laptops and notebook computers that process and/or store NJDOH data with a solution of using a product that is recognized as an industry leader in meeting the needs for the intended solution. Use an encryption solution that is full disk unless otherwise approved by NJDOH Information Security. 2. Encrypt workstations where NJDOH data is stored using a product that is recognized as an industry leader in meeting the needs for the intended solution. 3. Ensure that only the minimum necessary amount of NJDOH data is downloaded to a laptop or hard drive when necessary for current business purposes. 4. Encrypt all electronic files that contain NJDOH data when the file is stored on any removable media type device (i.e., USB thumb drives, floppies, CD/DVD, portable hard drives, etc.) using a product that is recognized as an industry leader in meeting the needs for the intended solution. 5. Ensure that all emails sent outside Requesting Program’s e-mail environment that include NJDOH data are sent via an encrypted method using a product that is recognized as an industry leader in meeting the needs of the intended solution. 6. Ensure that all workstations, laptops and other systems that process and/or store NJDOH data have a commercial third-party anti-virus software solution and are updated when a new ant-virus definition/software release is available. 7. Ensure that all workstations, laptops and other systems that process and/or store NJDOH data have current security patches applied and up to date. 8. Ensure that all NJDOH data is wiped from all systems and backups when the data is no longer legally required. Ensure in writing that the wipe method conforms to the US Department of Defense standards for data destruction. 9. Ensure that any remote access to NJDOH data is established over an encrypted session protocol using a product that is recognized as an industry leader in meeting the needs of the intended solution. Ensure all remote access is limited to minimum necessary and least privilege principles.
View Source

Related to Computer Security Safeguards

  • Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § ▇▇-▇▇-▇▇▇ et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.

  • Safeguards Business Associate, its Agent(s) and Subcontractor(s) shall implement and use appropriate safeguards to prevent the use or disclosure of PHI other than as provided for by this Agreement. With respect to any PHI that is maintained in or transmitted by electronic media, Business Associate or its Subcontractor(s) shall comply with 45 CFR sections 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312 (technical safeguards) and 164.316 (policies and procedures and documentation requirements). Business Associate or its Agent(s) and Subcontractor(s) shall identify in writing upon request from Covered Entity all of the safeguards that it uses to prevent impermissible uses or disclosures of PHI.

  • Server Security Servers containing unencrypted PHI COUNTY discloses to 4 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 5 must have sufficient administrative, physical, and technical controls in place to protect that data, based 6 upon a risk assessment/system security review.

  • Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means. 2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable). 3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically. 4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.