Data Protection and Privacy Requirements Sample Clauses

Data Protection and Privacy Requirements. 1. Web Services Employers must practice proper Internet security; this means using HTTP over SSL/TLS (also known as HTTPS) when accessing DHS information resources such as E-Verify [NIST SP 800-95]. Internet security practices like this are necessary because Simple Object Access Protocol (SOAP), which provides a basic messaging framework on which Web Services can be built, allows messages to be viewed or modified by attackers as messages traverse the Internet and is not independently designed with all the necessary security protocols for E-Verify use. 2. In accordance with DHS standards, the Web Services Employer agrees to maintain physical, electronic, and procedural safeguards to appropriately protect the information shared under this MOU against loss, theft, misuse, unauthorized access, and improper disclosure, copying use, modification or deletion. 3. Any data transmission requiring encryption shall comply with the following standards: • Products using FIPS 197 Advanced Encryption Standard (AES) algorithms with at least 256-bit encryption that has been validated under FIPS 140-2. • NSA Type 2 or Type 1 encryption. 4. User ID Management (Set Standard): All information exchanged between the parties under this MOU will be done only through authorized Web Services Employer representatives identified above. 5. The Web Services Employer agrees to use the E-Verify browser instead of its own interface if it has not yet upgraded its interface to comply with the Federal Acquisition Regulation (FAR) system changes. In addition, Web Services Employers whose interfaces do not support the Form I-9 from 2/2/2009 or 8/7/2009 agree to use the E-Verify browser until the system upgrade is completed. 6. The Web Services Employer agrees to use the E-Verify browser instead of its own interface if it has not completed updates to its system to the satisfaction of DHS or its assignees within six months from the date DHS notifies the Web Services Employer of the system update. The Web Services Employer can resume use of its interface once it is up-to-date, unless the Web Services Employer has been suspended or terminated from continued use of the system.
AutoNDA by SimpleDocs
Data Protection and Privacy Requirements. 1. Web Services Employers must practice proper Internet security; this means using HTTP over SSL/TLS (also known as HTTPS) when accessing DHS information resources such as E-Verify [NIST SP 800-95]. Internet security practices like this are necessary because Simple Object Access Protocol (SOAP), which provides a basic messaging framework on which Web Services can be built, allows messages to be viewed or modified by attackers as messages traverse the Internet and is not independently designed with all the necessary security protocols for E-Verify use. 2. In accordance with DHS standards, the Web Services Employer agrees to maintain physical, electronic, and procedural safeguards to appropriately protect the information shared under this MOU against loss, theft, misuse, unauthorized access, and improper disclosure, copying use, modification or deletion. 3. Any data transmission requiring encryption shall comply with the following standards: • Products using FIPS 197 Advanced Encryption Standard (AES) algorithms with at least 256-bit encryption that has been validated under FIPS 140-2. • NSA Type 2 or Type 1 encryption.
Data Protection and Privacy Requirements. Web Services E-Verify Employer Agents must practice proper Internet security; this means using HTTP over SSL/TLS (also known as HTTPS) when accessing DHS information resources such as E-Verify [NIST SP 800-95]. Internet security practices like this are necessary because Simple Object Access Protocol (SOAP), which provides a basic messaging framework on which Web Services can be built, allows messages to be viewed or modified by attackers as messages traverse the Internet and is not independently designed with all the necessary security protocols for E-Verify use.
Data Protection and Privacy Requirements 

Related to Data Protection and Privacy Requirements

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.

  • Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.

  • Compliance with Data Privacy Laws The Company and its Subsidiaries are, and at all prior times were, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”) except in each case, where such would not, either individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Freedom of Information and Protection of Privacy Act Any information provided on this contract may be subject to release under the Freedom of Information and Protection of Privacy Act. The Contractor may be consulted prior to release of any information.

  • Data Protection and Security A. In this Agreement the following terms shall have the meanings respectively ascribed to them:

  • Compliance with Data Protection Laws 2.1 bookinglab shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Processor of the Customer Personal Data. 2.2 The Customer shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Controller of the Customer Personal Data.

  • Applicability of Data Privacy Protections In the event that Personal Information will be Processed by Supplier in connection with the performance under this Agreement (including any SOW), then and only then shall the provisions of this Section ‘Data Protection and Privacy’ be applicable. For the avoidance of doubt, the data security requirements contained in section ‘Information Security’ shall apply regardless of whether Personal Information is Processed under this Agreement or any SOW. All Personal Information obtained from or on behalf of DXC or in connection with performance pursuant to this Agreement shall be Processed and protected pursuant to this Section ‘Data Protection and Privacy’, the Section ‘Information Security’ and any other Sections of this Agreement that address Personal Information.

  • Compliance with Privacy Laws NCPS represents and warrants that its collection, access, use, storage, disposal and disclosure of Personal Data does and will comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations. Without limiting the foregoing, NCPS shall implement administrative, physical and technical safeguards to protect Personal Data that are no less rigorous than accepted industry, and shall ensure that all such safeguards, including the manner in which Personal Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Escrow Agreement. NCPS shall use and disclose Personal Data solely and exclusively for the purposes for which the Personal Data, or access to it, is provided pursuant to the terms and conditions of this Escrow Agreement, and not use, sell, rent, transfer, distribute, or otherwise disclose or make available Personal Data for NCPS’s own purposes or for the benefit of any party other than Issuer. For purposes of this section, “Personal Data” shall mean information provided to NCPS by or at the direction of the Issuer, or to which access was provided to NCPS by or at the direction of the Issuer, in the course of NCPS’s performance under this Escrow Agreement that: (i) identifies or can be used to identify an individual (also known as a “data subject”) (including, without limitation, names, signatures, addresses, telephone numbers, e-mail addresses and other unique identifiers); or (ii) can be used to authenticate an individual (including, without limitation, employee identification numbers, government-issued identification numbers, passwords or PINs, financial account numbers, credit report information, biometric or health data, answers to security questions and other personal identifiers), including the identifying information on individuals described in Section 12.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!