Data Security. The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who XXX may contact if there are any data security concerns or questions.
Data Security. The Provider agrees to abide by and maintain adequate data security measures, consistent with industry standards and technology best practices, to protect Student Data from unauthorized disclosure or acquisition by an unauthorized person. The general security duties of Provider are set forth below. Provider may further detail its security programs and measures in Exhibit “F” hereto. These measures shall include, but are not limited to:
Data Security. The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who XXX may contact if there are any data security concerns or questions.
Data Security. The Contractor will maintain the security of State of Florida data including, but not limited to, maintaining a secure area around any displayed visible data and ensuring data is stored and secured when not in use. The Contractor and subcontractors will not perform any of the services from outside of the United States, and the Contractor will not allow any State of Florida data to be sent by any medium, transmitted, or accessed outside the United States due to Contractor’s action or inaction. In the event of a security breach involving State of Florida data, the Contractor shall give notice to the Customer and the Department within one business day. “Security breach” for purposes of this section will refer to a confirmed event that compromises the confidentiality, integrity, or availability of data. Once a data breach has been contained, the Contractor must provide the Department with a post-incident report documenting all containment, eradication, and recovery measures taken. The Department reserves the right in its sole discretion to enlist a third party to audit Contractor’s findings and produce an independent report, and the Contractor will fully cooperate with the third party. The Contractor will also comply with all HIPAA requirements and any other state and federal rules and regulations regarding security of information.
Data Security. The Provider agrees to abide by and maintain adequate data security measures, consistent with industry standards and technology best practices, to protect Student Data from unauthorized disclosure or acquisition by an unauthorized person. The general security duties of Provider are set forth below. Provider may further detail its security programs and measures in
a. Passwords and Employee Access. Provider shall secure usernames, passwords, and any other means of gaining access to the Services or to Student Data, at a level suggested by Article 4.3 of NIST 800-63-3. Provider shall only provide access to Student Data to employees or contractors that are performing the Services. Employees with access to Student Data shall have signed confidentiality agreements regarding said Student Data. All employees with access to Student Records shall pass criminal background checks.
Data Security. The Operator agrees to abide by and maintain adequate data security measures, consistent with industry standards and technology best practices, to protect Data from unauthorized disclosure or acquisition by an unauthorized person. The general security duties of Operator are set forth below. Operator shall further detail its security programs and measures in Exhibit F. These measures shall include, but are not limited to:
Data Security. The Contractor agrees to abide by and maintain adequate data security measures, consistent with standards and best practices within the educational technology industry,
Data Security. The Contractor will maintain the security of State of Florida data including, but not limited to, maintaining a secure area around any displayed visible data and ensuring data is stored and secured when not in use. “
Data Security. Section 3 (Data Security) of Article V (Data Provisions) of the SDPA is hereby amended by adding “industry standard” after “utilize” in the first sentence.
Data Security. The Provider agrees to maintain a comprehensive information security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of student personal information and makes use of appropriate administrative, technological, and physical safeguards. The general security duties of Provider are set forth below. These duties shall include, but are not limited to:
