Data Security Procedures Sample Clauses

Data Security Procedures. Supplier shall maintain appropriate policies and procedures to respond to incidents of unauthorized or suspected unauthorized access to or disclosure of Customer Data. Such policies and procedures shall equal or exceed the Advanta Data Security Standards and Payment Card Industry Standards. Supplier shall reasonably monitor, evaluate and adjust its information security system and procedures in response to relevant changes in technology, changes in the sensitivity of Customer Data and internal and external threats to information security and shall adopt such changes to its information security system and procedures as reasonably requested by Advanta. Supplier agrees to take appropriate actions to address any security breach involving such information. Supplier shall notify the Advanta General Program Manager promptly, and in any event as soon as reasonably possible after Supplier reasonably suspects or has concluded that any security incident or breach (which shall include any such breach caused by any employee, third party service provider or subcontractor of a Party) has occurred or is about to occur that, in Supplier’s reasonable judgment, is likely to put any data, including any Customer Data, or network of Advanta at risk. Upon the occurrence of any such security incident or breach, (a) Supplier shall, as soon as practicable and at its sole expense, implement an action plan to correct the incident or breach and prevent the continuation of such security incident or breach, and shall promptly notify Advanta ****** — Denotes material that has been omitted and filed separately with the Commission. of the corrective action and measures taken and (b) Advanta may audit to determine whether the corrective action has been implemented and is effective. If there is any such security breach relating to Customer Data under Supplier’s control or the control of an entity with which Supplier has contracted, then Supplier shall pay the out of pocket expenses incurred by the Parties in responding to the security breach, including paying the cost of notifying customers that information about them was subject to a security breach. Any notice sent concerning a security breach shall be subject to the prior written approval of Advanta.
Sample 1
Data Security Procedures. We restrict access to non-public personal information about you to those persons who need to know that information in connection with providing products or services to you. We may from time to time provide the retailer(s) where you may make purchases using your credit card issued by us with access to your non-public personal information. We maintain physical, electronic, and procedural safeguards to guard your non-public personal information.
Sample 1
Data Security Procedures. StarCompliance shall Representatives for purposes of performing the Agreement and to ensure no unauthorized access to data or databases by individuals or entities other than those authorized by the Agreement or the Client. . ( which are essential to perform its intended function.)
Sample 1
Data Security Procedures. Though the SDPBC data provided to the individual/organization does not contain “personally identifiable information” as defined in 34 CFR § 99.3, it is still critical that the data be kept secure and confidential. Therefore, all SDPBC student level data must be stored securely so that only authorized users within the organization have access to it. This means that computer data bases should be password protected; that precautions are taken to ensure that access through modems, networks, and the Internet is carefully monitored and limited to authorized users; and that data tapes, disks, paper files and other storage media are kept in secure locations.
Sample 1
Data Security Procedures. The first point of security is access to the computer system and its data via the local network of users. To enhance security and reduce the risk of unauthorized access, the following guidelines shall be followed: A. Users will be assigned one unique account for access to the system. B. Each user account shall require a password with a minimum of 6 characters. This password shall be treated as confidential information by the users. Users are responsible to safeguard their passwords, other access protocols, and district and Computer Center information, in whatever form. No list of passwords shall be maintained by the Computer Center or the District. C. All users will be required by the system to change their password or at least every 90 days; "captive" accounts (accounts which have access to only limited, non-system programs and commands) must have their passwords assigned by the Computer Center and shall be changed at least every year. D. A review of user account activity will be performed quarterly by the computer staff. User accounts that have not been accessed in the previous 180 days will be disabled; users not accessing their account in the previous 90 days will be notified that such inactivity may cause their account to be disabled. Users should ensure their terminals, when not in use, are properly logged off the system. E. Users shall be granted only those privileges consistent with the duties and responsibilities of their position. Authorized privileges shall be grouped in a "normal" and "extended" category: "normal" privileges are granted by the system when a user logs onto the system and represent the privileges required to perform the users normal duties; "extended" privileges are those privileges which the user may be authorized to use, but which must be specifically enabled by user before being utilized. F. Access to the computer system via an electronic network outside the Computer Center area will be restricted to the minimum level of access necessary for authorized users. No "general access" accounts shall be maintained. G. Access to privileged or system accounts shall only occur with the authorization of the Computer Center Director. Following outside access to a privileged account, the account password shall be changed to prevent further access without the Computer Center staff's knowledge. H. Audit Log Sufficient audit alarms shall be enabled to track attempts to break into a user or system account and other security-related events. The...
Sample 1
Data Security Procedures. Participating Provider undertakes solely in its own independent capacity to (and will procure that all Provider Personnel will) maintain reasonable operating standards and security procedures, and shall use their best efforts to secure Personal Data and Confidential Information (collectively, “Confidential Data”) through the use of reasonable and appropriate administrative, physical, and technical safeguards including, but not limited to, appropriate network security and encryption technologies governed by an established set of policies and procedures (an “Information Security Management System”). Participating Provider shall maintain and regularly update the Information Security Management System based upon a formal change control process that governs how security controls are adjusted over time ensuring at all times that it maintains a comparable or better level of security than that defined in this Exhibit B. Such Information Security Management System shall: (A) ensure the ongoing confidentiality, integrity, availability, and resilience of Participating Provider systems and services processing Confidential Data and those of subcontractors that have been authorized by Apple to process Confidential Data; (B) enable Participating Provider to restore the availability and access to Confidential Data in a timely manner in the event of a physical or technical incident; (C) maintain a process for regularly testing, assessing, and evaluating the effectiveness of all technical and organizational measures for ensuring the security of Confidential Data at all times; and (D) shall also include the following: (i) Implementation of controls to manage access to Confidential Data, including: (a) Preventing access to Confidential Data other than by those Provider Personnel that must access Confidential Data to perform Participating Provider’s obligations under the Terms and Conditions (hereinafter, the “Services”); (b) Immediately terminating access privileges to Confidential Data for any Provider Personnel that no longer need such access, and conducting regular reviews of access lists in accordance with high industry standards to ensure that access privileges have been appropriately provisioned and terminated; (c) Requiring Provider Personnel the use of multi-factor authentication to access Confidential Data; and (d) Providing regular training on data security to all Provider Personnel that may have access to Confidential Data; (ii) Maintenance of firewalls to segregat...
Sample 1
Data Security Procedures. The Contractor shall develop data security procedures to ensure only authorized access to data and databases by Contractor Representatives for purposes of performing the Agreement and to ensure no unauthorized access to data or databases by individuals or entities. The Contractor shall ensure that access to data and databases by Contractor Representatives will be provided on a need to know basis and will adhere to the principle of least privilege. (The principle of least privilege means giving a user account only those privileges which are essential to perform its intended function.)
Sample 1

Related to Data Security Procedures

  • Security Procedures The Fund shall comply with data access operating standards and procedures and with user identification or other password control requirements and other security procedures as may be issued from time to time by State Street for use of the System on a remote basis and to access the Data Access Services. The Fund shall have access only to the Fund Data and authorized transactions agreed upon from time to time by State Street and, upon notice from State Street, the Fund shall discontinue remote use of the System and access to Data Access Services for any security reasons cited by State Street; provided, that, in such event, State Street shall, for a period not less than 180 days (or such other shorter period specified by the Fund) after such discontinuance, assume responsibility to provide accounting services under the terms of the Custodian Agreement.

  • Safety and Security Procedures Contractor shall maintain and enforce, at the Contractor Work Locations, industry-standard safety and physical security policies and procedures. While at each JBE Work Location, Contractor shall comply with the safety and security policies and procedures in effect at such JBE Work Location.

  • Security Procedure The Client acknowledges that the Security Procedure it has designated on the Selection Form was selected by the Client from Security Procedures offered by State Street. The Client agrees that the Security Procedures are reasonable and adequate for its wire transfer transactions and agrees to be bound by any payment orders, amendments and cancellations, whether or not authorized, issued in its name and accepted by State Street after being confirmed by any of the selected Security Procedures. The Client also agrees to be bound by any other valid and authorized payment order accepted by State Street. The Client shall restrict access to confidential information relating to the Security Procedure to authorized persons as communicated in writing to State Street. The Client must notify State Street immediately if it has reason to believe unauthorized persons may have obtained access to such information or of any change in the Client’s authorized personnel. State Street shall verify the authenticity of all instructions according to the Security Procedure.

  • Safety Procedures The Contractor shall: (a) comply with all applicable safety regulations according to Attachment H; (b) take care for the safety of all persons entitled to be on the Site; (c) use reasonable efforts to keep the Site and Works clear of unnecessary obstruction so as to avoid danger to these persons; (d) provide fencing, lighting, guarding and watching of the Works until completion and taking over under clause 10 [Employer's Taking Over]; and (e) provide any Temporary Works (including roadways, footways, guards and fences) which may be necessary, because of the execution of the Works, for the use and protection of the public and of owners and occupiers of adjacent land.

  • Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.

  • Indemnity Procedures Promptly after receipt by an Indemnified Party of any claim or notice of the commencement of any action or administrative or legal proceeding or investigation as to which the indemnity provided for in Article 18.1 may apply, the Indemnified Party shall notify the Indemnifying Party of such fact. Any failure of or delay in such notification shall not affect a Party’s indemnification obligation unless such failure or delay is materially prejudicial to the Indemnifying Party. Except as stated below, the Indemnifying Party shall have the right to assume the defense thereof with counsel designated by such Indemnifying Party and reasonably satisfactory to the Indemnified Party. If the defendants in any such action include one or more Indemnified Parties and the Indemnifying Party and if the Indemnified Party reasonably concludes that there may be legal defenses available to it and/or other Indemnified Parties which are different from or additional to those available to the Indemnifying Party, the Indemnified Party shall have the right to select separate counsel to assert such legal defenses and to otherwise participate in the defense of such action on its own behalf. In such instances, the Indemnifying Party shall only be required to pay the fees and expenses of one additional attorney to represent an Indemnified Party or Indemnified Parties having such differing or additional legal defenses. The Indemnified Party shall be entitled, at its expense, to participate in any such action, suit or proceeding, the defense of which has been assumed by the Indemnifying Party. Notwithstanding the foregoing, the Indemnifying Party (i) shall not be entitled to assume and control the defense of any such action, suit or proceedings if and to the extent that, in the opinion of the Indemnified Party and its counsel, such action, suit or proceeding involves the potential imposition of criminal liability on the Indemnified Party, or there exists a conflict or adversity of interest between the Indemnified Party and the Indemnifying Party, in such event the Indemnifying Party shall pay the reasonable expenses of the Indemnified Party, and (ii) shall not settle or consent to the entry of any judgment in any action, suit or proceeding without the consent of the Indemnified Party, which shall not be unreasonably withheld, conditioned or delayed.

  • Procurement Procedures 11.1 The Recipient must secure the best value for money and shall act in a fair, open and non-discriminatory manner in all purchases of goods and services.

  • Loan Procedures (a) Except for Same Day Loans funded under Section 2.2(b), the Company shall give written notice or telephonic notice (followed immediately by written confirmation thereof) to the Agent of each proposed borrowing not later than 10:00 A.M., Detroit time, at least two Business Days prior to the proposed date of such borrowing. Each such notice shall be effective upon receipt by the Agent, shall be irrevocable and shall specify the date and amount of the proposed borrowing. Within one Business Day after receipt of such notice, the Agent shall advise each Lender thereof. Not later than 1:00 P.M., Detroit time, on the date of a proposed borrowing, each Lender shall provide the Agent at the office specified by the Agent with immediately available funds covering such Lender’s Pro Rata Share of such borrowing and, so long as the Agent has not received written notice that the conditions precedent set forth in Section 10 with respect to such borrowing have not been satisfied, the Agent shall pay over the funds received by the Agent to the Company on the requested borrowing date. Each borrowing shall be on a Business Day. (b) In addition to borrowings under Section 2.2(a), the Company may give written or electronic notice or telephonic notice (followed immediately by written or electronic confirmation thereof) to the Agent of a proposed Same Day Loan not later than 11:00 A.M., Detroit time, on any Business Day that the Company has not made (and will not make) a Same Day Prepayment. Each such notice shall be effective upon receipt by the Agent, shall be irrevocable and shall specify the amount of the proposed Same Day Loan, which amount may not exceed Fifteen Million and 00/100 Dollars ($15,000,000.00) for any particular Business Day. By 11:30 A.M., Detroit time, on the Business Day that the Agent receives a notice of a proposed Same Day Loan, the Agent shall advise each Lender thereof. Not later than 3:00 P.M., Detroit time, on the Business Day that the Agent receives a notice of a proposed Same Day Loan, each Lender shall provide the Agent at the office specified by the Agent with immediately available funds covering such Lender’s Pro Rata Share of such Same Day Loan and, so long as the Agent has not received written notice from a Lender (before 3:00 P.M., Detroit time, on the Business Day that the Agent receives a notice of a proposed Same Day Loan) that the conditions precedent set forth in Section 10 with respect to such borrowing have not been satisfied, the Agent shall pay over the funds received by the Agent by a federal wire transfer to the Company’s bank account, which federal wire transfer must be initiated by the Agent on or before 4:00 P.M., Detroit time, on the Business Day that the Agent receives a notice of the proposed Same Day Loan. Each Same Day Loan for which the above requirements are satisfied shall be treated as being made by the Lenders (and shall be part of the Revolving Outstandings) on the Business Day that the Agent initiates the federal wire transfer, even if the Company cannot confirm the receipt of such funds until the next Business Day. Each Same Day Loan must be requested (and shall be made) on a Business Day. The Company may not request a Same Day Loan on any Business Day if the Company has notified the Agent that the Company is making a Same Day Prepayment on such Business Day. The Company may request a Same Day Loan on the same Business Day that it has previously requested a borrowing under Section 2.2(a) and/or on the same Business Day for which the Company has notified the Agent of a voluntary prepayment under Section 6.2(a) and such Same Day Loan shall be funded in addition to, separately from and without any netting for such other borrowing and/or voluntary prepayment. (c) All borrowings and repayments of Loans shall be effected in accordance with each Lender’s Pro Rata Share.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Claim Procedures Claim forms or claim information as to the subject policy can be obtained by contacting Benmark, Inc. (800-544-6079). When the Named Fiduciary has a claim which may be covered under the provisions described in the insurance policy, they should contact the office named above, and they will either complete a claim form and forward it to an authorized representative of the Insurer or advise the named Fiduciary what further requirements are necessary. The Insurer will evaluate and make a decision as to payment. If the claim is payable, a benefit check will be issued in accordance with the terms of this Agreement. In the event that a claim is not eligible under the policy, the Insurer will notify the Named Fiduciary of the denial pursuant to the requirements under the terms of the policy. If the Named Fiduciary is dissatisfied with the denial of the claim and wishes to contest such claim denial, they should contact the office named above and they will assist in making an inquiry to the Insurer. All objections to the Insurer's actions should be in writing and submitted to the office named above for transmittal to the Insurer.