Data Storage Where required by applicable law, Student Data shall be stored within the United States. Upon request of the LEA, Provider will provide a list of the locations where Student Data is stored.
Portfolio Security Portfolio Security will mean any security owned by the Fund.
Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who XXX may contact if there are any data security concerns or questions.
Site Security While providing services at a DSHS location, the Contractor, its agents, employees, or Subcontractors shall conform in all respects with physical, fire, or other security regulations specific to the DSHS location.
Data Services In lieu of any other rates or discounts, the Customer will receive a discount equal to 20% for the following Data Services: Access: Standard VBS3Guide local loop charges for DS-0, DS-1 and DS-3 Access Service.
System Security (a) If any party hereto is given access to the other party’s computer systems or software (collectively, the “Systems”) in connection with the Services, the party given access (the “Availed Party”) shall comply with all of the other party’s system security policies, procedures and requirements that have been provided to the Availed Party in advance and in writing (collectively, “Security Regulations”), and shall not tamper with, compromise or circumvent any security or audit measures employed by such other party. The Availed Party shall access and use only those Systems of the other party for which it has been granted the right to access and use. (b) Each party hereto shall use commercially reasonable efforts to ensure that only those of its personnel who are specifically authorized to have access to the Systems of the other party gain such access, and use commercially reasonable efforts to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its personnel of the restrictions set forth in this Agreement and of the Security Regulations. (c) If, at any time, the Availed Party determines that any of its personnel has sought to circumvent, or has circumvented, the Security Regulations, that any unauthorized Availed Party personnel has accessed the Systems, or that any of its personnel has engaged in activities that may lead to the unauthorized access, use, destruction, alteration or loss of data, information or software of the other party hereto, the Availed Party shall promptly terminate any such person’s access to the Systems and immediately notify the other party hereto. In addition, such other party hereto shall have the right to deny personnel of the Availed Party access to its Systems upon notice to the Availed Party in the event that the other party hereto reasonably believes that such personnel have engaged in any of the activities set forth above in this Section 9.2(c) or otherwise pose a security concern. The Availed Party shall use commercially reasonable efforts to cooperate with the other party hereto in investigating any apparent unauthorized access to such other party’s Systems.
STATE SECURITY 4.01 Nothing in this Agreement shall be construed as requiring the Employer to do or refrain from doing anything contrary to any instruction, direction or regulations given or made by or on behalf of the Government of Canada in the interest of the safety or security of Canada or any state allied or associated with Canada.
Privacy and Data Security (a) In the prior three (3) years, the Company and its Subsidiaries have been in compliance with Privacy Laws, and in all material respects with (i) Contracts (or portions thereof) between the Company or its Subsidiaries and other Persons relating to Personal Data and (ii) applicable written policies, public statements and other public representations relating to the Processing of Personal Data, inclusive of all disclosures required by applicable Privacy Laws (“Privacy and Data Security Policies,” and together with Privacy Laws and such Contracts, “Privacy Commitments”). The execution, delivery and performance by the Company of this Agreement to which the Company is or will be a party, and the consummation of the transactions contemplated hereby or thereby, are not reasonably expected to, directly or indirectly, result in a violation of any Privacy Commitments that would be materially adverse to the Company and its Subsidiaries, taken as a whole. (b) In the prior three (3) years, the Privacy and Data Security Policies have at all times been maintained and made available to individuals in accordance with reasonable industry practices and as required by Privacy Laws, are accurate and complete and are not misleading or deceptive (including by omission). The practices of the Company or its Subsidiaries with respect to the Processing of Personal Data conform in all material respects to the Privacy and Data Security Policies that govern such Personal Data. (c) There is (and in the prior three years there has been) no material Legal Proceeding pending or, to the Company’s knowledge, threatened against or involving the Company or its Subsidiaries initiated by any Person (including (i) the Federal Trade Commission, any state attorney general or similar state official, (ii) any other Governmental authority, foreign or domestic or (iii) any regulatory or self-regulatory entity) alleging that any Processing of Personal Data by or on behalf of the Company or its Subsidiaries is or was in violation of any Privacy Commitments. To the Company’s Knowledge, there are no facts, circumstances or conditions that would reasonably be expected to form the basis for any proceeding for any potential violation of any Privacy Commitments. (d) In the prior three (3) years, (i) there has been no unauthorized access to, or unauthorized use, disclosure, or Processing of Personal Data in the possession or control of the Company or its Subsidiaries or any of its contractors with regard to any Personal Data obtained from or on behalf of the Company or its Subsidiaries (“Security Incident”), (ii) there have been no unauthorized intrusions or breaches of security into any Company IT Systems, and (iii) none of the Company or any of its Subsidiaries has notified or been required to notify any Person of any (A) loss, theft or damage of, or (B) other unauthorized or unlawful access to, or use, disclosure or other Processing of, Personal Data, except, in each case of clauses (i), (ii), and (iii), as would not have a Company Material Adverse Effect. Each of the Company and its Subsidiaries has implemented commercially reasonable administrative, physical and technical safeguards, and ensures that its contractors processing Personal Data take such safeguards to protect the confidentiality, integrity and security of Personal Data against any Security Incident, including taking all reasonable steps to safeguard and back up Personal Data. (e) Each of the Company and its Subsidiaries owns or has a license or other right to use the Company IT Systems as necessary to operate the business of each the Company or its Subsidiaries as currently conducted. All Company IT Systems are (i) free from any defect, bug, virus or programming, design or documentation error and (ii) in sufficiently good working condition to effectively perform all information technology operations necessary for the operation of businesses of the Company and its Subsidiaries (except for ordinary wear and tear), except in each case of clauses (i) and (ii), as is not and would not reasonably be expected to be, individually or in the aggregate, material to the Company and its Subsidiaries, taken as a whole. In the prior three years, there have not been any material failures, breakdowns or continued substandard performance of any Company IT Systems that have caused a material failure or disruption of the Company IT Systems other than routine failures or disruptions that have been remediated in the Ordinary Course of Business. In the past three (3) years, there have been no (except to the extent completely remediated), and to the Company’s Knowledge, there are no material security deficiencies or vulnerabilities in the Company IT Systems.
Network Security The AWS Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. AWS will maintain access controls and policies to manage what access is allowed to the AWS Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. AWS will maintain corrective action and incident response plans to respond to potential security threats.
Financial Services Article 116