Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.
Customer Data 5.1 The Customer shall own all rights, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data.
5.2 The Supplier shall follow its archiving procedures for Customer Data as set out in its Back-Up Policy available at XxxxxXXX.xxx or such other website address as may be notified to the Customer as such document may be amended by the Supplier in its sole discretion from time to time the current version of which is set out at Schedule 3 of this Agreement. In the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier in accordance with the archiving procedure described in its Back-Up Policy. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back-up).
5.3 The Supplier shall, in providing the Services, comply with its Privacy and Security Policy as such document may be amended from time to time by the Supplier in its sole discretion.
5.4 If the Supplier processes any personal data on the Customer’s behalf when performing its obligations under this agreement, the parties record their intention that the Customer shall be the data controller and the Supplier shall be a data processor and in any such case:
(a) the Customer shall ensure that the Customer is entitled to transfer the relevant personal data to the Supplier so that the Supplier may lawfully use, process and transfer the personal data in accordance with this agreement on the Customer's behalf;
(b) the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection legislation;
(c) the Supplier shall process the personal data only in accordance with the terms of this agreement and any lawful instructions reasonably given by the Customer from time to time; and
(d) each party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage.
5.5 The Supplier and the Customer shall comply with their respective obligations as set out in Schedule 4 of this Agreement
Computer Software The Grantee certifies that it has appropriate systems and controls in place to ensure that state funds will not be used in the performance of this Grant Agreement for the acquisition, operation, or maintenance of computer software in violation of copyright laws.
Device Data We may share certain personal information and device-identifying technical data about you and your devices with third party service providers, who will compare and add device data and fraud data from and about you to a database of similar device and fraud information in order to provide fraud management and prevention services, which include but are not limited to identifying and blocking access to the applicable service or Web site by devices associated with fraudulent or abusive activity. Such information may be used by us and our third party service providers to provide similar fraud management and prevention services for services or Web sites not provided by us. We will not share with service providers any information that personally identifies the user of the applicable device.
Antivirus software All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have installed and actively use comprehensive anti-virus software solution with automatic updates scheduled at least daily.
Embedded Software To the extent any goods contain Embedded Software (defined below) that is not Buyer’s Property, no title to such Embedded Software shall pass to Buyer, and Supplier shall grant Buyer, its customers and all other users a non-exclusive worldwide, irrevocable, perpetual, royalty-free right to use, load, install, execute, demonstrate, market, test, resell, sublicense and distribute such Embedded Software as an integral part of such goods or for servicing the goods (the “Buyer-Required License”). If such Embedded Software or any part thereof is owned by a third party, prior to delivery, Supplier shall obtain the Buyer-Required License from such third-party owner. “Embedded Software” means software necessary for operation of goods and embedded in and delivered as an integral part of goods.
Server Software Subject to the terms and conditions of this XXXX, Vocera grants you the non-exclusive right to (i) install and run (“Use”) the Server Software on computer systems (each, a “Server Computer”) located at End User’s Facilities in the geographic territory designated above (“Territory”); (ii) to Use the Client Software in conjunction with Authorized Client Devices and such Server Computers; and (iii) for pilot licenses for certain Software provided on a trial basis, use such Software for the limited term specified by Vocera in writing. You may Use the standard Server Software on one primary Server Computer (or a primary cluster of computers suitably configured for productive use of the Server Software). You may install backup copies of the Server Software on backup Server Computers to provide redundancy in the event of failure of the primary Server Computer(s) but, unless you have acquired additional licenses or a failover license from Vocera, you may not run such backup or additional copies concurrently with the primary copies. Vocera grants you the right to use the applicable License Key issued by Vocera only to enable Use of the Server Software in conjunction with the licensed Server Computers. Server Software may be licensed for a Subscription Term as specified in the Quote.
Licensed Software Computer program(s) provided by Contractor in connection with the Deliverables, subject to Section 14 of this Contract.
Evaluation Software If the Software is an evaluation version or is provided to You for evaluation purposes, then, unless otherwise approved in writing by an authorized representative of Licensor, Your license to use the Software is limited solely for internal evaluation purposes in non-production use and in accordance with the terms of the evaluation offering under which You received the Software, and expires 90 days from installation (or such other period as may be indicated within the Software). Upon expiration of the evaluation period, You must discontinue use of the Software, return to an original state any actions performed by the Software, and delete the Software entirely from Your system and You may not download the Software again unless approved in writing by an authorized representative of Licensor. The Software may contain an automatic disabling mechanism that prevents its use after a certain period of time. RESTRICTIONS
Workstation/Laptop encryption All workstations and laptops that process and/or store DHCS PHI or PI must be encrypted using a FIPS 140-2 certified algorithm which is 128bit or higher, such as Advanced Encryption Standard (AES). The encryption solution must be full disk unless approved by the DHCS Information Security Office.
