Identifying and Reporting Incidents. Awareness of the most common indicators of an Incident and how such indicators should be reported within the organization.
Identifying and Reporting Incidents. Awareness of the most common indicators of an Incident and how such indicators should be reported within the organization. Privacy: The Contractor’s Privacy Policies and procedures as described in Section 2b. Privacy Program. The Contractor shall have an established set of procedures to ensure the Contractor’s employees promptly report actual and/or suspected breaches of security. SUBCONTRACTORS AND THIRD PARTIES The County acknowledges that in the course of performing its services, the Contractor may desire or require the use of goods, services, and/or assistance of Subcontractors or other third parties or suppliers. The terms of this Exhibit shall also apply to all Subcontractors and third parties. The Contractor or third party shall be subject to the following terms and conditions: (i) each Subcontractor and third party must agree in writing to comply with and be bound by the applicable terms and conditions of this Exhibit, both for itself and to enable the Contractor to be and remain in compliance with its obligations hereunder, including those provisions relating to Confidentiality, Integrity, Availability, disclosures, security, and such other terms and conditions as may be reasonably necessary to effectuate the Contract including this Exhibit; and (ii) the Contractor shall be and remain fully liable for the acts and omissions of each Subcontractor and third party, and fully responsible for the due and proper performance of all Contractor obligations under this Contract. The Contractor shall obtain advanced approval from the County’s Chief Information Security Officer and/or Chief Privacy Officer prior to subcontracting services subject to this Exhibit. STORAGE AND TRANSMISSION OF COUNTY INFORMATION All County Information shall be rendered unusable, unreadable, or indecipherable to unauthorized individuals. Without limiting the generality of the foregoing, the Contractor will encrypt all workstations, portable devices (such as mobile, wearables, tablets,) and removable media (such as portable or removable hard disks, floppy disks, USB memory drives, CDs, DVDs, magnetic tape, and all other removable storage media) that store County Information in accordance with Federal Information Processing Standard (FIPS) 140-2 or otherwise approved by the County’s Chief Information Security Officer. The Contractor will encrypt County Information transmitted on networks outside of the Contractor’s control with Transport Layer Security (TLS) or Internet Protocol Sec...
