Common use of Information Integrity and Security Clause in Contracts

Information Integrity and Security. A. Information Assets SUBRECIPIENT shall have in place operational policies, procedures, and practices to protect State information assets including those assets used to store or access Personal Health Information (PHI), Personal Information (PI), and any information protected under the Health Insurance Portability and Accountability Act (HIPPA) (i.e., public, confidential, sensitive and/or personal information) as specified in the State Administrative Manual, Section 5300 to 5365.3; Cal. Gov. Code § 11019.9; DGS Management Memo 06-12; DOF Budget Letter 06-34; and CDA Program Memorandum 07-18 Protection of Information Assets. Information assets include (but are not limited to): i. Information collected and/or accessed in the administration of the State programs and services. ii. Information stored in any media form, paper or electronic. B. Encryption on Portable Computing Devices SUBRECIPIENT is required to use 128-Bit encryption for data collected under this CONTRACT that is confidential, sensitive, and/or personal including data stored on portable computing devices (including, but not limited to, laptops, personal digital assistants, notebook computers, and backup media) and/or portable electronic storage media (including, but not limited to, discs, thumb/flash drives, portable hard drives, and backup media).

Information Integrity and Security. A. Information Assets SUBRECIPIENT shall have in place operational policies, procedures, and practices to protect State information assets including those assets used to store or access Personal Health Information (PHI), Personal Information (PI), and any information protected under the Health Insurance Portability and Accountability Act (HIPPA) (i.e., public, confidential, sensitive and/or personal information) as specified in the State Administrative Manual, Section 5300 to 5365.3; Cal. Gov. Code § 11019.9; DGS Management Memo 06-12; DOF Budget Letter 06-34; and CDA Program Memorandum 07-18 Protection of Information Assets. Information assets include (but are not limited to): i. Information collected and/or accessed in the administration of the State programs and services. ii. Information stored in any media form, paper or electronic. B. Encryption on Portable Computing Devices SUBRECIPIENT is required to encrypt use 128-Bit encryption for data collected under this CONTRACT that is confidential, sensitive, and/or personal including data stored on portable computing devices (including, but not limited to, laptops, personal digital assistants, notebook computers, and backup media) and/or portable electronic storage media (including, but not limited to, discs, thumb/flash drives, portable hard drives, and backup media).

Information Integrity and Security. A. Information Assets SUBRECIPIENT shall have in place operational policies, procedures, and practices to protect State information assets including those assets used to store or access Personal Health Information (PHI), Personal Information (PI), and any information protected under the Health Insurance Portability and Accountability Act (HIPPA) (i.e., public, confidential, sensitive and/or personal information) as specified in the State Administrative Manual, Section 5300 to 5365.3; Cal. Gov. Code § 11019.9; DGS Management Memo 06-12; DOF Budget Letter 06-34; and CDA Program Memorandum 07-18 Protection of Information Assets. Information assets include (but are not limited to): i. Information collected and/or accessed in the administration of the State programs and services. ii. Information stored in any media form, paper or electronic. B. Encryption on Portable Computing Devices SUBRECIPIENT is required to use 128-Bit encryption for encrypt data collected under this CONTRACT that is confidential, sensitive, and/or personal including data stored on portable computing devices (including, but not limited to, laptops, personal digital assistants, notebook computers, and backup media) and/or portable electronic storage media (including, but not limited to, discs, thumb/flash drives, portable hard drives, and backup media).