Information Security Obligations. The Contractor shall abide by the SFWIB’s Information Technology Security Policies and Procedures. • The Contractor (including its officers, employees, subcontractors, agents, partners, principals, servants, representatives or any other individuals to whom Contractor exposes or authorizes to access confidential information obtained under this Contract), shall not store, or allow to be stored, any confidential information on any portable storage media (e.g., laptops, thumb drives, hard drives, etc.) or peripheral device with the capacity to store information. The Contractor shall not electronically transmit, or allow to be transmitted, any personal or confidential information. Failure to strictly comply with this provision shall constitute a breach of this Contract. • The Contractor shall not engage any third party vendor, company or agent to modify, troubleshoot or otherwise alter the configuration of network devices, workstations, printers and/or any other device or hardware attached to the SFWIB’s network and agrees that no other devices, servers, workstations, tablets, wireless devices, etc., other than those installed by the SFWIB’s IT Unit or SFWIB’s authorized agent, will be connected to the SWFIB’s network. • The Contractor shall not engage any third party vendor, company or agent to modify, troubleshoot or otherwise alter the configuration of network devices, workstations, printers and/or any other device or hardware attached to the SFWIB’s network and agrees that no other devices, servers, workstations, tablets, wireless devices, etc., other than those installed by the SFWIB’s IT Unit or SFWIB’s authorized agent, will be connected to the SWFIB’s network. • The Contractor shall ensure that the Contractor’s staff who has access to client information through the Employ Miami-Dade (“EMD”)/Employ Monroe (“EM”), the One-Stop Service Tracking (“OSST”) system(s) and/or any other information systems as required, complete the Information Security and Awareness Training annually.
Information Security Obligations. 1. To identify an appropriately skilled individual to function as its Data Security Officer who shall act as the liaison to the Department’s Security Staff and who will maintain an appropriate level of data security for the information the Provider is collecting or using in the performance of this contract. An appropriate level of security includes approving and tracking all Provider employees that request system or information access and ensuring that user access has been removed from all terminated Provider employees.
2. To hold the Department harmless from any loss or damage incurred by the Department as a result of information technology used, provided or accessed by the Provider.
3. To provide the latest Departmental Security Awareness Training to its’ staff and subcontractors.
4. To ensure that all Provider employees who have access to Departmental information are provided a copy of CFOP 50-6 and that they sign the DCF Security Agreement form (CF 114), a copy of which may be obtained from the contract manager.
Information Security Obligations. 1. An appropriately skilled individual shall be identified by the provider to function as its Data Security Officer. The Data Security Officer shall act as the liaison to the department’s security staff and will maintain an appropriate level of data security for the information the provider is collecting or using in the performance of this contract. An appropriate level of security includes approving and tracking all provider employees that request or have access to any departmental data system or information. The Data Security Officer will ensure that user access to the data system or information has been removed from all terminated provider employees.
2. The provider shall provide the latest departmental security awareness training to its staff and subcontractors who have access to departmental information.
3. All provider employees who have access to departmental information shall comply with, and be provided a copy of CFOP 50-2, and shall sign the DCF Security Agreement form CF 0114 annually. A copy of CF 0114 may be obtained from the contract manager.
4. The provider shall make every effort to protect and avoid unauthorized release of any personal or confidential information by ensuring both data and storage devices are encrypted as prescribed in CFOP 50-2. If encryption of these devices is not possible, then the provider shall assure that unencrypted personal and confidential departmental data will not be stored on unencrypted storage devices. The provider shall require the same of all subcontractors.
5. The provider agrees to notify the contract manager as soon as possible, but no later than five (5) business days following the determination of any breach or potential breach of personal and confidential departmental data. The provider shall require the same notification requirements of all subcontractors.
6. The provider shall provide notice to affected parties no later than 45 days following the determination of any potential breach of personal or confidential departmental data provided in section 817.5681, F.S. The provider shall require the same notification requirements of all subcontractors.
Information Security Obligations. Provider will employ security measures in accordance with applicable Law.
Information Security Obligations eGain will use commercially reasonable security technologies (such as encryption, password protection and firewall protection) in providing the Cloud Services, however, Customer acknowledges that eGain cannot and does not guarantee the privacy, security, authenticity and non-corruption of any information transmitted through, or stored in any system connected to the Internet. Customer further acknowledges that Customer is responsible for any security vulnerabilities, and the consequences of such vulnerabilities, arising from Customer’s content and Customer’s applications, including any Malicious Codes contained in Customer’s content or Customer’s applications that could limit or harm the functionality of a computer or that could damage, intercept or expropriate data. If made available by eGain, Customer may purchase, or may be required to purchase, additional Cloud Services Add-Ons from eGain (e.g. Security Plus, HIPAA Compliant Customer Environment, PCI Certified Customer Environment, etc.) to address particular data protection requirements applicable to Customer’s business or Customer’s content or to address changes in other Applicable Laws which affects the scope, provision, receipt or use of the Cloud Services.
Information Security Obligations. INFORMATION SECURITY OBLIGATIONS OF THE CONSULTANT PRACTICAL SECURITY MEASURES
Information Security Obligations. We will maintain appropriate security measures to protect Customer Data in accordance with industry standards. Without limiting the generality of the foregoing, all Customer Data is encrypted and stored on servers located within Australia. Although we will implement appropriate security measures to protect Customer Data, no method of electronic transmission or service is 100% secure. As a result, we do not guarantee that unauthorized access, hacking, data loss, or breach of security systems will never occur.
Information Security Obligations. TAVI Tracker will maintain appropriate security measures to protect Customer Data in accordance with industry standards. Without limiting the generality of the foregoing, all Customer Data is encrypted and stored on servers located within Canada. Although TAVI Tracker will implement appropriate security measures to protect Customer Data, no method of electronic transmission or service is 100% secure. As a result, TAVI Tracker does not guarantee that unauthorized access, hacking, data loss, or breach of security systems will never occur.
Information Security Obligations. The Provider shall comply with the following information security requirements whenever the Provider has access to Department information systems or confidential Department information in electronic form:
1. The Provider shall maintain an appropriate level of information security for Department information systems or confidential Department information the Provider is collecting or using in the performance of this contract. An appropriate level of security includes approving and tracking all individuals that request or have access, through the Provider’s access to Department information systems or confidential Department information. The Provider will ensure that user access to Department information systems or confidential Department information is removed immediately from all terminated employees and from all individuals upon access no longer being required for the Provider’s performance of this contract.
2. The Provider agrees to notify the FCADV's Contract Manager as soon as possible, but no later than five (5) business days following the determination of any potential or actual unauthorized disclosure or access to Department information systems or confidential Department information.
3. The Provider shall, at its own cost, comply with section 501.171, F.S. The Provider shall also, at its own cost, implement measures deemed appropriate by the FCADV to avoid or mitigate potential injury to any person due to potential or actual unauthorized disclosure or access to Department information systems or to confidential Department information.
4. All individuals who request or have access, through the Provider’s access, to Department information systems or any confidential Department information shall comply with, and be provided a copy of CFOP 50-2, and shall sign the DCF Security Agreement form CF 0114 annually. A copy of CF 0114 may be obtained from the FCADV's Contract Manager. The Provider shall also comply with the following to the extent that it has access to Department information systems or any confidential Department information in providing services under this contract:
a) The Provider shall provide the latest Departmental security awareness training to all individuals who request or have access, through the Provider’s access, to Department information systems or any confidential Department information.
b) The Provider shall prevent unauthorized disclosure or access, from or to Department information systems or confidential Department information. Co...
Information Security Obligations. 12.2.2.1 Each Party shall adopt technical and organizational measures to guarantee reasonable protection of the other Party’s Confidential Information, including the measures listed in Exhibit 12.2.2.1.
12.2.2.2 Each Party may audit the other Party’s technical and organizational measures. For this purpose, each Party shall have the right, upon [[***]] Business Days’ prior notice and during regular business hours, to:
(i) request information from the other Party (self-reporting);
(ii) cause a personal on-site inspection of the other Party, by a qualified Third Party (on-site audit). For such on-site audit, the audited Party shall grant the auditing Party access to, in particular, the data processing systems, files and documents pertaining to or containing Confidential Information of the auditing Party; and / or
(iii) interview relevant personnel, provided that such rights may not be exercised in a manner that interferes with the normal operations and activities of the audited Party’s personnel. The audited Party shall and shall cause its personnel to cooperate with any such activities. In particular, it shall immediately make available to the auditing Party all information and certifications that are necessary for the performance of the information security control.
