Information Security Policies and Measures Sample Clauses
Information Security Policies and Measures
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.
Security Policies IBM maintains privacy and security policies that are communicated to IBM employees. IBM requires privacy and security training to personnel who support IBM data centers. We have an information security team. IBM security policies and standards are reviewed and re-evaluated annually. IBM security incidents are handled in accordance with a comprehensive incident response procedure.
Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means. 2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable). 3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically. 4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
Information Technology Accessibility Standards Any information technology related products or services purchased, used or maintained through this Grant must be compatible with the principles and goals contained in the Electronic and Information Technology Accessibility Standards adopted by the Architectural and Transportation Barriers Compliance Board under Section 508 of the federal Rehabilitation Act of 1973 (29 U.S.C. §794d), as amended. The federal Electronic and Information Technology Accessibility Standards can be found at: xxxx://xxx.xxxxxx-xxxxx.xxx/508.htm.
Security Safeguards Contractor shall maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of District Data. Contractor shall store and process District Data in accordance with industry standards and best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in CIS Critical Security Controls (CIS Controls), as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation the Act, as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended, or such other standard as the District’s Chief Privacy Officer or designee may agree to in writing. Contractor shall also encrypt any backup, backup media, removable media, tape, or other copies. In addition, Contractor shall fully encrypt disks and storage for all laptops and mobile devices.
Information Services Traffic 5.1 For purposes of this Section 5, Voice Information Services and Voice Information Services Traffic refer to switched voice traffic, delivered to information service providers who offer recorded voice announcement information or open vocal discussion programs to the general public. Voice Information Services Traffic does not include any form of Internet Traffic. Voice Information Services Traffic also does not include 555 traffic or similar traffic with AIN service interfaces, which traffic shall be subject to separate arrangements between the Parties. Voice Information services Traffic is not subject to Reciprocal Compensation charges under Section 7 of the Interconnection Attachment. 5.2 If a D&E Customer is served by resold Verizon Telecommunications Service or a Verizon Local Switching UNE, subject to any call blocking feature used by D&E, to the extent reasonably feasible, Verizon will route Voice Information Services Traffic originating from such Service or UNE to the Voice Information Service platform. For such Voice Information Services Traffic, unless D&E has entered into an arrangement with Verizon to xxxx and collect Voice Information Services provider charges from D&E’s Customers, D&E shall pay to Verizon without discount the Voice Information Services provider charges. D&E shall pay Verizon such charges in full regardless of whether or not it collects such charges from its own Customers. 5.3 D&E shall have the option to route Voice Information Services Traffic that originates on its own network to the appropriate Voice Information Services platform(s) connected to Verizon’s network. In the event D&E exercises such option, D&E will establish, at its own expense, a dedicated trunk group to the Verizon Voice Information Service serving switch. This trunk group will be utilized to allow D&E to route Voice Information Services Traffic originated on its network to Verizon. For such Voice Information Services Traffic, unless D&E has entered into an arrangement with Verizon to xxxx and collect Voice Information Services provider charges from D&E’s Customers, D&E shall pay to Verizon without discount the Voice Information Services provider charges. 5.4 D&E shall pay Verizon such charges in full regardless of whether or not it collects charges for such calls from its own Customers. 5.5 For variable rated Voice Information Services Traffic (e.g., NXX 550, 540, 976, 970, 940, as applicable) from D&E Customers served by resold Verizon Telecommunications Services or a Verizon Local Switching Network Element, D&E shall either (a) pay to Verizon without discount the Voice Information Services provider charges, or (b) enter into an arrangement with Verizon to xxxx and collect Voice Information Services provider charges from D&E’s Customers. 5.6 Either Party may request the other Party provide the requesting Party with non discriminatory access to the other party’s information services platform, where such platform exists. If either Party makes such a request, the Parties shall enter into a mutually acceptable written agreement for such access. 5.7 In the event D&E exercises such option, D&E will establish, at its own expense, a dedicated trunk group to the Verizon Information Service serving switch. This trunk group will be utilized to allow D&E to route information services traffic originated on its network to Verizon.
Information Technology Enterprise Architecture Requirements If this Contract involves information technology-related products or services, the Contractor agrees that all such products or services are compatible with any of the technology standards found at xxxxx://xxx.xx.xxx/iot/2394.htm that are applicable, including the assistive technology standard. The State may terminate this Contract for default if the terms of this paragraph are breached.
Operations Manual The Franchisor agrees to loan to the Franchisee one or more manuals, technical bulletins, cookbooks and recipes and other written materials (collectively referred to as “Operations Manual”) covering Factory Candy ordering, Store Candy manufacturing, processing and stocking and other operating and in-store marketing techniques for the ROCKY MOUNTAIN CHOCOLATE FACTORY Store. The Franchisee agrees that it shall comply with the Operations Manual as an essential aspect of its obligations under this Agreement, that the Operations Manual shall be deemed to be incorporated herein by reference and failure by the Franchisee to substantially comply with the Operations Manual may be considered by the Franchisor to be a breach of this Agreement.
Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.
Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.