Information Security Standards. Xxxxxx’x shall provide to Supplier its Information Security Standards that define information security controls and guidelines currently in place. The Supplier shall, in the performance by Supplier of services under the Agreement, comply with all commercially reasonable standards within thirty days of receipt of same, unless the parties agree otherwise. At any time during the term of the Agreement, and upon notice to Supplier, Xxxxxx’x may have a Security Review and an architectural design review of the facilities and applications used by Supplier to perform services for Xxxxxx’x, such a review will be performed by either Xxxxxx’x or a third party, at Xxxxxx’x discretion. If a security flaw is discovered, Xxxxxx’x shall give immediate notice of such flaw to Supplier and Supplier shall have five business days to formulate a plan to cure such flaw, unless the parties agree to a longer period of time for such cure. Unless otherwise agreed to by the parties, during the term of the Agreement, Supplier shall have thirty days from receipt of notice to comply with any change in the Information Security Standards.
Information Security Standards. 1. Each Partner agrees to hold all information shared under this agreement in accordance with security standard ISO 27001 or an equivalent level of compatible security.
Information Security Standards. As applicable to the services provided in this Contract, Contractor shall comply with the “Security Assessment Report and Attestation Guideline” and “HHS Information Security Controls” published by HHSC and currently accessed on the following webpage: xxxxx://xxx.xxxxx.xxx/doing-business-hhs/contracting-hhs/vendor-resources.
Information Security Standards. Further to Section 12.2(l), the Manager shall promptly make available to the Initial Member information regarding the policies and procedures for protection of Customer Information described in Section 12.2(l) as requested by either of them from time to time. The Manager further agrees that any Customer Information transmitted electronically by it (or the Servicer or any Sub-Servicer) shall be encrypted.
Information Security Standards. In the performance of all Work pursuant to this Agreement and Statement of Work, Customer and EESCO will comply with the following standards and practices:
Information Security Standards. 3.1.1. SOC 2 Type II. GoodData undertakes SOC 2 Type II audits on a regular basis. The SOC 2 reflects current industry standard security best practices. Accordingly, if there is any conflict between the SOC 2 and this Xxxxx XX, the SOC 2 terms shall prevail.
Information Security Standards. At locations where SBTech provides Services, SBTech shall implement administrative, physical, environmental and technical safeguards designed to protect Lottery Data that are no less rigorous than the International Organization for Standardization’s standards: ISO/IEC 27001:2005 – Information Security Management Systems – Requirements, and ISO-IEC 27002:2005 – Code of Practice for International Security Management, and shall require that all such safeguards, including the manner in which Lottery Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with Lottery’s directions, which shall be in accordance with Applicable Law. SBTech shall notify Lottery of any material change in its procedures related to information security. If and to the extent applicable, SBTech will comply with all the rules and regulations established by Lottery and provided to SBTech in writing for access to and activities in and around premises controlled by Lottery.
Information Security Standards. Contractor acknowledges that the State of Oregon has established minimum levels of security for all data and information processed, transmitted or otherwise used by Authorized Purchaser in connection with its performance under this Contract, whether it is submitted to, directly or indirectly, or accessed or accessible by Contractor pursuant to Contractor’s performance hereunder, including without limitation, Personal Information (as defined in Section 5.5), data concerning Authorized Purchaser or Authorized Purchaser’s employees or clients, and information provided to Contractor by Authorized Purchaser or an Authorized Purchaser related to Authorized Purchaser or the Authorized Purchaser or its information systems and operations, and all metadata associated with the foregoing and other Confidential Information of Authorized Purchaser or Authorized Purchasers or their customers or clients residing in or accessed by the Cloud Solutions or Related Services (collectively, “Protected Data”). The State of Oregon’s information security policies are set forth in Exhibit F-Part I. The State of Oregon will have the right to amend these security policies on 30 days’ notice to Contractor or such shorter notice period as required in order to comply with law. If the State amends such security policies, Contractor will implement such amendments in the fulfillment of its obligations hereunder, and the parties will enter into an amendment to this Participating Addendum to document any technical or operational changes associated with or resulting from such amended policies.
Information Security Standards. Contractor acknowledges that the State of Oregon has established minimum levels of security for all data and information processed, transmitted or otherwise used by DAS PS in connection with this Participating Addendum and each Contract, whether it is submitted to, directly or indirectly, or accessed or accessible by Contractor pursuant to Contractor’s performance hereunder, including without limitation, Personal Information (as defined in Section 8.5), data concerning DAS PS or Authorized Purchaser’s employees or clients, and information provided to Contractor by DAS PS or an Authorized Purchaser related to DAS PS or the Authorized Purchaser or its information systems and operations, and all metadata associated with the foregoing and other Confidential Information of DAS PS or Authorized Purchasers or their customers or clients residing in or accessed by the Cloud Solutions or Related Services (collectively, “Protected Data”). The State of Oregon’s information security policies are set forth in Exhibit F- Part I. The State of Oregon will have the right to amend these security policies on 30 days’ notice to Contractor or such shorter notice period as required in order to comply with law. If the State amends such security policies, Contractor will implement such amendments in the fulfillment of its obligations hereunder, and the parties will enter into an amendment to this Participating Addendum to document any technical or operational changes associated with or resulting from such amended policies. State Premises. Contractor will comply, and will cause its employees, agents and subcontractors to comply with the State of Oregon’s information security policies applicable to Contractor in its performance under this Participating Addendum or a Contract at any State of Oregon premises to which they have access in connection with the performance hereunder. Additional Standards. In addition to the standards established by the Information Security Policies described in Section 8.2, Contractor shall provide Related Services in compliance with the following, in each case to the extent applicable to Contractor in performing the services hereunder: The HIPAA Security Rule set forth at 45 CFR Part 160 and Subparts A and C of Part 164; The United States Department of Justice, Federal Bureau of Investigation’s Criminal Justice Information Services Security Policy, Version 5.6 or current (the “CJIS Security Policy), including, where applicable, signature on the FBI’s CJIS...
Information Security Standards. During the Term, the Supplier shall act in accordance with the Information Security Standards, including with regards to Cookies, set out in Appendix 1.
