Common use of Other Security Requirements Clause in Contracts

Other Security Requirements. The Company shall maintain all technologies, policies, procedures and practices necessary to secure and protect the confidentiality and integrity of FCPS Confidential Records in the Company’s possession, including procedures to (i) restrict access to such records in accordance with this Addendum; (ii) establish user IDs and passwords as necessary to protect such records; (iii) protect all such user passwords from detection and unauthorized use; (iv) prevent hostile or unauthorized intrusion that could compromise confidentiality, result in data corruption, or deny service; (v) prevent and detect computer viruses from spreading to disks, attachments to e-mail, downloaded files, and documents generated by word processing and spreadsheet programs; (v) minimize system downtime; (vi) notify FCPS of planned system changes that may impact the security of FCPS Confidential Records; (vii) return or destroy FCPS Confidential Records that exceed specified retention schedules; (viii) permit periodic security audits by FCPS or designated third party using applicable regulations and industry best practice standards as benchmarks, and make commercially reasonable efforts to remediate the vulnerabilities discovered; and (ix) in the event of system failure, enable immediate recovery of FCPS records to the previous business day. In the event of a security breach, the Company shall (i) immediately take action to close the breach; (ii) notify FCPS within 2 business days after Company's first knowledge of the breach, the reasons for or cause of the breach, actions taken to close the breach, and identify the FCPS Confidential Records compromised by the breach; (iii) return compromised FCPS Confidential Records for review; (iv) provide communications on the breach to be shared with affected parties and cooperate with FCPS efforts to communicate to affected parties by providing FCPS with prior review of press releases and any communications to be sent to affected parties; (v) take all legally required, reasonable, and customary measures in working with FCPS to remediate the breach which may include toll free telephone support with informed customer services staff to address questions by affected parties and/or provide monitoring services if necessary given the nature and scope of the disclosure; (vi) cooperate with FCPS by providing information, records and witnesses needed to respond to any government investigation into the disclosure of such records or litigation concerning the breach; and (vii) provide FCPS with notice within 2 business days after notice or service on Company, whichever occurs first, of any lawsuits resulting from, or government investigations of, the Company's handling of FCPS records of any kind, failure to follow security requirements and/or failure to safeguard confidential information. The Company shall provide satisfactory documentation of its compliance with the security requirements of this provision prior to performing services under the Agreement. The Company’s compliance with the requirements of this provision is subject to verification by FCPS personnel or its agent at any time during the term of the Agreement.

Other Security Requirements. The Company shall maintain all technologies, policies, procedures and practices necessary to secure and protect the confidentiality and integrity of FCPS Confidential Records in the Company’s possessionStudent Records, including procedures to (i) restrict access to such records as described in accordance with the “Confidentiality” provision of this AddendumAgreement; (ii) establish user IDs and passwords as necessary to protect such records; (iii) protect all such user passwords from detection and unauthorized use; (iv) prevent hostile or unauthorized intrusion that could compromise confidentiality, result in data corruption, or deny service; (v) prevent and detect computer viruses from spreading to disks, attachments to e-mail, downloaded files, and documents generated by word processing and spreadsheet programs; (vvi) minimize system downtime; (vivii) notify FCPS of planned system changes that may impact the security of FCPS Confidential Student Records; (viiviii) return or destroy FCPS Confidential Student Records that exceed specified retention schedules; (viiiix) permit periodic security audits by FCPS or designated third party using applicable regulations and industry best practice standards as benchmarks, and make commercially reasonable efforts to remediate the vulnerabilities discovered; and (ixx) in the event of system failure, enable immediate recovery of FCPS records to the previous business day. In the event of a security breach, the Company shall (i) immediately take action to close the breach; (ii) notify FCPS within 2 business days after 24 hours of Company's first knowledge of the breach, the reasons for or cause of the breach, actions taken to close the breach, and identify the FCPS Confidential Student Records compromised by the breach; (iii) return compromised FCPS Confidential Student Records for review; (iv) provide communications on the breach to be shared with affected parties and cooperate with FCPS efforts to communicate to affected parties by providing FCPS with prior review of press releases and any communications to be sent to affected parties; (v) take all legally required, reasonable, and customary measures in working with FCPS to remediate the breach which may include toll free telephone support with informed customer services staff to address questions by affected parties and/or provide monitoring services if necessary given the nature and scope of the disclosure; (vi) cooperate with FCPS by providing information, records and witnesses needed to respond to any government investigation into the disclosure of such records or litigation concerning the breach; and (vii) provide FCPS with notice within 2 business days after 24 hours of notice or service on Company, whichever occurs first, of any lawsuits resulting from, or government investigations of, the Company's handling of FCPS records of any kind, failure to follow security requirements and/or failure to safeguard confidential information. The Company shall provide satisfactory documentation of its compliance with the security requirements of this provision prior to performing services under the Agreement. The Company’s compliance with the requirements standards of this provision is subject to verification by FCPS personnel or its agent at any time during the term of the Agreement.

Other Security Requirements. The Company shall maintain all technologies, policies, procedures and practices necessary to secure and protect the confidentiality and integrity of FCPS Confidential Records in the Company’s possessionRecords, including procedures to (i) restrict access to such records as described in accordance with the “Confidentiality” provision of this AddendumAgreement; (ii) establish user IDs and passwords as necessary to protect such records; (iii) protect all such user passwords from detection and unauthorized use; (iv) prevent hostile or unauthorized intrusion that could compromise confidentiality, result in data corruption, or deny service; (v) prevent and detect computer viruses from spreading to disks, attachments to e-mail, downloaded files, and documents generated by word processing and spreadsheet programs; (vvi) minimize system downtime; (vivii) notify FCPS of planned system changes that may impact the security of FCPS Confidential Records; (viiviii) return or destroy FCPS Confidential Records that exceed specified retention schedules; (viii) permit periodic security audits by FCPS or designated third party using applicable regulations and industry best practice standards as benchmarks, and make commercially reasonable efforts to remediate the vulnerabilities discovered; and (ix) in the event of system failure, enable immediate recovery of FCPS records to the previous business day. In the event of a security breach, the Company shall (i) immediately take action to close the breach; (ii) notify FCPS within 2 business days after 72 hours of Company's first knowledge of the breach, the reasons for or cause of the breach, actions taken to close the breach, and identify the FCPS Confidential Records compromised by the breach; (iii) return compromised FCPS Confidential Records for review; (iv) provide communications on the breach to be shared with affected parties and cooperate with FCPS efforts to communicate to affected parties by providing FCPS with prior review of press releases and any communications to be sent to affected parties; (v) take all legally required, reasonable, and customary measures in working with FCPS to remediate the breach which may include toll free telephone support with informed customer services staff to address questions by affected parties and/or provide monitoring services if necessary given the nature and scope of the disclosure; (vi) cooperate with FCPS by providing information, records and witnesses needed to respond to any government investigation into the disclosure of such records or litigation concerning the breach; and (vii) provide FCPS with notice within 2 business days after 72 hours of notice or service on Company, whichever occurs first, of any lawsuits resulting from, or government investigations of, the Company's handling of FCPS records of any kind, failure to follow security requirements and/or failure to safeguard confidential information. The Company shall provide satisfactory documentation of its compliance with the security requirements of this provision prior to performing services under the Agreement. The Company’s compliance with the requirements standards of this provision is subject to verification by FCPS personnel or its agent at any time during the term of the Agreement.

Other Security Requirements. The Company shall maintain all technologies, policies, procedures and practices necessary to secure and protect the confidentiality and integrity of FCPS Confidential Records in the Company’s possessionStudent Records, including procedures to (i) restrict access to such records as described in accordance with the “Confidentiality” provision of this Addendum; (ii) establish user IDs and passwords as necessary to protect such records; (iii) protect all such user passwords from detection and unauthorized use; (iv) prevent hostile or unauthorized intrusion that could compromise confidentiality, result in data corruption, or deny service; (v) prevent and detect computer viruses from spreading to disks, attachments to e-mail, downloaded files, and documents generated by word processing and spreadsheet programs; (v) minimize system downtime; (vi) notify FCPS of planned system changes that may impact the security of FCPS Confidential Student Records; (vii) return or destroy FCPS Confidential Student Records that exceed specified retention schedules; (viii) permit periodic security audits by FCPS or designated third party using applicable regulations and industry best practice standards as benchmarks, and make commercially reasonable efforts to remediate the vulnerabilities discovered; and (ix) in the event of system failure, enable immediate recovery of FCPS records to the previous business day. In the event of a security breach, the Company shall (i) immediately take action to close the breach; (ii) notify FCPS within 2 business days after 24 hours of Company's first knowledge of the breach, the reasons for or cause of the breach, actions taken to close the breach, and identify the FCPS Confidential Student Records compromised by the breach; (iii) return compromised FCPS Confidential Student Records for review; (iv) provide communications on the breach to be shared with affected parties and cooperate with FCPS efforts to communicate to affected parties by providing FCPS with prior review of press releases and any communications to be sent to affected parties; (v) take all legally required, reasonable, and customary measures in working with FCPS to remediate the breach which may include toll free telephone support with informed customer services staff to address questions by affected parties and/or provide monitoring services if necessary given the nature and scope of the disclosure; (vi) cooperate with FCPS by providing information, records and witnesses needed to respond to any government investigation into the disclosure of such records or litigation concerning the breach; and (vii) provide FCPS with notice within 2 business days after 24 hours of notice or service on Company, whichever occurs first, of any lawsuits resulting from, or government investigations of, the Company's handling of FCPS records of any kind, failure to follow security requirements and/or failure to safeguard confidential information. The Company shall provide satisfactory documentation of its compliance with the security requirements of this provision prior to performing services under the Agreement. The Company’s compliance with the requirements standards of this provision is subject to verification by FCPS personnel or its agent at any time during the term of the Agreement.