Protection of Data Sample Clauses

Protection of Data. The Contractor agrees to store Data on one or more of the following media and protect the Data as described: a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. b. Network server disks. For Data stored on hard disks mounted on network servers and made available through shared folders, access to the Data will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on disks mounted to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as long as the disks remain in a Secure Area and otherwise meet the requirements listed in the above paragraph. Destruction of the Data, as outlined below in Section 8 Data Disposition, may be deferred until the disks are retired, replaced, or otherwise taken out of the Secure Area. c. Optical discs (CDs or DVDs) in local workstation optical disc drives. Data provided by DSHS on optical discs which will be used in local workstation optical disc drives and which will not be transported out of a Secure Area. When not in use for the contracted purpose, such discs must be Stored in a Secure Area. Workstations which access DSHS Data on optical discs must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. d. Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers. Data provided by DSHS on optical discs which will be attached to network servers and which will not be transported out of a Secure Area. Access to Data on these discs will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or ot...

Protection of Data. 21.1 The Parties agree that they may obtain and have access to personal data during the duration of the Agreement for the fulfilment of the rights and obligations contained herein. In performing the obligations as set out in this Agreement, the Parties shall at all times ensure that: a) they process data only for the express purpose for which it was obtained; b) once processed for the purposes for which it was obtained, all data will be destroyed to an extent that it cannot be reconstructed to its original form; c) data is provided only to authorised personnel who strictly require the personal data to carry out the Parties’ respective obligations under this Agreement; d) they do not disclose personal data of the other Party, other than in terms of this Agreement; e) they have all reasonable technical and organisational measures in place to protect all personal data from unauthorised access and/or use; f) they have appropriate technical and organisational measures in place to safeguard the security, integrity and authenticity of all data in its possession or under its control in terms of this Agreement; g) such personal data is protected against unauthorised or unlawful processing, accidental loss, destruction or damage, alteration, disclosure or access. 21.2 The Parties agree that if personal data will be processed for additional purposes beyond the original purpose for which it was obtained, explicit consent must be obtained beforehand from those persons whose information will be subject to further processing. 21.3 Should it be necessary for either Party to disclose or otherwise make available the personal data to any third party (including sub-contractors and employees), it may do so only with the prior written permission of the other Party. The Party requiring such permission shall require of all such third parties, appropriate written undertakings to be provided, containing similar terms to that set forth in this clause 21, and dealing with that third party's obligations in respect of its processing of the personal data. Following approval by the other Party, the Party requiring permission agrees that the provisions of this clause 21 shall mutatis mutandis apply to all authorised third parties who process personal data. 21.4 The Parties shall ensure that any persons authorized to process data on their behalf (including employees and third parties) will safeguard the security, integrity and authenticity of all data. Where necessary to meet this requirem...

Protection of Data. The Contractor agrees to store Data on one or more of the following media and protect the Data as described: a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms, which provide equal or greater security, such as biometrics or smart cards. b. Network server disks. For Data stored on hard disks mounted on network servers and made available through shared folders, access to the Data will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on disks mounted to such servers must be located in the area, which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as long as the disks remain in a Secured Area and otherwise meet the requirements listed in the above paragraph. Destruction of the Data as outlined in Section

Protection of Data. The Contractor agrees to store and protect Data as described. i. Data at Rest: Data will be encrypted with NIST 800-series approved algorithms. Encryption keys will be stored and protected independently of the data. Access to the Data will be restricted to Authorized Users through the use of access control lists, a Unique User ID, and a Hardened Password, or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Systems that contain or provide access to Confidential Information must be located in an area that is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. ii. Data stored on Portable/Removable Media or Devices: • Confidential Information provided by HCA on Removable Media will be encrypted with NIST 800-series approved algorithms. Encryption keys will be stored and protected independently of the Data. • HCA’s Data must not be stored by the Contractor on Portable Devices or Media unless specifically authorized within the Agreement. If so authorized, the Contractor must protect the Data by: o Encrypting with NIST 800-series approved algorithms. Encryption keys will be stored and protected independently of the data; o Controlling access to the devices with a Unique User ID and Hardened Password or stronger authentication method such as a physical token or biometrics; o Keeping devices in locked storage when not in use; o Using check-in/check-out procedures when devices are shared; o Maintaining an inventory of devices; and o Ensuring that when being transported outside of a Secured Area, all devices containing Data are under the physical control of an Authorized User. iii. Paper Documents: Any paper records containing Confidential Information must be protected by storing the records in a Secured Area that is accessible only to authorized personnel. When not in use, such records must be stored in a locked container, such as a file cabinet, locking drawer, or safe, to which only authorized persons have access.

Protection of Data. 1.1 It is understood by each Authority that there is a great deal of data, much of it sensitive, processed by the adoption teams in each Authority area. As a result of the collaborative working it is likely that, at times, Personal Data may be transferred between Authorities for the benefit of the Project. 1.2 This Schedule aims to clarify each Authorities duty when receiving Personal Data from another Authority. 1.3 With respect to the Authorities rights and obligations under this Agreement, the Authorities agree that each Authority is the Data Controller in respect of the work undertaken in that area relating to the Integrated Service. And that if such Data is passed to another Authority that Authority will be regarded as the Data Processor. 1.4 Each Authority that acts as Processor shall: (a) Process the Personal Data only in accordance with instructions from the Data Controller; (b) Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Project or as is required by law or any regulatory body; (c) implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure; (d) obtain prior written consent from the Authority in order to transfer the Personal Data to any affiliates for the provision of the Project; (e) ensure that all Employees required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this Schedule; (f) ensure that none of the Employees publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Data Controller; (g) notify the Data Controller (within five Working Days), if it receives: (i) a request from a Data Subject to have access to that person's Personal Data; or (ii) a complaint or request relating to the Authority's obligations under the Data Protection Legislation; (iii) provide the Authority with full co-operation and assistance in relation to any complaint or request made, including by: (iv) providing the Authority with full details of the complaint or request; (v) providing the Authority with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Authority); and (vi) providing the Authority with any information requested by the Authority. 1.5 Each Authority shall comply ...

Protection of Data. (a) For the purpose of compliance with applicable government regulations, Fiserv has an operations backup center, for which Client agrees to pay the charges indicated in Exhibit A - 2. Copies of transaction files are maintained by Fiserv off premises in secured vaults. (b) Fiserv provides "on-line" security via utilization of leased lines with poll/select protocol. (c) Upon Client providing access to Client Files through Client's customers' personal computers or voice response system, Client agrees to indemnify and hold harmless Fiserv, its officers, directors, employees, and affiliates against any claims or actions arising out of such access to Client Files or any Fiserv files (including the files of other Fiserv clients) or the Fiserv System or other Fiserv systems.

Protection of Data. Philips will take appropriate commercially reasonable technical and organizational measures to protect the Personal Data, at a level appropriate to the risk, of accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access during the processing.

Protection of Data. The Contractor agrees to store Data on one or more of the following media and protect the Data as described: a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards.

Protection of Data. Release of Data Under the Freedom of Information Act

Protection of Data. Data Recipient agrees to use commercially reasonable efforts to prevent any Person from obtaining Data through its equipment or facilities, except as authorized hereunder or in an Additional Agreement. In the event Data Recipient has reason to believe any Data is being obtained by an unauthorized Person from Data Recipient, or its Affiliates or Data Users, Data Recipient agrees to use commercially reasonable efforts to ascertain the source from which, and the manner in which, the same is being obtained and to promptly inform and cooperate with Cboe fully with respect thereto. During the term of this Agreement, Data Recipient shall maintain effective Data Controls for any part of Data Recipient’s service for which Data Recipient controls access to Data.