Provider’s Information Security Policies Sample Clauses

Provider’s Information Security Policies. Without limiting the generality of the foregoing, Provider’s information security policies shall provide for (i) continual assessment and re-assessment of the risks to the security of BFA Data and systems acquired or maintained by Provider and its agents and contractors in connection with the Services, including (A) identification of internal and external threats that could result in a Data Security Breach, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of BFA Data, and (C) assessment of the sufficiency of policies, procedures, effectiveness of controls, and information systems of Provider and its agents and contractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
AutoNDA by SimpleDocs
Provider’s Information Security Policies. Without limiting the generality of the foregoing, Provider’s information security policies shall provide for (i) continual assessment and re-assessment of the risks to the confidentiality, integrity, and availability of Xxxxxxx Data and Systems acquired or maintained by Provider and its agents and contractors in connection with the Services, including (a) identification of internal and external threats that could result in a Security Breach, (b) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of Xxxxxxx Data, (c) identification of potential vulnerabilities in Software, Equipment, processes, policies, controls, or other Systems used or supported in connection with the Services, and (d) assessment of the sufficiency of policies, procedures, and information systems of Provider and its agents and contractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. “Physical Security” means physical security at any Provider Facility or other location housing systems maintained by Provider or its agents or subcontractors in connection with the Services. “Systems Security” means security of computer, electronic or telecommunications systems of any variety (including data bases, hardware, software, storage, switching and interconnection devices and mechanisms), and networks of which such systems are a part or communicate with, used directly or indirectly by Provider or its agents or subcontractors in connection with the Services. “Process” or “Processing” means any operation or set of operations performed upon Xxxxxxx customers’ personal information, whether or not by automatic means, such as creating, collecting, procuring, obtaining, accessing, recording, organizing, storing, adapting, altering, retrieving, consulting, using, disclosing or destroying.

Related to Provider’s Information Security Policies

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.

  • KYC Information (i) Upon the reasonable request of any Lender made at least 15 days prior to the Closing Date, the Company shall have provided to such Lender the documentation and other information so requested in connection with applicable “know your customer” and anti-money-laundering rules and regulations, including the Act, in each case at least five days prior to the Closing Date.

  • Client Information (2) Protected Health Information in any form including without limitation, Electronic Protected Health Information or Unsecured Protected Health Information (herein “PHI”);

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!