REQUIRED PROJECT POLICIES, GUIDELINES AND METHODOLOGIES. The Contractor shall be required to comply with all applicable laws, regulations, policies, standards and guidelines affecting information technology projects, which may be created or changed periodically. It is the responsibility of the Contractor to insure adherence and to remain abreast of new or revised laws, regulations, policies, standards and guidelines affecting specific project execution. The most recent version of the following policies can be found on the State of Vermont Agency of Digital Services website at xxxx://xxx.xxxxxxx.xxx/policy/policy: • Incident Response Policy • Information Security Policy • Intrusion Detection and Prevention Policy • Malicious Software Protection • Physical Security for Computer Protection • Third Party Connectivity • Mobile Device Policy • System/Service Password Policy • User Password Policy and Guidelines • Digital Media and Hardware Disposal Policy, Standard and Procedure If required by an SOW Agreement, Contractor’s security controls shall conform to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) including the Standards for the Privacy of Individually Identifiable Health Information at 45 CFR Parts 160 and 164 (“Privacy Rule”), the Security Standards at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by subtitle D of the Health Information Technology for Economic and Clinical Health Act and the Federal Information Security Management Act (“FISMA”), 44 U.S.C. 3541 et seq. and Family Education Rights and Privacy Act, 20 U.S.C. § 1232g (FERPA), as applicable.
Appears in 7 contracts
Samples: Vermont Contract, Vermont Contract, bgs.vermont.gov
REQUIRED PROJECT POLICIES, GUIDELINES AND METHODOLOGIES. The Contractor shall be required to comply with all applicable laws, regulations, policies, standards and guidelines affecting information technology projects, which may be created or changed periodically. It is the responsibility of the Contractor to insure adherence and to remain abreast of new or revised laws, regulations, policies, standards and guidelines affecting specific project execution. The most recent version of the following policies can be found on the State of Vermont Agency Department of Digital Services Information and Innovation website at xxxx://xxx.xxxxxxx.xxx/policy/policy: • Incident Response Policy • Information Security Policy • Intrusion Detection and Prevention Policy • Malicious Software Protection • Physical Security for Computer Protection • Third Party Connectivity • Mobile Device Policy • System/Service Password Policy • User Password Policy and Guidelines • Digital Media and Hardware Disposal Policy, Standard and Procedure If required by an SOW Agreement, Contractor’s security controls shall conform to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) including the Standards for the Privacy of Individually Identifiable Health Information at 45 CFR Parts 160 and 164 (“Privacy Rule”), the Security Standards at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by subtitle D of the Health Information Technology for Economic and Clinical Health Act and the Federal Information Security Management Act (“FISMA”), 44 U.S.C. 3541 et seq. and Family Education Rights and Privacy Act, 20 U.S.C. § 1232g (FERPA), as applicable.
Appears in 4 contracts
Samples: Attachment E Business Associate Agreement, Attachment E Business Associate Agreement, Attachment E Business Associate Agreement
REQUIRED PROJECT POLICIES, GUIDELINES AND METHODOLOGIES. The Contractor shall be required to comply with all applicable laws, regulations, policies, standards and guidelines affecting information technology projects, which may be created or changed periodically. It is the responsibility of the Contractor to insure adherence and to remain abreast of new or revised laws, regulations, policies, standards and guidelines affecting specific project execution. The most recent version of the following policies can be found on the State of Vermont Agency Department of Digital Services Information and Innovation website at xxxx://xxx.xxxxxxx.xxx/policy/policy: • Incident Response Policy • Information Security Policy • Intrusion Detection and Prevention Policy • Malicious Software Protection • Physical Security for Computer Protection • Third Party Connectivity • Mobile Device Policy • System/Service Password Policy • User Password Policy and Guidelines • Digital Media and Hardware Disposal Policy, Standard and Procedure If required by an SOW Agreement, Contractor’s security controls shall conform to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) including the Standards for the Privacy of Individually Identifiable Health Information at 45 CFR Parts 160 and 164 (“Privacy Rule”), the Security Standards at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by subtitle D of the Health Information Technology for Economic and Clinical Health Act and the Federal Information Security Management Act (“FISMA”), 44 U.S.C. 3541 et seq. and Family Education Rights and Privacy Act, 20 U.S.C. § 1232g (FERPA), as applicable.
Appears in 4 contracts
Samples: Statement of Work Agreement, Business Associate Agreement, Business Associate Agreement
