We use cookies on our site to analyze traffic, enhance your experience, and provide you with tailored content.

For more information visit our privacy policy.

Security and Data Protection Requirements Sample Clauses

Security and Data Protection Requirements. 12.1 Cisco and its affiliates, representatives, agents, employees, and subcontractors shall only access Your and Your Approved Source’s and the Authorized Third PartiesCustomer Content, networks, and systems when such access is necessary to provide or otherwise deliver Cisco Technology and services contemplated herein. 12.2 Cisco shall implement appropriate administrative, physical, and technical safeguards to protect Customer Content that are consistent with accepted industry practices. Cisco shall ensure that all such safeguards, including the manner in which information or data is collected, accessed, used, stored, processed, disposed of, and disclosed, comply with data protection and privacy laws applicable to Cisco in performing its obligations under this XXXX. Cisco shall not access or attain any personally identifiable information, protected classes of information, or other sensitive information while providing the services contemplated herein, except as contemplated in the applicable offer description and data privacy sheets and in compliance with applicable laws, rules, and regulations, and Xxxxx agrees that any such information shall be protected in the same manner as is Confidential Information. 12.3 Cisco shall have a documented security incident policy and plan and must provide a copy at Your Approved Source’s reasonable request. 12.4 Where Cisco has undertaken independent third-party audit Statement on Standards for Attestation Engagements (“SSAE-18”) certifications for particular Cisco Technology, upon request by Your Approved Source, Cisco will provide annual copies of its applicable System Operation Controls 2 (“SOC2”) report(s) and/or bridge/gap letter(s). 12.5 Cisco will notify the State of Illinois Chief Information Security Officer at XxXX.XXX@xxxxxxxx.xxx within forty- eight (48) hours, or sooner as required by applicable, laws, rules, and regulations, of confirmation of any information breach or other security incident that impacts State of Illinois Customer Content. Cisco will use diligent efforts to remedy any such breach or incident in a timely manner to prevent a reoccurrence. Cisco will reimburse You (or Your Approved Source, if applicable) the costs of mitigating damages and of providing legally required notifications to affected individuals.
Security and Data Protection Requirements. The Cal OES must ensure agreements with state and non-state entities include provisions which protect and minimize risk to the state when engaging in the development, use, or maintenance of information systems, products, solutions, or services. In order to comply with the State Administrative Manual (XXX) Section 5305.8, Contractor must comply with the CLOUD COMPUTING SERVICES Software as a Service (SaaS) SPECIAL PROVISIONS - TELECOMMUNICATION (v. 05/03/2021) requirements incorporated by reference to this contract. The host Cloud provider must provide FedRAMP High Certification, plus, meet the additional requirements found in the XXX and the Statewide Information Management Manual (also referred to as SIMM).
Security and Data Protection RequirementsThe State must ensure Agreements with State and non-state entities include provisions which protect and minimize risk to the State when engaging in the development, use, or maintenance of information systems, products, solutions, or services. In order to comply with the State Administrative Manual (XXX) Section 5305.8, Contractor must comply with Exhibit E, Security and Data Protection.
Security and Data Protection Requirements. The CDT must ensure agreements with state and non-state entities include provisions, which protect and minimize risk to the state when engaging in the development, use, or maintenance of information systems, products, solutions, or services. In order to comply with the State Administrative Manual (XXX) Section 5305.8, Contractor must comply with Exhibit E, Security and Data Protection. CONTRACTOR NAME: DEPARTMENT OF TECHNOLOGY CONTRACT NUMBER: ACCEPTANCE DOCUMENT (AD) NUMBER: TITLE: COMPLETION DATE: TOTAL COST: $ AUTHORIZED AND APPROVED: CONTRACTOR OFFICIAL SIGNATURE / DATE DEPARTMENT OF TECHNOLOGY CONTRACT ADMINISTRATOR SIGNATURE / DATE The task/deliverable(s) will be performed in accordance with this Work Authorization and the provision of Contract Number: of PAGE(S) WORK AUTHORIZATION NUMBER TITLE OF TASK/DELIVERABLE TASK/DELIVERABLE SUMMARY (Brief description of task/deliverable to be performed under work authorization) START DATE COMPLETION DATE TOTAL ESTIMATED LABOR HOURS TOTAL ESTIMATED COST CONTRACTOR CONTRACT ADMINISTRATOR NAME TITLE SIGNATURE DATE DEPARTMENT OF TECHNOLOGY CONTRACT ADMINISTRATOR NAME TITLE SIGNATURE DATE a. Each WA shall consist of a detailed statement of the purpose, objective, or goals to be undertaken by the Contractor and all information requested to be provided per WAform, Exhibit A-2. b. All WA must be in writing prior to beginning work and signed by the Contractor and the CDT Technical Contract Manager. c. The CDT has the right to require the Contractor to stop or suspend work on any WA. d. Personnel resources will not be expended (at a cost to the CDT) on task/deliverable accomplishment in excess of estimated work hours required unless the procedure below is followed: (1) If, in performance of the work, the Contractor determines that a WA to be performed under this Contract cannot be accomplished within the estimated work hours, the Contractor will immediately notify the CDT in writing of the Contractor’s estimate of the work hours which will be required to complete the WA in full. Upon receipt of such notification, the CDT may: (a) Authorize the Contractor to expend the estimated additional work hours or service in excess of the original estimate necessary to accomplish the WA; (b) Terminate the WA; or (c) Alter the scope of the WA in order to define tasks that can be accomplished within the remaining estimated work hours. (2) The CDT will notify the Contractor in writing of its decision within seven (7) calendar days aft...
Security and Data Protection Requirements. SCO must ensure agreements with State and non-state entities include provisions which protect and minimize risk to the State when engaging in the development, use, or maintenance of information systems, products, solutions, or services. In order to comply with the State Administrative Manual (XXX) Section 5305.8, Contractor must comply with Exhibit E: Special Terms and Conditions.
Security and Data Protection Requirements. The EDD must ensure agreements with state and non-state entities include provisions, which protect and minimize risk to the state when engaging in the development, use, or maintenance of information systems, products, solutions, or services. In accordance with the State Administrative Manual (XXX) Section 5305.8, Exhibit E, Security and Data Protection, California Government Code Section 1044 and Internal Revenue Service Publication 1075, Section 5.1.1, contracted employees who have access to federal tax information (FTI) are required to comply with security requirements as specified under federal and state law. All currently existing and new contracted employees with access to FTI, will be required to complete and successfully pass a background check. Access to FTI would include, but not be limited to the following access modes: • ACES • SCDB • TOP • IRS TIN verification website • Remote access to computers with FTI • Server data files with FTI • Audit documents with FTI data • Form 1099Official Personnel Files that include adverse actions with FTI data • Access to Central Office buildings • Access to areas with FT EDD Contract No. M62980-7100 Am. 1 EDD/Maximus US Services, Inc.

Related to Security and Data Protection Requirements

  • Compliance with Data Protection Laws 2.1 bookinglab shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Processor of the Customer Personal Data. 2.2 The Customer shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Controller of the Customer Personal Data.

  • Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor. 7.2 The Contractor shall: 7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term); 7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body; 7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department; 7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; 7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services; 7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7; 7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department; 7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation; 7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department; 7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract; 7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and 7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department. 7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).

  • Compliance with Safeguarding Customer Information Requirements The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616, and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Seller information regarding the implementation of such security measures upon the reasonable request of the Seller.

  • Encryption Requirements DST will not locally store Fund Data on any laptops or mobile devices (e.g., Blackberries, PDAs) managed by DST.

  • Information Requirements The Company covenants that, if at any time before the end of the Effectiveness Period the Company is not subject to the reporting requirements of the Exchange Act, it will cooperate with any Holder and take such further reasonable action as any Holder may reasonably request in writing (including, without limitation, making such reasonable representations as any such Holder may reasonably request), all to the extent required from time to time to enable such Holder to sell Registrable Securities without registration under the Securities Act within the limitation of the exemptions provided by Rule 144 and Rule 144A under the Securities Act and customarily taken in connection with sales pursuant to such exemptions. Upon the written request of any Holder, the Company shall deliver to such Holder a written statement as to whether it has complied with such filing requirements, unless such a statement has been included in the Company’s most recent report filed pursuant to Section 13 or Section 15(d) of Exchange Act. Notwithstanding the foregoing, nothing in this Section 7 shall be deemed to require the Company to register any of its securities (other than the Common Stock) under any section of the Exchange Act.

  • Data Protection Laws those laws applicable to the processing of personal data in the relevant jurisdictions, including but not limited to the General Data Protection Regulation 2016/679.

  • COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.

  • Data Protection and Security A. In this Agreement the following terms shall have the meanings respectively ascribed to them: