Security and Privacy Compliance. 2.1. Provider shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Provider shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations and directives.
2.3. Provider shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.
1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Provider will legally bind any subcontractors to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Provider shall ensure that the requirements stated herein are imposed on any subcontractor of Provider’s subcontractor(s).
2.5. Provider will not share GLO Data with any third parties.
2.6. Provider will ensure that initial privacy and security training, and annual training thereafter, is completed by its employees or subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise personally handle PII on behalf of the agency. Provider agrees to maintain and, upon request, provide documentation of training completion.
2.7. Any GLO Data maintained or stored by Provider or any subcontractor must be stored on servers or other hardware located within the physical borders of the United States and shall not be accessed outside of the United States.
Security and Privacy Compliance. 2.1. Contractor shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Contractor shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Contractor shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Contractor will legally bind any contractor(s)/subcontractor(s) to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Contractor shall ensure that the requirements stated herein are imposed on any contractor/subcontractor of Contractor’s subcontractor(s).
2.5. With the exception of contractors and subcontractors as they are addressed in Section 2.4, Contractor will not share GLO Data with any third parties, except as necessary for Contractor’s performance under the Contract and upon the express written consent of the GLO’s Information Security Officer or his/her authorized designee.
2.6. Contractor will ensure that initial privacy and security training, and annual training, thereafter, is completed by its employees or contractor/subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle PII and/or SPI on behalf of the GLO. Contractor shall maintain and, upon request, provide documentation of training completion.
Security and Privacy Compliance. 2.1. Developer shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Developer shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Developer shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.
1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Developer will legally bind any contractor(s)/subcontractor(s) to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Developer shall ensure that the requirements stated herein are imposed on any contractor/subcontractor of Developer’s subcontractor(s).
2.5. With the exception of contractors and subcontractors as they are addressed in Section 2.4, Developer will not share GLO Data with any third parties, except as necessary for Developer’s performance under the Contract and upon the express written consent of the GLO’s Information Security Officer or his/her authorized designee.
2.6. Developer will ensure that initial privacy and security training, and annual training, thereafter, is completed by its employees or contractor/subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle PII and/or SPI on behalf of the GLO. Developer shall maintain and, upon request, provide documentation of training completion.
Security and Privacy Compliance. 2.1. Subrecipient shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Subrecipient shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Subrecipient shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.
1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Subrecipient will legally bind any contractor(s)/subcontractor(s) to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Subrecipient shall ensure that the requirements stated herein are imposed on any contractor/subcontractor of Subrecipient’s subcontractor(s).
2.5. With the exception of contractors and subcontractors as they are addressed in Section 2.4, Subrecipient will not share GLO Data with any third parties, except as necessary for Subrecipient’s performance under the Contract and upon the express written consent of the GLO’s Information Security Officer or his/her authorized designee.
2.6. Subrecipient will ensure that initial privacy and security training, and annual training, thereafter, is completed by its employees or contractor/subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle PII and/or SPI on behalf of the GLO. Subrecipient shall maintain and, upon request, provide documentation of training completion.
Security and Privacy Compliance. 2.1. Provider shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Provider shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations and directives.
2.3. Provider shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.
Security and Privacy Compliance. 2.1. Subrecipient shall keep all PII and SPI received or generated under the Contract and any documents containing PII or SPI strictly confidential.
2.2. Subrecipient shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations and directives.
2.3. Subrecipient shall implement administrative, physical, and technical safeguards to protect PII and SPI that are consistent with the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.
1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Subrecipient will legally bind any contractors and their subcontractors to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Subrecipient shall ensure that the requirements stated herein are imposed on any subcontractor of Provider’s subcontractor(s).
2.5. Subrecipient will not share PII or SPI with any third parties, except as necessary for Subrecipient’s performance under the Contract.
2.6. Subrecipient will ensure that initial privacy and security training, and annual training thereafter, is completed by its employees and contractors, including any subcontractor, that have access to PII or SPI or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise personally handle PII or SPI on behalf of Subrecipient. Subrecipient agrees to maintain and, upon request, provide documentation of training completion. The requirement for initial privacy and security training may be satisfied by verifiable existing security awareness training.
2.7. Any PII or SPI maintained or stored by Subrecipient or any contractor, including any subcontractor, must be stored on servers or other hardware located within the physical borders of the United States and shall not be accessed outside of the United States.
Security and Privacy Compliance. 2.1. Credco shall keep all and Client Data received under the Contract strictly confidential; provided, however, the parties understand, acknowledge, and agree that certain Client Data may be disclosed to Credco’s consumer reporting vendors as is required for Credco to provide the services described in the Agreement for Service by and between Credco and Client. Credco may disclose Client Data to the Consumer Financial Protection Bureau or any other federal agency with direct regulatory oversight of Credco, each as may be required by applicable federal law.
2.2. Credco shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Credco shall implement administrative, physical, and technical safeguards to protect Client Data that are no less rigorous than accepted industry practices including, the NIST Cybersecurity Framework, PCI DSS and ISO. All such safeguards are to ensure no unauthorized use occurs and shall comply with applicable data protection and privacy laws
2.4. Credco will legally bind subcontractors, if any, to the same requirements stated herein and obligations stipulated in Credco's contract with the Client. Credco shall ensure that the requirements stated herein are imposed on any subcontractor of Credco’s subcontractor(s).
2.5. Except as outlined in Section 2.1, Credco will not share Client Data with any unauthorized third parties.
2.6. Credco will ensure that initial privacy and security training, and annual training thereafter, is completed by its employees or subcontractors that have access to Client Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle personally handle PII on behalf of the agency. Credco agrees to maintain and, upon request, provide documentation of training completion. 2.7. Any Client Data maintained or stored by Credco or any subcontract must be stored on servers or other hardware located within the physical borders of the United States and shall not be accessed outside of the United States.
Security and Privacy Compliance. 2.1. Provider shall keep all GLO Data received under the Contract and any documents containing GLO Data strictly confidential.
2.2. Provider shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations and directives.
2.3. Provider shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices, including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.1 All such safeguards shall comply with applicable data protection and privacy laws. Provider shall provide within thirty (30) days of execution of the Contract and annually thereafter certification or attestation of meeting or exceeding accepted industry best practices. Such certification or attestation may be satisfied by the submission of Provider’s information security program documentation demonstrating alignment to accepted industry practices.
2.4. Provider will legally bind any Subcontractors to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Provider shall ensure that the requirements stated herein are imposed on any Subcontractor of Provider’s Subcontractor(s).
2.5. Provider will not share PII or SPI Data with any third parties, except as necessary for Subrecipient’s performance under the Contract.
2.6. Provider will ensure that annual privacy and security training is completed by its employees or Subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise personally handle PII and/or SPI on behalf of the agency. Provider agrees to maintain and, upon request, provide documentation of training completion. The requirement for initial privacy and security training may be satisfied by verifiable existing security awareness training.
2.7. Any GLO Data maintained or stored by Provider or any Subcontractor must be stored on servers or other hardware located within the physical borders of the United States and shall not be accessed outside of the United States.
Security and Privacy Compliance. 2.1. Provider shall keep all and Board Data received under the Contract strictly confidential.
2.2. Provider shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Provider shall implement administrative, physical, and technical safeguards to protect Board Data that are no less rigorous than accepted industry practices including, without limitation, the NIST Cybersecurity Framework. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Provider will legally bind any subcontractors to the same requirements stated herein and obligations stipulated in Provider's contract with the Board. Provider shall ensure that the requirements stated herein are imposed on any subcontractor of Provider’s subcontractor(s).
2.5. Provider will not share Board Data with any third parties.
2.6. Provider will ensure that initial privacy and security training, and annual training thereafter, is completed by its employees or subcontractors that have access to Board Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle personally handle PII on behalf of the agency. Provider agrees to maintain and, upon request, provide documentation of training completion.
2.7. Any Board Data maintained or stored by Provider or any subcontract must be stored on servers or other hardware located within the physical borders of the United States and shall not be accessed outside of the United States.
Security and Privacy Compliance. Provider shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
