Security and Privacy Compliance. 2.1. Contractor shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential. 2.2. Contractor shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations. 2.3. Contractor shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.1. All such safeguards shall comply with applicable data protection and privacy laws. 2.4. Contractor will legally bind any contractor(s)/subcontractor(s) to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Contractor shall ensure that the requirements stated herein are imposed on any contractor/subcontractor of Contractor’s subcontractor(s). 2.5. With the exception of contractors and subcontractors as they are addressed in Section 2.4, Contractor will not share GLO Data with any third parties, except as necessary for Contractor’s performance under the Contract and upon the express written consent of the GLO’s Information Security Officer or his/her authorized designee. 2.6. Contractor will ensure that initial privacy and security training, and annual training, thereafter, is completed by its employees or contractor/subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle PII and/or SPI on behalf of the GLO. Contractor shall maintain and, upon request, provide documentation of training completion.
Appears in 3 contracts
Samples: Work Order, Work Order, Work Order
Security and Privacy Compliance. 2.1. Contractor Provider shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Contractor Provider shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Contractor Provider shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Contractor Provider will legally bind any contractor(s)/subcontractor(s) to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Contractor Provider shall ensure that the requirements stated herein are imposed on any contractor/subcontractor of ContractorProvider’s subcontractor(s).
2.5. With the exception of contractors and subcontractors as they are addressed in Section 2.4, Contractor Provider will not share GLO Data with any third parties, except as necessary for ContractorProvider’s performance under the Contract and upon the express written consent of the GLO’s Information Security Officer or his/her authorized designee.
2.6. Contractor Provider will ensure that initial privacy and security training, and annual training, training thereafter, is completed by its employees or contractor/subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle personally handle PII and/or SPI on behalf of the GLOagency. Contractor shall Provider agrees to maintain and, upon request, provide documentation of training completion.
Appears in 3 contracts
Samples: Professional Services Contract, Professional Services, Professional Services Contract
Security and Privacy Compliance. 2.1. Contractor Provider shall keep all GLO Data received under the Contract and any documents related thereto strictly confidential.
2.2. Contractor Provider shall comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations.
2.3. Contractor Provider shall implement administrative, physical, and technical safeguards to protect GLO Data that are no less rigorous than accepted industry practices including, without limitation, the guidelines in the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework Version 1.1. All such safeguards shall comply with applicable data protection and privacy laws.
2.4. Contractor Provider will legally bind any contractor(s)/subcontractor(s) to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto. Contractor Provider shall ensure that the requirements stated herein are imposed on any contractor/subcontractor of ContractorProvider’s subcontractor(s).
2.5. With the exception of contractors and subcontractors as they are addressed in Section 2.4, Contractor Provider will not share GLO Data with any third parties, except as necessary for Contractorthe Provider’s performance under the Contract and upon the express written consent of the GLO’s Information Security Officer or his/her authorized designee.
2.6. Contractor Provider will ensure that initial privacy and security training, and annual training, training thereafter, is completed by its employees or contractor/subcontractors that have access to GLO Data or who create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise handle personally handle PII and/or SPI on behalf of the GLOagency. Contractor shall Provider agrees to maintain and, upon request, provide documentation of training completion.
Appears in 2 contracts
Samples: Environmental Services Contract, Environmental Services Contract
