SECURITY AND PRIVACY SAFEGUARDS Sample Clauses

SECURITY AND PRIVACY SAFEGUARDS. General Security Requirements DHS-USCIS and ED will comply with all Federal requirements relating to information security, information systems security, and privacy, including the Federal Information Security Management Act of 2002 (FISMA), the E-Government Act of 2002, the Privacy Act of 1974, OMB memoranda related to privacy, and National Institute of Standards and Technology (NIST) directives in the Special Publications (SP) 800 series (e.g., NIST SP 800-53, and NIST SP 800-37). Specific security requirements include, but are not limited to, the following: • Data must be protected at the Moderate system certification criticality level according to Federal Information Processing Standards (FIPS) Publication 199, Standards for Security Categorization of Federal Information and Information Systems. • DHS-USCIS and ED’s CPS have completed the security authorization process (formerly called certification and accreditation) within the last three years, using the required NIST guidance, and have an Authorization to Operate (ATO) with the appropriate signatures. • Electronic files are encrypted using the FIPS 140-2 standard and, to the extent possible, are interoperable with ED’s personal identity verification logical access control card (PIV LAC) for Government Employees and support contractors authorized to have an HSPD-12 card (HSPD-12= Homeland Security Presidential Directive #12). FISMA requirements apply to all Federal contractors, organizations, or entities that possess or use Federal information, or that operate, use, or have access to Federal information systems on behalf of an agency. DHS-USCIS and ED agree that they are responsible for oversight and compliance of their own contractors and agents. DHS- USCIS and ED each reserve the right to conduct onsite inspections of any contractor or agent who has access to matched data in order to monitor compliance with FISMA regulations during the lifetime of this agreement. ED and DHS-USCIS will also comply with the personally identifiable information (PII) breach reporting and security requirements as required by OMB M-06-19, “Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments,” and XXX X-00-00, “Safeguarding Against and Responding to the Breach of Personally Identifiable Information.” ED and DHS-USCIS also agree to notify each other as soon as possible, but no later than one hour, after the discovery of a susp...
Sample 1See All (4)
AutoNDA by SimpleDocs
SECURITY AND PRIVACY SAFEGUARDS. ED and DoD will comply with all Federal requirements relating to information security, information systems security, and privacy, including the Federal Information Security Modernization Act of 2014 (FISMA), the E-Government Act of 2002, OMB memoranda related to privacy, and National Institute of Standards and Technology (NIST) directives in the Special Publications (SP) 800 series (e.g., NIST SP 800-53, Rev. 4, and NIST SP 800-37, Rev. 1). Specific security requirements include, but are not limited to, the following:
Sample 1Sample 2
SECURITY AND PRIVACY SAFEGUARDS. 2.1 All eHealth Ontario Products and Services: eHealth Ontario’s security program is based on two standards from the International Organization for Standardization (ISO), as recommended by the Government of Canada: • ISO/IEC 27002:2005, – Code of Practice for Information Security Management, and • ISO/IEC 27001:2005, – Information Security Management Systems – Requirements. and is in compliance with the Personal Health Information Protection Act and the Freedom of Information and Protection of Privacy Act. Security of information and protection of privacy within, and by use of, eHealth Ontario’s products and services is achieved by collaboration of all parties who are partners in providing or using these services. For its part, eHealth Ontario has implemented the following safeguards:
Sample 1
SECURITY AND PRIVACY SAFEGUARDS eHealth Ontario warrants that it has implemented and will maintain strong administrative, physical and technical safeguards, consistent with industry best practices as applicable to health care systems in Ontario, to protect the Personal Health Information being transferred, processed or stored from theft, loss, unauthorised use, modification, disclosure, destruction and/or damage and will ensure its Representatives comply with its privacy and security requirements. These safeguards include security software and encryption protocols, firewalls, locks and other access controls, privacy impact assessments, staff training and confidentiality agreements. Additional information can be found at xxxx://xxx.xxxxxxxxxxxxxx.xx.xx/about.
Sample 1
SECURITY AND PRIVACY SAFEGUARDS eHealth Ontario has implemented strong administrative, physical and technical safeguards, consistent with industry best practices, to protect the information being transferred, processed or stored from theft, loss, unauthorised use, modification, disclosure, destruction and/or damage. These safeguards include security software and encryption protocols, firewalls, locks and other access controls, privacy impact assessments, staff training and confidentiality agreements.
Sample 1
SECURITY AND PRIVACY SAFEGUARDS. 1. SSS and ED will comply with all Federal requirements relating to information security, information systems security, and privacy, including the Federal Information Security Management Act of 2002, as amended by the Federal Information Security Modernization Act of 2014 (FISMA), section 208 of the E-Government Act of 2002, the Privacy Act, OMB Memorandum 08-05, “Implementation of Trusted Internet Connections (TIC)” and all subsequent related memoranda, OMB memoranda related to privacy, and National Institute of Standards and Technology (NIST) directives in the Special Publications (SP) 800 series (e.g., NIST SP 800-53, Rev. 4, and NIST SP 800-37, Rev. 1). Specific security requirements include, but are not limited to, the following:
Sample 1
SECURITY AND PRIVACY SAFEGUARDS 
Sample 1
AutoNDA by SimpleDocs

Related to SECURITY AND PRIVACY SAFEGUARDS

  • Security and Privacy 3. Security and privacy policies for the Genesys Cloud Service addressing use of Customer Data, which are incorporated by reference, are located at xxxxx://xxxx.xxxxxxxxxxx.xxx/articles/Genesys Cloud-security-compliance/.

  • Data Security and Privacy 12.1 SERVICE PROVIDER acknowledges the importance of Data Security and agrees to adhere to the Terms and Conditions of the Data Security Policy of IIMC.

  • Security and Data Privacy Each party will comply with applicable data privacy laws governing the protection of personal data in relation to their respective obligations under this Agreement. Where Siemens acts as Customer’s processor of personal data provided by Customer, the Data Privacy Terms available at xxxxx://xxx.xxxxxxx.xxx/dpt/sw, including the technical and organizational measures described therein, apply to the use of the relevant Learning Services and are incorporated herein by reference.

  • System Security and Data Safeguards When SAP is given access to Licensee’s systems and data, SAP shall comply with Licensee’s reasonable administrative, technical, and physical safeguards to protect such data and guard against unauthorized access. In connection with such access, Licensee shall be responsible for providing Consultants with user authorizations and passwords to access its systems and revoking such authorizations and terminating such access, as Licensee deems appropriate from time to time. Licensee shall not grant SAP access to Licensee systems or personal information (of Licensee or any third party) unless such access is essential for the performance of Services under the Agreement. The parties agree that no breach of this provision shall be deemed to have occurred in the event of SAP non-conformance with the aforementioned safeguard but where no personal information has been compromised.

  • Data Security and Privacy Plan As more fully described herein, throughout the term of the Master Agreement, Vendor will have a Data Security and Privacy Plan in place to protect the confidentiality, privacy and security of the Protected Data it receives from the District. Vendor’s Plan for protecting the District’s Protected Data includes, but is not limited to, its agreement to comply with the terms of the District’s Bill of Rights for Data Security and Privacy, a copy of which is set forth below and has been signed by the Vendor. Additional components of Vendor’s Data Security and Privacy Plan for protection of the District’s Protected Data throughout the term of the Master Agreement are as follows:

  • Security Safeguards (1) Each party acknowledges that it is solely responsible for determining and communicating to the other the appropriate technological, physical, and organizational security measures required to protect Personal Data.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "

  • INFORMATION AND PRIVACY You understand and agree that in conjunction with employee training, quality control and the provision of services, we may monitor and/or electronically record cellular transmissions related to the Services, as well as conversations with you or others. Further, you understand that privacy cannot be guaranteed on telephone, cellular network and computer systems, and we shall not be liable to you for any claims, loss, damages or costs which may result from a lack of privacy experienced. You consent to us (i) using information about you and your location (collectively, “information’) to administer services, offer you new products or services, enforce the terms of this Agreement, prevent fraud and respond to regulatory and legal requirements, (ii) response to a subpoena or other such legal process, and (iii) using and sharing aggregate Subscriber information and statistics that do not include information that identifies you personally.

  • Data and Privacy 22.1 In making a booking we will ask for personal information such as your name, postal address, email address, telephone number and payment details. We could use the data to inform you about news and information we think may be of interest to you. We will not pass your information onto any third parties for the purposes of administration. Contractors will not be allowed to use your personal information for any other purpose that that which Pebble House may have instructed. By booking with us you are deemed to have consented to the use of personal information for these purposes. If you decide that you would prefer that your information is not used in this way or that you do not wish to receive such information, please contact us in writing or by email to hello@ xxxxxxxxxxxxxxxxxxx.xx.xx.

  • Data Privacy and Security Bank will implement and maintain a written information security program, in compliance with all federal, state and local laws and regulations (including any similar international laws) applicable to Bank, that contains reasonable and appropriate security measures designed to safeguard the personal information of the Funds' shareholders, employees, trustees and/or officers that Bank or any Subcustodian receives, stores, maintains, processes, transmits or otherwise accesses in connection with the provision of services hereunder. In this regard, Bank will establish and maintain policies, procedures, and technical, physical, and administrative safeguards, designed to (i) ensure the security and confidentiality of all personal information and any other confidential information that Bank receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder, (ii) protect against any reasonably foreseeable threats or hazards to the security or integrity of personal information or other confidential information, (iii) protect against unauthorized access to or use of personal information or other confidential information, (iv) maintain reasonable procedures to detect and respond to any internal or external security breaches, and (v) ensure appropriate disposal of personal information or other confidential information. Bank will monitor and review its information security program and revise it, as necessary and in its sole discretion, to ensure it appropriately addresses any applicable legal and regulatory requirements. Bank shall periodically test and review its information security program. Bank shall respond to Customer's reasonable requests for information concerning Bank's information security program and, upon request, Bank will provide a copy of its applicable policies and procedures, or in Bank's discretion, summaries thereof, to Customer, to the extent Bank is able to do so without divulging information Bank reasonably believes to be proprietary or Bank confidential information. Upon reasonable request, Bank shall discuss with Customer the information security program of Bank. Bank also agrees, upon reasonable request, to complete any security questionnaire provided by Customer to the extent Bank is able to do so without divulging sensitive, proprietary, or Bank confidential information and return it in a commercially reasonable period of time (or provide an alternative response that reasonably addresses the points included in the questionnaire). Customer acknowledges that certain information provided by Bank, including internal policies and procedures, may be proprietary to Bank, and agrees to protect the confidentiality of all such materials it receives from Bank. Bank agrees to resolve promptly any applicable control deficiencies that come to its attention that do not meet the standards established by federal and state privacy and data security laws, rules, regulations, and/or generally accepted industry standards related to Bank's information security program. Bank shall: (i) promptly notify Customer of any confirmed unauthorized access to personal information or other confidential information of Customer ("Breach of Security"); (ii) promptly furnish to Customer appropriate details of such Breach of Security and assist Customer in assessing the Breach of Security to the extent it is not privileged information or part of an investigation; (iii) reasonably cooperate with Customer in any litigation and investigation of third parties reasonably deemed necessary by Customer to protect its proprietary and other rights; (iv) use reasonable precautions to prevent a recurrence of a Breach of Security; and (v) take all reasonable and appropriate action to mitigate any potential harm related to a Breach of Security, including any reasonable steps requested by Customer that are practicable for Bank to implement. Nothing in the immediately preceding sentence shall obligate Bank to provide Customer with information regarding any of Bank's other customers or clients that are affected by a Breach of Security, nor shall the immediately preceding sentence limit Bank's ability to take any actions that Bank believes are appropriate to remediate any Breach of Security unless such actions would prejudice or otherwise limit Customer's ability to bring its own claims or actions against third parties related to the Breach of Security. If Bank discovers or becomes aware of a suspected data or security breach that may involve an improper access, use, disclosure, or alteration of personal information or other confidential information of Customer, Bank shall, except to the extent prohibited by Applicable Law or directed otherwise by a governmental authority not to do so, promptly notify Customer that it is investigating a potential breach and keep Customer informed as reasonably practicable of material developments relating to the investigation until Bank either confirms that such a breach has occurred (in which case the first sentence of this paragraph will apply) or confirms that no data or security breach involving personal information or other confidential information of Customer has occurred. For these purposes, "personal information" shall mean (i) an individual's name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver's license number, (c) state identification card number, (d) debit or credit card number, (e) financial account 22 number, (f) passport number, or (g) personal identification number or password that would permit access to a person's account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual's account. This provision will survive termination or expiration of the Agreement for so long as Bank or any Subcustodian continues to possess or have access to personal information related to Customer. Notwithstanding the foregoing "personal information" shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.

Time is Money Join Law Insider Premium to draft better contracts faster.