SECURITY AND TRAINING Sample Clauses

SECURITY AND TRAINING. 6.1. Each party shall only provide and receive the Shared Personal Data using secure methods, having regard to the availability of joint or shared IT systems, the technology for facilitating data transfers, the risk of data loss or breach and the cost of implementing such measures. 6.2. It is the responsibility of each party to ensure that its staff members are appropriately trained to handle and process the Shared Personal Data in accordance with any agreed technical and organisational measures to keep it secure and to uphold the data protection principles set out in Data Protection Legislation. 6.3. The parties shall only disclose or transfer the Shared Personal Data to a third party located outside the EEA in line with the provisions of the applicable Data Protection Legislation. 6.4. Each party is responsible for their own legal compliance and self-audit. A party, however, reasonably may ask to inspect another party or parties’ arrangements for the processing of Shared Personal Data and may request a review of the Data Sharing Agreement where it considers that another party is not processing the Shared Personal Data in accordance with this Data Sharing Agreement, and the matter has demonstrably not been resolved through discussions between the parties.
Sample 1Sample 2Sample 3See All (15)
AutoNDA by SimpleDocs
SECURITY AND TRAINING. 6.1. Each party shall only provide and receive the Shared Personal Data using secure methods, having regard to the availability of joint or shared IT systems, the technology for facilitating data transfers, the risk of data loss or breach and the cost of implementing such measures.
Sample 1Sample 2Sample 3See All (12)
SECURITY AND TRAINING. 10.1 The Parties agree to implement appropriate technical and organisational measures to protect the Personal Data in their possession against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure, including but not limited to: a) ensuring IT equipment, including portable equipment is kept in lockable areas when unattended; b) not leaving portable equipment containing the Personal Data unattended; c) ensuring Staff use appropriate secure passwords for logging into systems or databases containing the Personal Data; d) ensuring that all IT equipment is protected by antivirus software, firewalls, passwords and suitable encryption devices; e) ensuring that any Special Category Personal Data is stored and transferred (including where stored or transferred on portable devices or removable media) using industry standard 256-bit AES encryption or suitable equivalent; f) limiting access to relevant databases and systems to those Staff who need to have access to the Personal Data, and ensuring that passwords are changed and updated regularly to prevent inappropriate access when individuals are no longer engaged by the Party; g) conducting regular threat assessment or penetration testing on systems; h) ensuring all Staff handling Personal Data have been made aware of their responsibilities with regards to handling of the Personal Data; and i) allowing for inspections and assessments to be undertaken by the other Party in respect of the security measures taken, or producing evidence of those measures if requested.
Sample 1Sample 2Sample 3See All (4)
SECURITY AND TRAINING. 12.1 The Data Processor agrees to implement appropriate technological and organisational measures to prevent; • unauthorised or unlawful processing of the Personal Data; and • the accidental loss or destruction of, or damage to, the Personal Data • ensure a level of security appropriate to: • the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage; and • the nature of the Personal Data to be protected. 12.2 Specifically, the Data Processor agrees to implement the technological and organisational security measures described in Schedule 3. The Data Processor agrees to notify the Data Controller of any material change to the measures as described in Schedule 3. 12.3 It is the responsibility of each Party to ensure that its staff members are appropriately trained to handle and process the Personal Data in accordance with the technical and organisational security measures set out in Schedule 3 together with any other applicable national data protection laws and guidance. 12.4 The level, content and regularity of training referred to in clause 11.3 shall be proportionate to the staff members' role, responsibility and frequency with respect to their handling and processing of the Personal Data.
Sample 1Sample 2See All (4)
SECURITY AND TRAINING. 3.13.1 Each party will ensure they have the policies and procedures in place to ensure compliance with the relevant legislation and emerging good practice. 3.13.2 Each party will ensure a level of security that is appropriate to the harm that could result from a security breach and the nature of the personal data to be protected.
Sample 1Sample 2Sample 3
SECURITY AND TRAINING. 6.1. Each party shall only provide and receive the Shared Personal Data using secure methods, having regard to the availability of joint or shared IT systems, the technology for facilitating data transfers, the risk of data loss or breach and the cost of implementing such measures. 4.1.1. boli zavedené účinné postupy a komunikácia, ktoré dotknutej osobe umožnia uplatniť si právo na odstúpenie od priameho marketingu; a 4.1.2. bol potvrdený (a v prípade potreby doložený) vhodný právny základ na použitie Zdieľaných osobných údajov na účely priameho marketingu.
Sample 1Sample 2Sample 3
SECURITY AND TRAINING. 10.1 The Data Discloser shall be responsible for the security of transmission of any Shared Personal Data in transmission to the Data Receiver by using appropriate technical methods. These are detailed below: Via a secure Sharepoint site, set up by The Brillant Club and in no circumstances by email. 10.2 The Parties agree to implement appropriate technical and organisational measures to protect the Shared Personal Data in their possession against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure, including but not limited to: a) Ensuring IT equipment, including portable equipment is kept in lockable areas when unattended; not leaving portable equipment containing the Shared Personal Data unattended; b) Ensuring that staff use appropriate secure passwords for logging into systems or databases containing the Shared Personal Data; c) Ensuring that all IT equipment is protected by antivirus software, firewalls, passwords and suitable encryption devices; d) In particular ensure that any Sensitive Personal Data is stored and transferred (including where stored or transferred on portable devices or removable media) using industry standard 256-bit AES encryption or suitable equivalent; e) Limiting access to relevant databases and systems to those of its officers, staff agents and sub-contractors who need to have access to the Personal Data, and ensuring that passwords are changed and updated regularly to prevent inappropriate access when individuals are no longer engaged by the Party; f) Conducting regular threat assessment or penetration testing on systems. g) Ensuring all staff handling Personal Data have been made aware of their responsibilities with regards to handling of Personal Data.
Sample 1Sample 2
AutoNDA by SimpleDocs
SECURITY AND TRAINING. ‌ 10.1 The Data Discloser shall be responsible for the security of transmission of any Shared Personal Data in transmission to the Data Receiver by using appropriate technical methods. These are detailed below: The University will only share Shared Personal Data in compliance with its encryption policy (a copy of the current version can be found via the following link xxxx://xxx.xxxxxxx.xx.xx/web/files/imps/encryption_policy_v1.3CURRENT.pdf) 10.2 The Parties agree to implement appropriate technical and organisational measures to protect the Shared Personal Data in their possession against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure, including but not limited to: o Ensuring IT equipment, including portable equipment is kept in lockable areas when unattended; o Not leaving portable equipment containing the Personal Data unattended; o Ensuring that staff use appropriate secure passwords for logging into systems or databases containing the Personal Data; o Ensuring that all IT equipment is protected by antivirus software, firewalls, passwords and suitable encryption devices; o In particular ensure that any Sensitive Personal Data is stored and transferred (including where stored or transferred on portable devices or removable media) using industry standard 256-bit AES encryption or suitable equivalent; o Limiting access to relevant databases and systems to those of its officers, staff agents and sub-contractors who need to have access to the Personal Data, and ensuring that passwords are changed and updated regularly to prevent inappropriate access when individuals are no longer engaged by the Party; o Conducting regular threat assessment or penetration testing on systems. o Ensuring all staff handling Personal Data have been made aware of their responsibilities with regards to handling of Personal Data. o Allowing for inspections and assessments to be undertaken by the other Party in respect of the security measures taken, or producing evidence of those measures if requested.
Sample 1
SECURITY AND TRAINING. 10.1 The Data Discloser shall be responsible for the security of transmission of any Shared Personal Data in transmission to the Data Receiver by using appropriate technical methods. These are detailed below: • Reports will be emailed in password protected Excel format with password disclosure issued in a separate email. 10.2 The Parties agree to implement appropriate technical and organisational measures to protect the Shared Personal Data in their possession against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure, including but not limited to: • Ensuring IT equipment, including portable equipment is kept secure at all time ; • not leaving portable equipment containing the Personal Data unattended; • ensuring that staff use appropriate secure passwords for logging into systems or databases containing the Personal Data; • ensuring that all IT equipment is protected by antivirus software, firewalls, passwords and suitable encryption devices; • In particular ensure that any Sensitive Personal Data is stored and transferred (including where stored or transferred on portable devices or removable media) using industry standard 256-bit AES encryption or suitable equivalent; • limiting access to relevant databases and systems to those of its officers, staff agents and sub- contractors who need to have access to the Personal Data, and ensuring that passwords are changed and updated regularly to prevent inappropriate access when individuals are no longer engaged by the Party; • conducting regular threat assessment or penetration testing on systems. • Ensuring all staff handling Personal Data have been made aware of their responsibilities with regards to handling of Personal Data. • Allowing for inspections and assessments to be undertaken by the other Party in respect of the security measures taken, or producing evidence of those measures if requested. • Conducting regular threat assessment and penetration testing on the systems. 10.3 The Data Receiver shall obtain a commitment of confidentiality from any person it allows to process the Personal Data, unless such persons are already under such a duty by law.
Sample 1
SECURITY AND TRAINING. 8.1. The Data Discloser shall only provide the Shared Personal Data to the Data Receiver by using secure methods as agreed in writing with the Data Receiver. 8.2. The Parties undertake to have in place throughout the Term appropriate technical and organisational security measures to: 8.2.1. prevent: 8.2.1.1. unauthorised or unlawful processing of the Shared Personal Data; and 8.2.1.2. the accidental loss or destruction of, or damage to, the Shared Personal Data 8.2.2. ensure a level of security appropriate to: 8.2.2.1. the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage; and 8.2.2.2. the nature of the Shared Personal Data to be protected. 8.3. The level of technical and organisational measures agreed by the Parties as appropriate as at the Commencement Date having regard to the state of technological development and the cost of implementing such measures shall be as mutually agreed by the Parties in writing prior to sharing any Data. The Parties shall keep such security measures under review and shall carry out such updates as they agree are appropriate throughout the Term. 8.4. It is the responsibility of each Party to ensure that its staff members are appropriately trained to handle and process the Shared Personal Data in accordance with the technical and organisational security measures agreed by the Parties together with the Data Protection Legislation. 8.5. The level, content and regularity of training referred to in Clause 8.4 above, shall be proportionate to the staff members’ role, responsibility and frequency with respect to their handling and processing of the Shared Personal Data.
Sample 1
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!