Security Obligations Sample Clauses
Security Obligations. The Vendor agrees to comply with the following security obligations as well as any other such obligations specified in the contract, including requirements set forth in any applicable Business Associate Agreement as may be attached to this Contract, or conveyed to him/her during the course of the Agreement. The Vendor agrees to comply with the following security obligations:
A. Implement administrative, physical and technical safeguards in accordance with NIST standards that reasonably and appropriately protect the confidentiality, integrity and availability of any Confidential Information that is created, received, maintained, used, possessed, stored, accessed, viewed and/or transmitted on behalf of OIT or through OIT or any agency, instrumentality or political subdivision of the State of Maine Government;
B. Unless otherwise authorized by OIT, Confidential Information may NOT be stored on personal (non-State) computing or other electronic or mobile storage devices or taken or removed in any form from OIT or the State;
C. Vendor shall comply with all applicable federal and state laws governing confidentiality and/or privacy of information;
D. Vendor shall comply with all applicable OIT policies and procedures including but not limited to those that provide for accessing, protecting, and preserving State assets;
E. Access to any and all Confidential Information will be limited to only those authorized persons who need the Information to perform the services required under the Contract;
F. Obtain fingerprint-based criminal history record checks for all Vendor's employees, agents and subcontractors when requested by OIT pursuant to federal and state statutory and regulatory directives, at the expense of the Vendor;
G. Vendor shall instruct all personnel having access to Confidential Information about the confidential nature of the Information, the safeguards required to protect the Information, and the sanctions specified in federal and state law for unauthorized disclosure of said Information; and
H. Vendor shall use only those access rights granted by OIT.
Security Obligations x. XXXXX hereby acknowledges that AGENCY has a responsibility under the law to keep PII (as defined in Appendix A) private and confidential, and as a result of any PII received by FORTE in the performance of this Agreement, FORTE shall have the same responsibility. FORTE also acknowledges that the PII to which it will have access pursuant to this Agreement (if any), that FORTE shall gain possession of any ownership or other proprietary rights with respect to such PII. FORTE acknowledges and understands that PII may be subject to applicable local, state and federal Rules and Laws and applicable information industry standards; provided however, to the extent that AGENCY informs FORTE of a local law expanding the definition of PII in Appendix A, FORTE shall only be required to use commercially reasonable efforts to comply with such expanded local requirements.
b. Consumer Information that is collected or obtained from AGENCY pursuant to this Agreement shall be stored and maintained by FORTE in a secure environment and transmitted by FORTE in a secure form that meets industry-mandated data security standards. Although FORTE will protect and safeguard PII in a manner that meets industry-mandated data security standards, the parties agree that there may be some instances in which PII or certain PII data elements are protected in a more secure manner than other data (e.g., encryption).
Security Obligations. Jotform shall implement the administrative, physical, and technical safeguards set forth in 45 C.F.R. §§ 164.308, 164.310, and 164.312 that reasonably and appropriately protect the confidentiality, integrity, and availability of any Electronic PHI that Jotform creates, receives, maintains, or transmits on behalf of Customer, and, in accordance with 45 C.F.R. § 164.316, implement and maintain reasonable and appropriate policies and procedures to enable Jotform to comply with the requirements set forth in Sections 164.308, 164.310, and 164.312.
Security Obligations. Licensee shall take all reasonable precautions to prevent unauthorized or improper access to or use of the Services provided to Licensee hereunder.
Security Obligations. The Security Standards specified in 45 CFR 164 Subpart C including the requirements of Sections 164.306, 164.308, 164.310, 164.312, 164.314 and 164.316, apply to the Business Associate in the same manner that such sections apply to KDADS (45 CFR 164.302). The Business Associate’s required obligations include, but are not limited to, the following:
Security Obligations. 3.1. You will not disclose any personal details and/or access details including your applicant or student ID which has been issued to you for your online application and registration to any unauthorised third party or record such details in any way that may result in them becoming known to a third party. If you do not keep your personal details/access details safe, you give up any claim you may have against us for any loss or damage you may suffer because you have not kept them safe.
3.2. After your access details/applicant or student ID have been entered, we will assume that any activity in relation to your online registration is yours and any instruction is genuine. Even if someone else uses your access details, we may carry out an instruction as if you authorised it.
3.3. We confirm that we have reasonable security safeguards in place to protect your access details and other personal or confidential information provided by you via the online registration process. However, you accept that, while we will take all reasonable steps to prevent security breaches in respect of online registrations, any information sent over an unsecured link or communication system is susceptible to unlawful monitoring, interception, or access by a third party, for which we will not be responsible.
Security Obligations. (a) Network Provider shall identify an appropriately skilled individual to function as its Data Security Officer. This Security Officer shall act as the liaison to ChildNet’s Security Staff and will maintain an appropriate level of data security for the information Network Provider is collecting or using in the performance of this Subcontract. This includes approving and tracking all Network Provider employees that request system or information access and ensuring that user access has been removed from all terminated provider employees. Additionally, Network Provider shall comply with ChildNet’s Policy and Procedures, CN 012-015, Security-User Responsibility, which can be located on ChildNet’s website at xxxx://xxx.xxxxxxxx.xx/portal/375.
(b) Network Provider shall furnish Security Awareness Training to all direct care staff and all staff having access to computers or file information on an annual basis. All new staff must complete the training within ten (10) days of hire and subsequently on an annual basis. This training shall be conducted on-line through the Department’s website xxxx://xxx.xxxxxxxxxxxx.xxx/general-information/dcf-training. Upon completion of the on line training, a certificate will be made available and shall be printed and placed in the employee’s personnel file.
(c) Network Provider shall ensure that all Network Provider employees who have access to ChildNet or Department information are provided a copy of CFOP 50-2 which can be located under “Publications” at the Department’s website at xxxxx://xxx.xxxxxxxxxxxx.xxx/DCFFormsInternet/Search/OpenDCFForm.aspx?FormId =15. The Department’s Security Agreement form (CF114), which is attached hereto as Attachment X must be signed annually and the signed original retained by Network Provider in the employee’s personnel file.
(d) Network Provider shall make every effort to protect and avoid unauthorized release of any personal or confidential information by ensuring both data and mobile storage devices are encrypted as prescribed in Chapter 74-2.003, F.A.C., and CFOP 50-2, Chapter 4 to protect all data. If encryption of these devices is not possible, then Network Provider shall ensure that unencrypted personal and confidential data will not be stored on unencrypted storage devices.
(e) Network provider agrees to notify the Contract Manager as soon as possible, but no later than (3) business days following the determination of any breach or potential breach of personal and confidential data. Add...
Security Obligations. Within 14 days of the installation of any software into the Permanent Works by the Contractor, the Contractor shall submit to the Engineer for retention by the Authority/Engineer two backup copies of the software, which shall include, without limitation: All licenses in favour of Authority for their use. All source and executable code; All design documentation relating to the software; and Any specified development tools required for maintenance of the software, including, but not limited to, editors, compilers and linkers.
Security Obligations. The Company and each of its Subsidiaries is in compliance with all national security obligations, including those specified in the National Industrial Security Program Operating Manual, DOD 5220.22-M (January 1995). Neither the Company nor any of its Subsidiaries has been subject to any security audit or inspection by the United States government during the past three (3) years (except for routine audits or inspections in the Ordinary Course of Business). No facts currently exist that could reasonably be expected to give rise to the revocation of any facility security clearance of the Company, any of its Subsidiaries or of any security clearance held by their respective executive officers, managers, or persons designated in any Government Contract or Bid as a key person. The Company reasonably believes that, based upon Company’s Knowledge of Parent and Purchaser and its understanding of the structure and outcome of the transactions contemplated by this Agreement, all necessary approvals and agreements from or with Governmental Entities as required under FAR Subpart 42.12 and the National Industrial Security Program Operating Manual (DoD 5220.22-M) (the “NISPOM”), as amended, will be able to be obtained.
Security Obligations. Cognito Forms shall implement the administrative, physical, and technical safeguards set forth in 45 C.F.R. §§ 164.308, 164.310, and 164.312 that reasonably and appropriately protect the confidentiality, integrity, and availability of any Electronic PHI that Cognito Forms creates, receives, maintains, or transmits on behalf of {Organization}, and, in accordance with 45 C.F.R. § 164.316, implement and maintain reasonable and appropriate policies and procedures to enable Cognito Forms to comply with the requirements set forth in Sections 164.308, 164.310, and 164.312.