Security of Client Data Sample Clauses

Security of Client Data. Each party shall implement appropriate technical, physical and organizational security measures to safeguard Client Personal Data from unauthorized processing or accidental loss or damage, as further described in the applicable Service Description (the “Data Safeguards”). Taking into account the ongoing state of technological development, the costs of implementation and the nature, scope, context and purposes of the processing of the Client Personal Data, as well as the likelihood and severity of risk to individuals, Accenture’s implementation of and compliance with the Data Safeguards is designed to provide a level of security appropriate to the risk in respect of the processing of the Client Personal Data.
AutoNDA by SimpleDocs
Security of Client Data. AdvancedMD agrees to maintain the security of Client Data using industry- standard data security protocols, and other methods reasonably deemed to be adequate for secure business data. AdvancedMD shall employ commercially reasonable storage and reasonable precautions to prevent the loss of or alteration to Client’s Data, but AdvancedMD does not guarantee against any such loss or alteration. AdvancedMD is not, and will not be, Client’s official record keeper.
Security of Client Data. 4.1 The Sub-Administrator shall adopt written security policies and procedures intended to prevent unauthorized access or damage to Client Data in accordance with good industry practice and shall follow such procedures at all times during the terms of this Agreement. 4.2 The Sub-Administrator shall promptly (and, in any case, within one Business Day) notify the Client in writing of any unauthorized destruction, loss, alteration, damage or disclosure of, or access to, Client Data (a “Data Breach”) of which it becomes aware. In the event of any Data Breach, the Sub-Administrator shall use reasonable commercial efforts to restore any lost or damaged Client Data from the latest backup maintained by the Sub-Administrator. 4.3 In accordance with the terms of this Agreement, the Sub-Administrator shall maintain the security of Client Data by protecting the confidentiality and availability of the Client Data, defined as follows:
Security of Client Data. Poka will maintain during the Term the appropriate technical and organizational measures to ensure the security and backup of Client Data including protection against unauthorized or unlawful processing and against accidental or unlawful destruction, loss or alteration in accordance with Xxxx’s Security Policy.
Security of Client Data. 2-1-1 San Diego shall establish, implement and maintain commercially reasonable security measures to ensure the privacy and security of Client Data while at rest in the Database and during its transmittal to and from Participants through the Database.

Related to Security of Client Data

  • Security of Confidential Information Each party possessing Confidential Information of the other party will maintain all such Confidential Information under secure conditions, using reasonable security measures and in any event not less than the same security procedures used by such party for the protection of its own Confidential Information of a similar kind.

  • Client Data The Subrecipient shall maintain client data demonstrating client eligibility for services provided. Such data shall include, but not be limited to, client name, address, income level or other basis for determining eligibility, and description of service provided. Such information shall be made available to Grantee monitors or their designees for review upon request.

  • Security of Data a. Each of the parties shall: i. ensure as far as reasonably practicable, that Data is properly stored, is not accessible to unauthorised persons, is not altered, lost or destroyed and is capable of being retrieved only by properly authorised persons; ii. subject to the provisions of Sub-Clause 8.a. ensure that, in addition to any security, proprietary and other information disclosure provision contained in the Contract, Messages and Associated Data are maintained in confidence, are not disclosed or transmitted to any unauthorised person and are not used for any purpose other than that communicated by the sending party or permitted by the Contract; and iii. protect further transmission to the same degree as the originally transmitted Message and Associated Data when further transmissions of Messages and Associated Data are permitted by the Contract or expressly authorised by the sending party. b. The sending party shall ensure that Messages are marked in accordance with the requirements of the Contract. If a further transmission is made pursuant to Sub-Clause 3. a. iii. the sender shall ensure that such markings are repeated in the further transmission. c. The parties may apply special protection to Messages by encryption or by other agreed means, and may apply designations to the Messages for protective Interchange, handling and storage procedures. Unless the parties otherwise agree, the party receiving a Message so protected or designated shall use at least the same level of protection and protective procedures for any further transmission of the Message and its Associated Data for all responses to the Message and for all other communications by Interchange or otherwise to any other person relating to the Message. d. If either party becomes aware of a security breach or breach of confidence in relation to any Message or in relation to its procedures or systems (including, without limitation, unauthorised access to their systems for generation, authentication, authorisation, processing, transmission, storage, protection and file management of Messages) then it shall immediately inform the other party of such breach. On being informed or becoming aware of a breach the party concerned shall: i. immediately investigate the cause, effect and extent of such breach; ii. report the results of the investigation to the other party; and iii. use all reasonable endeavours to rectify the cause of such breach. e. Each party shall ensure that the contents of Messages that are sent or received are not inconsistent with the law, the application of which could restrict the content of a Message or limit its use, and shall take all necessary measures to inform without delay the other party if such an inconsistency arises.

  • Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.

  • Security of Information Unless otherwise specifically authorized by the DOH Chief Information Security Officer, Contractor receiving confidential information under this contract assures that: • Encryption is selected and applied using industry standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program against all information stored locally and off-site. Information must be encrypted both in-transit and at rest and applied in such a way that it renders data unusable to anyone but authorized personnel, and the confidential process, encryption key or other means to decipher the information is protected from unauthorized access. • It is compliant with the applicable provisions of the Washington State Office of the Chief Information Officer (OCIO) policy 141, Securing Information Technology Assets, available at: xxxxx://xxxx.xx.xxx/policy/securing-information-technology-assets. • It will provide DOH copies of its IT security policies, practices and procedures upon the request of the DOH Chief Information Security Officer. • DOH may at any time conduct an audit of the Contractor’s security practices and/or infrastructure to assure compliance with the security requirements of this contract. • It has implemented physical, electronic and administrative safeguards that are consistent with OCIO security standard 141.10 and ISB IT guidelines to prevent unauthorized access, use, modification or disclosure of DOH Confidential Information in any form. This includes, but is not limited to, restricting access to specifically authorized individuals and services through the use of: o Documented access authorization and change control procedures; o Card key systems that restrict, monitor and log access; o Locked racks for the storage of servers that contain Confidential Information or use AES encryption (key lengths of 256 bits or greater) to protect confidential data at rest, standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program (CMVP); o Documented patch management practices that assure all network systems are running critical security updates within 6 days of release when the exploit is in the wild, and within 30 days of release for all others; o Documented anti-virus strategies that assure all systems are running the most current anti-virus signatures within 1 day of release; o Complex passwords that are systematically enforced and password expiration not to exceed 120 days, dependent user authentication types as defined in OCIO security standards; o Strong multi-factor authentication mechanisms that assure the identity of individuals who access Confidential Information; o Account lock-out after 5 failed authentication attempts for a minimum of 15 minutes, or for Confidential Information, until administrator reset; o AES encryption (using key lengths 128 bits or greater) session for all data transmissions, standard algorithms validated by NIST CMVP; o Firewall rules and network address translation that isolate database servers from web servers and public networks; o Regular review of firewall rules and configurations to assure compliance with authorization and change control procedures; o Log management and intrusion detection/prevention systems; o A documented and tested incident response plan Any breach of this clause may result in termination of the contract and the demand for return of all personal information.

  • Privacy of Customer Information Company Customer Information in the possession of the Agent, other than information independently obtained by the Agent and not derived in any manner from or using information obtained under or in connection with this Agreement, is and shall remain confidential and proprietary information of the Companies. Except in accordance with this Section 10.10, the Agent shall not use any Company Customer Information for any purpose, including the marketing of products or services to, or the solicitation of business from, Customers, or disclose any Company Customer Information to any Person, including any of the Agent’s employees, agents or contractors or any third party not affiliated with the Agent. The Agent may use or disclose Company Customer Information only to the extent necessary (i) for examination and audit of the Agent’s activities, books and records by the Agent’s regulatory authorities, (ii) to protect or exercise the Agent’s, the Custodian’s and the Lenders’ rights and privileges or (iii) to carry out the Agent’s, the Custodian’s and the Lenders’ express obligations under this Agreement and the other Facilities Papers (including providing Company Customer Information to Approved Investors), and for no other purpose; provided that the Agent may also use and disclose the Company Customer Information as expressly permitted by the relevant Company in writing, to the extent that such express permission is in accordance with the Privacy Requirements. The Agent shall take commercially reasonable steps to ensure that each Person to which the Agent intends to disclose Company Customer Information, before any such disclosure of information, agrees to keep confidential any such Company Customer Information and to use or disclose such Company Customer Information only to the extent necessary to protect or exercise the Agent’s, the Custodian’s and the Lenders’ rights and privileges, or to carry out the Agent’s, the Custodian’s and the Lenders’ express obligations, under this Agreement and the other Facilities Papers (including providing Company Customer Information to Approved Investors). The Agent agrees to maintain an Information Security Program and to assess, manage and control risks relating to the security and confidentiality of Company Customer Information pursuant to such program in the same manner as the Agent does so in respect of their own customers’ information, and shall implement the standards relating to such risks in the manner set forth in the Interagency Guidelines Establishing Standards for Safeguarding Company Customer Information set forth in 12 CFR Parts 30, 208, 211, 225, 263, 308, 364, 568 and 570. Without limiting the scope of the foregoing sentence, the Agent shall use at least the same physical and other security measures to protect all Company Customer Information in the Agent’s possession or control as the Agent uses for their own customers’ confidential and proprietary information.

  • Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.

  • Security Technology When the service is accessed using a supported web browser, Secure Socket Layer (“SSL”), or equivalent technology shall be employed to protect data from unauthorized access. The service security measures shall include server authentication and data encryption. Provider shall host data pursuant to the DPA in an environment using a firewall that is periodically updated according to industry standards.

  • Personal Information security breach Supplier/Service Provider’s Obligations a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data. b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.

  • Customer Data 5.1 The Customer shall own all rights, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data. 5.2 The Supplier shall follow its archiving procedures for Customer Data as set out in its Back-Up Policy available at XxxxxXXX.xxx or such other website address as may be notified to the Customer as such document may be amended by the Supplier in its sole discretion from time to time the current version of which is set out at Schedule 3 of this Agreement. In the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier in accordance with the archiving procedure described in its Back-Up Policy. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back-up). 5.3 The Supplier shall, in providing the Services, comply with its Privacy and Security Policy as such document may be amended from time to time by the Supplier in its sole discretion. 5.4 If the Supplier processes any personal data on the Customer’s behalf when performing its obligations under this agreement, the parties record their intention that the Customer shall be the data controller and the Supplier shall be a data processor and in any such case: (a) the Customer shall ensure that the Customer is entitled to transfer the relevant personal data to the Supplier so that the Supplier may lawfully use, process and transfer the personal data in accordance with this agreement on the Customer's behalf; (b) the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection legislation; (c) the Supplier shall process the personal data only in accordance with the terms of this agreement and any lawful instructions reasonably given by the Customer from time to time; and (d) each party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage. 5.5 The Supplier and the Customer shall comply with their respective obligations as set out in Schedule 4 of this Agreement

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!