Common use of Security of Electronic Information Clause in Contracts

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. Protect and maintain the confidentiality of passwords used to access CDI; b. Notify the District when Service Provider’s access to CDI is no longer necessary; c. Notify the District within two days of discovery if passwords used to access CDI by Service Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. Protect and maintain the confidentiality of passwords used to access CDI; b. Notify the District when Service Provider’s access to CDI is no longer necessary; c. Notify the District within two ten days of discovery if passwords used to access CDI by Service Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. A. Protect and maintain the confidentiality of passwords used to access CDI; b. B. Notify the District when Service Provider’s access to CDI is no longer necessary; c. C. Notify the District within two days of discovery if passwords used to access CDI by Service Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. Protect and maintain the confidentiality of passwords used to access CDI; b. Notify the District when Service Provider’s access to CDI is no longer necessary; c. Notify the District within two seven days of discovery if passwords used to access CDI by Service byService Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices recognized standards to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. Protect and maintain the confidentiality of passwords used to access CDI; b. Notify the District when Service Provider’s access to CDI is no longer necessary; c. Notify the District within two five (5) business days of discovery if passwords used to access CDI by Service Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. Protect and maintain the confidentiality of passwords used to access CDI; b. Notify the District when Service Provider’s access to CDI is no longer necessary; c. Notify the District within two days 72 hours of discovery if passwords used to access CDI by Service Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.

Security of Electronic Information. Service Provider shall develop, implement, maintain and use appropriate administrative, technical and physical security measures and technical safeguards to preserve the confidentiality, integrity and availability of all electronically maintained or transmitted CDI received from or on behalf of the District or its students or employees. Service Provider shall store and process CDI in accordance with industry best practices to secure CDI from unauthorized access, disclosure and use. These security measures and technical safeguards shall be extended by express written agreement to all subcontractors and third parties used by Service Provider. Service Provider shall at a minimum: a. Protect and maintain the confidentiality of passwords used to access CDI; b. Notify the District when Service Provider’s 's access to CDI is no longer necessary; c. Notify the District within two days of discovery if passwords used to access CDI by Service Provider, a subcontractor, or other third party are lost, stolen, or otherwise obtained or potentially obtained by unauthorized users. Service Provider will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.