SECURITY OF SHARED INFORMATION. 6.1 The information passed between the Board and the Local Authorities under this Protocol can include extremely sensitive data. The Parties have evaluated the appropriate level of security and have concluded that the highest available levels of both organisational and technical security measures will be applied to this information.
SECURITY OF SHARED INFORMATION. 1.6.1 The Board and the Local Authorities recognise that the sort of information they exchange with each other requires the highest levels of information security. All Parties have strict information security policies which must be applied to information exchanged under this Protocol. All staff having access to shared information are professionals who have professional and contractual confidentiality obligations which the Parties agree to enforce if necessary. This is reinforced through staff induction procedures and training. More detail on this can be found in section 6 below.
SECURITY OF SHARED INFORMATION. The Peer Reviewer acknowledges their obligations under the legislation and will use reasonable endeavours to perform their obligations under this Agreement in such a way as to not cause a breach of any applicable obligations under Data Protection legislation. The Peer Reviewer’s endeavours will include but are not limited to: not disclosing the log-in or password giving them access to CASTLE, carrying out work in a secure environment which does not compromise the security of Shared Information, deleting all electronic Shared Information (including anything processed automatically) and securely destroying any ancillary documents or records resulting from the peer review process, all within the terms of their Consultancy Agreement. The laptop provided to the Peer Reviewer will be encrypted and SLAB will remain the owner of this at all times. The laptop will be returned to SLAB when the Consultancy Agreement is terminated. SLAB will remove all information relating to the peer review (including any Shared Information that has been processed automatically) from the laptop. The laptop will be managed by SLAB and be subject to their security policies and procedures. Should Shared Information be lost or be released without authority it must be reported within 24 hours of the loss or unauthorised release being identified, and will be dealt with in line with the Agency’s Data Protection Policy. LIABILITIES The Agency remains liable for the security of Shared Information at all times during the peer review process.
SECURITY OF SHARED INFORMATION. All Partner Organisations must ensure they have sufficient levels of security in place to access the LCC ISSIS system. ELHT and LCC must ensure access to the ISSIS system is made via a secure network connection and system access authorised and approved by LCC. LCC staff will provide ISSIS System access to all ELHT staff requested by the OT Service Management in line with the ISSIS system access policy in place with LCC. All system users who are accessing the system must ensure that they do not disclose their username and password and that they access the system in a safe and secure manner. LCC System audit processes will ensure where appropriate that an audit trail in place for any interactions on the system. This will ensure that if a discrepancy or issue is found this can be traced back to the originator. Any breach of confidentiality must be reported to the appropriate Caldicott Guardian and Information Governance lead using the appropriate incident reporting process within the respective organisations for appropriate investigation and action.
SECURITY OF SHARED INFORMATION. 13.1 Each Party should consider making it a condition of employment that employees will abide by their rules and policies in relation to the protection and use of confidential information. This condition should be written into employment contracts and any failure by an individual to follow the policy should be dealt with in accordance with that Party’s disciplinary procedures.
SECURITY OF SHARED INFORMATION. 7.1 The Information Recipient agrees to process all the shared information in accordance with the following security requirements:
SECURITY OF SHARED INFORMATION. The law Personal information shall be protected by appropriate technical and organisational measures. What the MASH does
SECURITY OF SHARED INFORMATION. 10.1 In addition to the requirements of Clause 9 in respect of Personal Data, the SSSC agrees to process all Shared Data in accordance with the security provisions set out in this clause.
SECURITY OF SHARED INFORMATION. The Gateway software is provided by CDPSoft and is subject to their security arrangements, including maintenance of an SSL certificate, regular penetration testing by IBM Rational Appscan, as well as additional measures to prevent URL hacking, Crosssite Scripting and SQL Injection attacks in accordance with Open Web Application Security Project (OWASP) guidelines. CDPSoft will ensure via these provisions that the transmission process is free from any unauthorised or unlawful interception or access. The AINU will be responsible for contingency planning in the case of loss of connectivity to the Gateway, and providing off-line solutions. The AINU will maintain a list of current Gateway users which may be used to identify security breaches.
SECURITY OF SHARED INFORMATION. 1.4.1 The Parties agree that following an evaluation of information sensitivity and business impact levels, the highest available levels of both organisational and technical security measures will be applied. All Parties have strict information security policies which must be applied to information exchanged under this Protocol. All staff having access to shared information are professionals who have professional and contractual confidentiality obligations which the Parties agree to enforce if necessary. This is reinforced through staff induction procedures and training. More detail on this can be found in section 4 below.
