SECURITY OF SHARED INFORMATION Sample Clauses

SECURITY OF SHARED INFORMATION. 6.1 The information passed between the Board and the Local Authorities under this Protocol can include extremely sensitive data. The Parties have evaluated the appropriate level of security and have concluded that the highest available levels of both organisational and technical security measures will be applied to this information. 6.2 Both the Board and the Local Authorities have information security policies which are designed to protect the information (particularly, but not exclusively, personal information) which they hold. These policies are binding on all staff of the employing Party and disciplinary action could be taken against staff who violate them. The policies apply to information held by that Party, whether it has originated with that Party or been passed to it by the other. Where there is a joint or integrated team, each member of staff continues to be bound by their own organisation’s security policy. The governance arrangements for such joint working will address any particular security issues which require to be addressed beyond the scope of the general information security policies. Where the Board and a Local Authority establish any joint databases, the agreements regulating the creation and use of such databases will explicitly assign responsibility for information security to one or the other Party to ensure that this is not overlooked. 6.3 The Parties will review their respective information security policies and associated procedures in the light of this Protocol to ensure that they are compatible with each other. Any identified areas where they are not will be the subject of local guidance designed as a minimum to bring the less secure Party or Parties up to the level of the most secure one, and ultimately to bring all Parties up to the highest available levels of both organisational and technical security measures as indicated in Section 6.1. In addition, the professional staff of both organisations have shared professional values and obligations of confidentiality to service users and may be subject to professional disciplinary action (as well as, or instead of, disciplinary action by their employer) if they breach those obligations. This is emphasised in staff training. In extreme cases of knowingly and recklessly disclosing personal information without the consent of the data controller, a criminal offence may have been committed and in appropriate circumstances any Party may refer a member of staff (or other individual) to th...
Sample 1Sample 2Sample 3See All (6)
AutoNDA by SimpleDocs
SECURITY OF SHARED INFORMATION. The Peer Reviewer acknowledges their obligations under the legislation and will use reasonable endeavours to perform their obligations under this Agreement in such a way as to not cause a breach of any applicable obligations under Data Protection legislation. The Peer Reviewer’s endeavours will include but are not limited to: not disclosing the log-in or password giving them access to CASTLE, carrying out work in a secure environment which does not compromise the security of Shared Information, deleting all electronic Shared Information (including anything processed automatically) and securely destroying any ancillary documents or records resulting from the peer review process, all within the terms of their Consultancy Agreement. The laptop provided to the Peer Reviewer will be encrypted and SLAB will remain the owner of this at all times. The laptop will be returned to SLAB when the Consultancy Agreement is terminated. SLAB will remove all information relating to the peer review (including any Shared Information that has been processed automatically) from the laptop. The laptop will be managed by SLAB and be subject to their security policies and procedures. Should Shared Information be lost or be released without authority it must be reported within 24 hours of the loss or unauthorised release being identified, and will be dealt with in line with the Agency’s Data Protection Policy. LIABILITIES The Agency remains liable for the security of Shared Information at all times during the peer review process.
Sample 1Sample 2See All (4)
SECURITY OF SHARED INFORMATION. 1.6.1 The Board and the Local Authorities recognise that the sort of information they exchange with each other requires the highest levels of information security. All Parties have strict information security policies which must be applied to information exchanged under this Protocol. All staff having access to shared information are professionals who have professional and contractual confidentiality obligations which the Parties agree to enforce if necessary. This is reinforced through staff induction procedures and training. More detail on this can be found in section 6 below.
Sample 1Sample 2Sample 3
SECURITY OF SHARED INFORMATION. 1.4.1 The Board and the Local Authorities agree that following an evaluation of information sensitivity and business impact levels, the highest available levels of both organisational and technical security measures will be applied All Parties have strict information security policies which must be applied to information exchanged under this Protocol. All staff having access to shared information are professionals who have professional and contractual confidentiality obligations which the Parties agree to enforce if necessary. This is reinforced through staff induction procedures and training. More detail on this can be found in section 4 below.
Sample 1Sample 2
SECURITY OF SHARED INFORMATION. All Partner Organisations must ensure they have sufficient levels of security in place to access the LCC ISSIS system. ELHT and LCC must ensure access to the ISSIS system is made via a secure network connection and system access authorised and approved by LCC. LCC staff will provide ISSIS System access to all ELHT staff requested by the OT Service Management in line with the ISSIS system access policy in place with LCC. All system users who are accessing the system must ensure that they do not disclose their username and password and that they access the system in a safe and secure manner. LCC System audit processes will ensure where appropriate that an audit trail in place for any interactions on the system. This will ensure that if a discrepancy or issue is found this can be traced back to the originator. Any breach of confidentiality must be reported to the appropriate Caldicott Guardian and Information Governance lead using the appropriate incident reporting process within the respective organisations for appropriate investigation and action.
Sample 1Sample 2
SECURITY OF SHARED INFORMATION. 10.1 In addition to the requirements of Clause 9 in respect of Personal Data, the SSSC agrees to process all Shared Data in accordance with the security provisions set out in this clause. 10.2 A security incident may result in the Care Inspectorate, individuals, ICT systems and/or the information held on them being exposed, or potentially exposed, to illegitimate access. As a result, incidents have the potential to contravene the Data Protection Laws, and to compromise the Care Inspectorate’s and/or SSSC’s business, and the confidentiality, integrity and/or availability of ICT systems and/or the information that is held on them. 10.3 Security incidents can cover a wide range of events and may be categorised, but are not limited, to the following:
Sample 1
SECURITY OF SHARED INFORMATION. 13.1 Each Party should consider making it a condition of employment that employees will abide by their rules and policies in relation to the protection and use of confidential information. This condition should be written into employment contracts and any failure by an individual to follow the policy should be dealt with in accordance with that Party’s disciplinary procedures. 13.2 Each Party should ensure that their contracts with external service providers include a condition that they abide by their rules and policies in relation to the protection and use of confidential information. 13.3 The Party that originally supplied information should be notified of any breach of confidentiality or incident involving a risk or breach of the security of information. 13.4 Each Party must be aware that a Data Subject may withdraw consent to processing of their personal information. In this case processing can only continue where a lawful basis for processing is applicable. 13.5 Where a Party relies on consent as the condition for processing personal data then withdrawal means that the condition for processing will no longer apply. Withdrawal of consent should be communicated to the other Party and processing cease as soon as possible.
Sample 1
AutoNDA by SimpleDocs
SECURITY OF SHARED INFORMATION. 7.1 The Information Recipient agrees to process all the shared information in accordance with the following security requirements: a. access to the shared information, any copies made of the shared information and the information contained in them is limited solely to the persons specified in this ISA; b. access to the shared information is minimised to the smallest pool of accessible records possible; c. the confidentiality of the shared information will be preserved in outputs and publications, as detailed in Clauses 15 and 16;
Sample 1
SECURITY OF SHARED INFORMATION. The Gateway software is provided by CDPSoft and is subject to their security arrangements, including maintenance of an SSL certificate, regular penetration testing by IBM Rational Appscan, as well as additional measures to prevent URL hacking, Crosssite Scripting and SQL Injection attacks in accordance with Open Web Application Security Project (OWASP) guidelines. CDPSoft will ensure via these provisions that the transmission process is free from any unauthorised or unlawful interception or access. The AINU will be responsible for contingency planning in the case of loss of connectivity to the Gateway, and providing off-line solutions. The AINU will maintain a list of current Gateway users which may be used to identify security breaches.
Sample 1
SECURITY OF SHARED INFORMATION. The law Personal information shall be protected by appropriate technical and organisational measures. What the MASH does 1. Each organisation will work to adopt the ISO27001:2013 security standard and the government’s protective marking scheme, or equal or greater standards, in order to keep data consistent and secure 2. Each organisation will ensure that it has appropriate organisational and technical security arrangements in place to protect the information that it has access to. 3. Each organisation is aware that where sensitive personal data is shared between parties via email, that secure encrypted email should be used, for example .gsi, .pnn, .cjsm.
Sample 1
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!