Security Practices and Procedures Sample Clauses
The 'Security Practices and Procedures' clause defines the standards and protocols that parties must follow to protect sensitive information and systems from unauthorized access, breaches, or other security threats. Typically, this clause outlines requirements such as implementing encryption, access controls, regular security audits, and compliance with relevant laws or industry standards. Its core function is to ensure that both parties maintain robust security measures, thereby reducing the risk of data breaches and safeguarding confidential or personal data throughout the duration of the agreement.
Security Practices and Procedures. 1.1. Company shall implement and maintain a security management policy that is in compliance with the standards and controls of ISO 27000 (or subsequent version) or an equivalent industry standard for information security management.
1.2. The Company shall maintain security practices and standards designed to secure the organization’s environment, protect the confidentiality, integrity, and availability of the organization’s information and computing environment from a wide range of threats, and minimize the impact on the business.
Security Practices and Procedures. Screencastify has implemented the following security controls intended to provide reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of the PII in its custody:
a. Screencastify has designated a privacy officer responsible for information security governance and maintains privacy policies and practices that support compliance with the Family Educational Rights and Privacy Act (“FERPA”), the Children's Online Privacy Protection Act (“COPPA”) and other applicable laws.
b. PII is hosted in Google Cloud data centers located in the United States that maintain their own rigorous industry standard certifications and compliance offerings.
c. Screencastify will comply with its privacy policy at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/privacy/policy.
d. All provisions of the Customer’s Parents’ Bill of Rights for data privacy and security as required by New York Ed Law 2d are incorporated into this Plan.
e. Screencastify provides regular privacy and security awareness training, including training on applicable laws that govern the handling of PII, to its employees who will have access to PII.
f. Screencastify limits internal access to education records and PII to those individuals that are determined to have legitimate educational interests within the meaning of §2-d and FERPA; e.g., the individual needs access to the PII in order to fulfill his or her responsibilities in performing services to the Customer;
g. Screencastify uses encryption technology and other suitable means to protect the PII in Screencastify’s custody, whether in motion or at rest, from unauthorized disclosure using a technology or methodology specified by the secretary of the U.S. Department of Health and Human Services in guidance issued under P.L. 111-5, Section 13402(H)(2), or any other technology or methodology specifically authorized by applicable statute, regulation or the New York State Education Department;
h. If Screencastify becomes aware of any breach of security resulting in an unauthorized release of Customer’s PII by Screencastify or its subcontractors, Screencastify will notify Customer as required by applicable law or otherwise where Screencastify deems necessary to protect the safety and security of PII.
i. Screencastify uses a minimum encryption of AES256 for all data at rest and a minimum of TLS 1.3 for all data in transit.
Security Practices and Procedures. Seller and Seller’s employees and subcontractors who perform under this Agreement shall comply with the security practices and procedures prescribed for Buyer’s Facilities, which shall be consistent with industry practices. Seller shall advise its employees and subcontractors and their employees of these practices and procedures and secure their consent to abide by these procedures.
Security Practices and Procedures. The Credit Parties have implemented security practices and procedures at the Projects in accordance, in all material respects, with Applicable Laws and consistent with the HSEC Policy and Good Industry Practice.