Standards for Safeguarding Information Sample Clauses

Standards for Safeguarding Information. Scope: This Rider addresses the Contractor’s responsibility for safeguarding Protected University Data. For the purposes of this Rider, Protected University Data is defined as any data or information owned by Institution that the Contractor creates, obtains, accesses (via records, systems, or otherwise), receives (from Institution or on behalf of the Institution), or uses in the course of its performance of the agreement which include, but not be limited to: social security numbers; drivers’ license numbers; credit card numbers; and all information whose collection, disclosure, protection, and disposition is governed by state or federal law or regulation, particularly information subject to the Family Educational Rights and Privacy Act (FERPA).
Sample 1Sample 2Sample 3See All (9)
AutoNDA by SimpleDocs
Standards for Safeguarding Information. The Contractor is expected to comply with these standards as outlined in Rider C - University of Maine System
Sample 1Sample 2Sample 3See All (9)
Standards for Safeguarding Information. Should the Contractor fail to comply with the standards and is unable to reasonably cure its noncompliance within 60 days, the University may terminate this agreement. The University will be entitled to receive a prorated refund measured from the effective date of the termination.
Sample 1Sample 2Sample 3See All (8)
Standards for Safeguarding Information. The Contractor agrees to implement reasonable and appropriate security measures to protect all systems that transmit, store or process Compliant Data and Business Sensitive Information or personally identifiable information from Compliant Data and Business Sensitive Information furnished by the University, or collected by the Contractor on behalf of the University, against loss of data, unauthorized use or disclosure, and take measures to adequately protect against unauthorized access and malware in the course of this engagement. A. Compliant Data and Business Sensitive Information may include, but is not limited to names, addresses, phone numbers, financial information, bank account and credit card numbers, other employee and student personal information (including their academic record, etc.), Drivers License and Social Security numbers, in both paper and electronic format. B. If information pertaining to student educational records is accessed, transferred, stored or processed by Contractor; Contractor shall protect such data in accordance with FERPA. C. If information pertaining to protected health information is accessed, used, collected, transferred, stored or processed by Contractor; Contractor shall protect such data in accordance with HIPAA and Contractor shall sign and adhere to a Business Associate Agreement. D. If Contractor engages in electronic commerce on behalf of the University or cardholder data relating to University activities is accessed, transferred, stored or processed by Contractor; Contractor shall protect such data in accordance with current PCI-DSS guidelines. E. If information pertaining to protected “Customer Financial Information” is accessed, transferred, stored or processed by Contractor; Contractor shall protect such data in accordance with GLBA.
Sample 1
Standards for Safeguarding Information. Should the Contractor fail to comply with the standards and is unable to reasonably cure its noncompliance within 60 days, the University may terminate this agreement. .
Sample 1
Standards for Safeguarding Information. The Contractor is expected to comply with these standards as outlined in Rider C - University of Maine System Standards for Safeguarding Information. Should the Contractor fail to comply with the standards and is unable to reasonably cure its noncompliance within 60 days, the University may terminate this agreement. The University will be entitled to receive a prorated refund measured from the effective date of the termination. This Attachment addresses the Contractor’s responsibility for safeguarding Compliant Data and Business Sensitive Information consistent with the University of Maine System’s Information Security Policy and Standards. (xxxxxxxxxxxx.xxxxx.xxx) Compliant Data is defined as data that the University needs to protect in accordance with statute, contract, law or agreement. Examples include Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Accountability Act (HIPAA), Xxxxx-Xxxxx-Xxxxxx Act (GLBA), Maine Notice of Risk to Personal Data Act, and the Payment Card Industry Data Security Standards (PCI-DSS). Business Sensitive Information is defined as data which is not subject to statutory or contractual obligations but where the compromise or exposure of the information could result in damage or loss to the University.
Sample 1
Standards for Safeguarding Information. The SubContractor agrees to implement reasonable and appropriate security measures to protect all systems that transmit, store or process Compliant Data and Business Sensitive Information or personally identifiable information from Compliant Data and Business Sensitive Information furnished by the University, or collected by the SubContractor on behalf of the University, against loss of data, unauthorized use or disclosure, and take measures to adequately protect against unauthorized access and malware in the course of this engagement. A. Compliant Data and Business Sensitive Information may include, but is not limited to names, addresses, phone numbers, financial information, bank account and credit card numbers, other employee and student personal information (including their academic record, etc.), Drivers License and Social Security numbers, in both paper and electronic format. B. If information pertaining to student educational records is accessed, transferred, stored or processed by SubContractor; SubContractor shall protect such data in accordance with FERPA. C. If information pertaining to protected health information is accessed, used, collected, transferred, stored or processed by SubContractor; SubContractor shall protect such data in accordance with HIPAA and SubContractor shall sign and adhere to a Business Associate Agreement. D. If SubContractor engages in electronic commerce on behalf of the University or cardholder data relating to University activities is accessed, transferred, stored or processed by SubContractor; Contractor shall protect such data in accordance with current PCI-DSS guidelines. E. If information pertaining to protected “Customer Financial Information” is accessed, transferred, stored or processed by SubContractor; SubContractor shall protect such data in accordance with GLBA.
Sample 1
AutoNDA by SimpleDocs

Related to Standards for Safeguarding Information

  • Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.

  • Customer Information CPNI of a Customer and any other non-public, individually identifiable information about a Customer or the purchase by a Customer of the services or products of a Party.

  • ACCESS TO PROTECTED HEALTH INFORMATION 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524. 7.2 If any Individual requests access to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within two (2) days of the receipt of the request. Whether access shall be provided or denied shall be determined by Covered Entity. 7.3 To the extent that Business Associate maintains Protected Health Information that is subject to access as set forth above in one or more Designated Record Sets electronically and if the Individual requests an electronic copy of such information, Business Associate shall provide the Individual with access to the Protected Health Information in the electronic form and format requested by the Individual, if it is readily producible in such form and format; or, if not, in a readable electronic form and format as agreed to by Covered Entity and the Individual.

  • Safeguarding The Local Authority has overarching responsibility for safeguarding and promoting the welfare of all children and young people in their area. They have a number of statutory functions under the 1989 and 2004 Children Acts which make this clear, and the ‘Working Together to Safeguard Children’ 2015 guidance1 sets these out in detail.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!