Systems Security Sample Clauses

Systems Security. (a) If any Party or its Personnel are given access to any computer systems or software of any member of the other Party’s Group (“Systems”) in connection with such Party’s performance or receipt of Transition Services, such Party shall comply, and shall cause the other members of its Group and its Personnel to comply, with all of such other Party’s Group’s system security policies, procedures and requirements (as amended from time to time, the “Security Regulations”), and will not tamper with, compromise or circumvent any security or audit measures employed by such other Party’s Group. (b) Each Party shall use commercially reasonable efforts to ensure that only those of its Personnel who are specifically authorized to have access to the Systems of the other Party’s Group gain such access, and to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its Personnel regarding the restrictions set forth in this Agreement and establishing appropriate policies designed to effectively enforce such restrictions. (c) Each Party shall, and shall cause its Personnel who are specifically authorized to have access to the Systems of the other Party’s Group to: (i) cooperate in any reasonable security arrangements that the other Party reasonably considers necessary to prevent that Party or any unauthorized third party from accessing the Systems in a manner prohibited by this Agreement; (ii) continually assess and, where relevant, report to the other Party any threats to the Systems arising as a result of any access granted under this Agreement; and (iii) ensure that all users of the other Party’s Systems undertake a controlled authorization process before access to the Systems is granted, and remove access privileges in a timely manner if appropriate. (d) If a Party detects, or is informed of, a breach of its Security Regulations that will (or is likely to) have a material impact on the Transition Services or the integrity of any Confidential Information of the other Party on any System, such Party shall: (i) immediately act to prevent or mitigate the effects of the breach; (ii) report the breach to the other Party as soon as reasonably practicably after detection; and (iii) identify steps to ensure that the breach does not reoccur and report those steps to the other Party. (e) Each Party shall use commercially reasonable efforts to ensure that it does not introduce into the Systems of the other Party any s...
Sample 1Sample 2Sample 3See All (16)
AutoNDA by SimpleDocs
Systems Security. (a) If the Provider, Purchaser, their Affiliates or their respective Personnel receive access to any of the Provider’s, Purchaser’s or their respective Affiliates’, as applicable, computer systems or software (“Systems”) in connection with the Transition Services, the accessing party or its Personnel, as the case may be, shall comply with all of such other party’s and its Affiliates’ Security Regulations as have been provided in writing to the other party, and will not tamper with, compromise or circumvent any security or audit measures employed by such other party. (b) Each party shall, and shall cause its Affiliates to, as required by Applicable Law, use commercially reasonable care to (i) ensure that only those of its Personnel who are specifically authorized to have access to the Systems of the other party or its Affiliates gain such access and (ii) prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its Personnel regarding the restrictions set forth in this Agreement and establishing appropriate policies designed to effectively enforce such restrictions. (c) The Provider and Purchaser shall, and shall cause their respective Affiliates to, access and use only those Systems of the other party and its Affiliates, and only such data and information within such Systems, to which they have been granted the right to access and use. Any party and its Affiliates shall have the right to deny the Personnel of the other party or its Affiliates access to such first party’s or its Affiliates’ Systems in the event the party reasonably believes that such Personnel pose a security concern, provided that the party denying access to its Systems shall provide notice to the other party promptly after such access is denied, and provided further that any dispute as to the appropriateness of such denial of access shall be resolved in accordance with Section 3.3 hereto.
Sample 1Sample 2Sample 3See All (11)
Systems Security. (a) If any Party or its Personnel are given access to any computer systems or software of any member of the other Party’s Group (“Systems”) in connection with such Party’s performance or receipt of IT Services, such Party shall comply, and shall cause the other members of its Group and its Personnel to comply, with all of such other Party’s system security policies, procedures and requirements (as amended from time to time, the “Security Regulations”), and will not tamper with, compromise or circumvent any security or audit measures employed by such other Party. (b) Each Party shall use commercially reasonable efforts to ensure that only those of its Personnel who are specifically authorized to have access to the Systems of the other Party gain such access, and to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its Personnel regarding the restrictions set forth in this Agreement and establishing appropriate policies designed to effectively enforce such restrictions. (c) If, at any time, either Party determines that the other Party or its Personnel has sought to circumvent, or has circumvented, its Security Regulations, that any unauthorized Personnel of the other Party has accessed its Systems or that the other Party or any of its Personnel has engaged in activities that may lead to the unauthorized access, use, destruction, alteration or loss of data, information or software, such Party shall immediately terminate any such Personnel’s access to the Systems and promptly notify the other Party. (d) Each Party shall access and use, and shall cause their respective Personnel to access and use, only those Systems, and only such data and information within such Systems, to which it or they have been granted the right to access and use. Any Party shall have the right to deny the Personnel of the other Party access to such Party’s Systems, after prior written notice and consultation with the other Party, in the event the Party reasonably believes that such Personnel pose a security concern.
Sample 1Sample 2Sample 3See All (8)
Systems Security. (a) If either Party or any of its respective Subsidiaries (such Party together with its Subsidiaries, the “Accessing Party”) is given access to the computer system(s), facilities, networks (including voice or data networks) or software (collectively, “Systems”) used by the other Party or any of the other Party’s Subsidiaries (such other Party and its Subsidiaries, the “Disclosing Party”) in connection with the provision of the Services, the Accessing Party shall comply with the Disclosing Party’s security regulations, which shall be provided by the Disclosing Party prior to access to the Systems. The Accessing Party will not tamper with, compromise or circumvent any security or audit measures employed by the Disclosing Party. The Accessing Party shall (i) ensure that only those users who are specifically authorized to gain access to the other’s Systems gain such access and (ii) prevent unauthorized destruction, alteration or loss of information contained therein. If at any time the Disclosing Party determines that any personnel of the Accessing Party has sought to circumvent or has circumvented the Disclosing Party’s security regulations or other security or audit measures or that an unauthorized person has accessed or may access the Disclosing Party’s Systems or a person has engaged in activities that may lead to the unauthorized access, destruction or alteration or loss of data, information or software, the Disclosing Party may immediately terminate any such person’s access to the Systems and, if such person’s access is terminated, shall immediately notify the Accessing Party. In addition, a material failure to comply with the Disclosing Party’s security regulations shall be a breach of this Agreement, and the Parties shall work together to rectify any such failure to comply with the Disclosing Party’s security regulations. If any breach of the Disclosing Party’s security regulations is not rectified within ten days following its occurrence, the Disclosing Party shall be entitled to immediately terminate the Services to which the breach relates or, if it relates to all the Services that the Disclosing Party receives or provides, as applicable, the non-breaching Party shall be entitled to immediately terminate the Agreement in its entirety. (b) The Accessing Party represents and warrants to the Disclosing Party that all software code, any related deliverables and any data or information input into any Systems in connection with the Services does not and w...
Sample 1Sample 2Sample 3See All (6)
Systems Security a) Vendor must document and maintain adequate: b) Vendor must perform maintenance access to production servers over a protected, dedicated network between Vendor’s corporate offices and the production systems. Vendor must not perform maintenance access to production servers over the Internet.
Sample 1Sample 2Sample 3See All (4)
Systems Security. (a) If any Citi Party or Banco de Chile Party, or its Personnel or authorized third party, will be given passwords and/or access codes or any other form or mechanism (collectively, “Passwords”) to limit or control access to any Banco de Chile Party’s or Citi Party’s, as applicable, computer systems or software (“Systems”) in connection with the performance of the Services, the accessing Party or its Personnel, as the case may be, shall comply with (i) the processes and procedures set forth in Schedule 5.4, and (ii) all of such other Party’s system security policies, procedures and requirements (as amended from time to time, the “Security Regulations”), and will not tamper with, compromise or circumvent any security or audit measures employed by such other Party. Such Passwords are Confidential Information as provided in Section 5.4(e), and may only be used by such receiving Party and its Authorized Users. Each of Citi and Banco de Chile represents that any user of the Banco de Chile Services or the Citi Services, as the case may be, gaining access by means of such Passwords has been expressly authorized by Citi and Banco de Chile, as the case may be, to use them. Where a Password has been provided to a Party’s employee, agent or customer, such Party shall cause such employee, agent or customer to cease all use of such Password if such employment, agency or customer relationship with such Party terminates for any reason, and in addition such Party shall give the other Party immediate notice of the need to de-activate such Password. Each Party acknowledges and agrees that the other Party may rely on any communications or instructions made online by a person using a Password as if coming from the person authorized to use such Password acting on behalf of such Party, and that any such communications or instructions, including any use or misuse of Passwords by anyone, will be binding on such Party and, if applicable, the person or entity to whom the Password was issued. (b) Each Party shall use commercially reasonable efforts to ensure that only those of its Personnel who are specifically authorized to have access to the Systems of the other Party gain such access, and to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its Personnel regarding the restrictions set forth in this Agreement and establishing appropriate policies designed to effectively enforce such restrictions. (c) If, at any t...
Sample 1Sample 2See All (4)
Systems Security. ‌ Insurer shall maintain policies, procedures, and practices related to system security and integrity that are in line with national industry standards and best practices. At least annually, Insurer shall review and update its policies, procedures, and practices for the following areas: a. Access Control; b. Incident Response; c. Data Loss Prevention; d. Disaster Recovery; e. Telework and remote access; and f. Information and Data security. Insurer shall provide ninety (90) Calendar Days’ prior notice of any planned, significant system changes, including changes or upgrades to claims processing, customer service, enrollment, or operating systems or any other systems that may materially impact services provided under this Contract. Insurer shall notify FHKC within three (3) Business Days of identification of any issues impacting Insurer’s claims processing related to this Contract. Insurer’s mail gateways shall be capable of sending and receiving encrypted emails for all services related to this Contract. Insurer’s use of an email gateway using a Transport Layer Security 1.2 connection satisfies this requirement. Insurer shall send only encrypted emails when such email contains PHI or PII. Insurer shall obtain a National Institute of Standards and Technology (NIST) compliant information security risk assessment conducted by an independent third party at least every three (3) years or be HITRUST certified. Insurer must obtain the first assessment within the first Contract Year unless Insurer completed such an assessment within two (2) years prior to the Contract Effective Date. An independent assessment following the NIST SP 800-30 guidance, or its successor, satisfies this requirement.
Sample 1Sample 2Sample 3
AutoNDA by SimpleDocs
Systems Security. ‌ Insurer shall maintain policies, procedures and practices related to system security and integrity that are in line with national industry standards and best practices. Insurer shall regularly, no less frequently than annually, review and update its policies, procedures and practices for the following areas: a. Telework and remote access; b. External data loss risk management; c. Internal data loss risk management; and d. Information and data security. Insurer shall provide ninety (90) Calendar Days’ prior notice of any planned, significant system changes, including changes or upgrades to claims processing, customer service, enrollment or operating systems or any other systems that may materially impact services provided under this Contract. Insurer shall notify FHKC within three (3) Business Days of identification of any issues impacting Insurer’s claims processing related to this Contract. Insurer’s mail gateways shall be capable of, and Insurer shall send, encrypted emails to FHKC when PHI or PII is involved. Insurer shall also ensure its mail gateways are capable of receiving FHKC’s encrypted emails. Insurer’s use of an email gateway using a Transport Layer Security connection satisfies this requirement. Insurer shall obtain a National Institute of Standards and Technology (NIST) compliant information security risk assessment conducted by an independent third party at least every three (3) years with the first assessment obtained within the first Contract Year unless such an assessment was completed within two (2) years prior to the Contract Effective Date. An independent assessment following the NIST SP800-30 guidance, or its successor, satisfies this requirement. 6-1 Security Incidents‌ Insurer shall report all security incidents to FHKC in accordance with Attachment B. Insurer shall be liable for financial consequences in the amount of five hundred dollars ($500) per Calendar Day for failure to provide all necessary information to FHKC in the format and timeframe required. Financial consequences apply to each Calendar Day beyond the due date until provided to FHKC in the required format, inclusive of the day provided to FHKC.
Sample 1Sample 2Sample 3
Systems Security. (a) If any Service Provider, or its personnel, will be given access to any Service Recipient’s computer systems or software (“Systems”) in connection with the performance of the Transition Services, Tricadia shall, or shall cause its Affiliates to, use reasonable best efforts to cause any third-party service provider, and their respective personnel, to comply with all of such Service Recipient’s written system security policies, procedures and requirements (as amended from time to time, the “Security Regulations”), and will not tamper with, compromise or circumvent any security or audit measures employed by such Service Recipient. (b) Tricadia shall, and shall cause its Affiliates and third-party service providers to, use its reasonable commercial efforts (i) to ensure that only those of its personnel who are specifically authorized to have access to the Systems of a Service Recipient gain such access and use such access only to the extent needed to provide a Transition Service, and (ii) to prevent unauthorized access, use, destruction, alteration or loss of information contained therein. Tricadia shall, and shall cause its personnel, its Affiliates and third-party service providers to, access and use only those Systems, and only such data and information within such Systems to which a Service Recipient has granted it the right to access and use. Tricadia and any other Service Provider will notify TAMCO and/or a Service Recipient immediately upon becoming aware of any violations by any of its personnel of this Section 4.03(b). (c) A Service Recipient shall have the right to deny the personnel of a Service Provider access to its Systems, after prior written notice, in the event the Service Recipient reasonably believes that such personnel pose a security concern. (d) All user identification numbers and passwords of a Service Recipient disclosed to a Service Provider, and any information obtained from the use of the Systems, shall be deemed confidential information of TAMCO subject to Section 5.01. (e) Tricadia will, and will cause its Affiliates to and will use reasonable best efforts to cause any third-party service provider to, cooperate with TAMCO and each other Service Recipient in investigating any apparent unauthorized access of TAMCO’s or such other Service Recipient’s Systems or any apparent unauthorized release by a Service Provider or such Service Provider’s personnel of information of TAMCO or its Affiliates that is deemed to be confidential unde...
Sample 1Sample 2
Systems Security. (a) If the Service Recipient, or any of its personnel will be given access to any of Seller’s computer systems or software (“Systems”) in connection with the receipt of the Services, Service Recipient or its personnel, as the case may be, shall comply with all of such Seller’s system security policies, procedures and requirements (as amended from time to time, the “Security Regulations”), and will not tamper with, compromise or circumvent any security or audit measures employed by Seller. (b) Service Recipient shall ensure that only those of its personnel who are specifically authorized to have access to Seller’s Systems gain such access, and to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its personnel regarding the restrictions set forth in this Agreement. (c) The Service Recipient and its personnel shall access and use only those Systems, and only such data and information within such Systems to which it has been granted the right to access and use. Seller shall have the right to deny the Service Recipient’s personnel access to Seller’s Systems in the event Seller reasonably believes that such personnel pose a security concern. If, at any time, Seller determines that the Service Recipient or its personnel has sought to circumvent, or has circumvented, Seller’s Security Regulations, that any unauthorized personnel of the Service Recipient has accessed Seller’s Systems or that the Service Recipient or any of its personnel has engaged in activities that may lead to the unauthorized access, use, destruction, alteration or loss of data, information or software, Seller may immediately terminate any such personnel’s access to the Systems and immediately notify the Service Recipient in writing. (d) All user identification numbers and passwords disclosed to the Service Recipient and any information obtained from the use of Seller’s Systems, shall be deemed Seller Confidential Information. (e) The Service Recipient will cooperate with Seller in investigating any apparent unauthorized access to Seller’s Systems or any apparent unauthorized release by the Service Recipient or its personnel of Seller Confidential Information. The Service Recipient will (i) immediately notify the Seller in writing if the Service Recipient has revoked access to its own Systems to any of its personnel if such personnel also has access to Seller’s Systems and (ii) will immediately revoke any access to Seller’s Sy...
Sample 1
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!