Common use of Technical Safeguards Clause in Contracts

Technical Safeguards. The Service Provider has implemented, and agrees to maintain, commercially reasonable technical safeguards that include, but are not limited to, (i) logical separation of Confidential Information and Personal Data on information systems, (ii) access controls to maintain appropriate segregation of duties and limit access to information resources on a need-to-know and least privileged basis, (iii) complex passwords at least seven characters in length or pass phrases, changed on a regular basis, and stored and transmitted in a secure manner, (iv) device and software management controls to guard against viruses and other malicious or unauthorized software, (v) information system and software patching consistent with manufacturer recommendations, (vi) intrusion detection and prevention systems to guard against unauthorized information system access, (vii) encryption of Confidential Information and Personal Data at rest and transmitted across unsecure or public networks including enforcement of Transport Layer Security1for e-mail exchanged between Service Provider and the Client, (viii) encryption of Confidential Information and Personal Data stored on mobile media, and mobile electronic devices, and (ix) audit logging that records user and system activities.

Technical Safeguards. The Service Provider Custodian has implemented, and agrees to maintain, commercially reasonable technical safeguards that include, but are not limited to, (i) logical separation of Confidential Information and or Personal Data Information on information systems, (ii) access controls to maintain appropriate segregation of duties and limit access to information resources on a need-to-know and least privileged basis, (iii) complex passwords at least seven characters in length or pass phrases, changed on a regular basis, and stored and transmitted in a secure manner, (iv) device and software management controls to guard against viruses and other malicious or unauthorized software, (v) information system and software patching consistent with manufacturer recommendations, (vi) intrusion detection and prevention systems to guard against unauthorized information system access, (vii) encryption of Confidential Information and Personal Data Information at rest and transmitted across unsecure or public networks including enforcement of Transport Layer Security1for e-mail exchanged between Service Provider Custodian and the Client, (viii) encryption of Confidential Information and Personal Data Information stored on mobile media, and mobile electronic devices, and (ix) audit logging that records user and system activities.

Technical Safeguards. The Service Provider has implemented, and agrees to maintain, commercially reasonable technical safeguards that include, but are not limited to, (i) logical separation of Confidential Information and Personal Data on information systems, (ii) access controls to maintain appropriate segregation of duties and limit access to information resources on a need-to-know and least privileged basis, (iii) complex passwords at least seven characters in length or pass phrases, changed on a regular basis, and stored and transmitted in a secure manner, (iv) device and software management controls to guard against viruses and other malicious or unauthorized software, (v) information system and software patching consistent with manufacturer recommendations, (vi) intrusion detection and prevention systems to guard against unauthorized information system access, (vii) encryption of Confidential Information and Personal Data at rest and transmitted across unsecure or public networks including enforcement of Transport Layer Security1for Security (encryption protocol) for e-mail exchanged between Service Provider and the Client, (viii) encryption of Confidential Information and Personal Data stored on mobile media, and mobile electronic devices, and (ix) audit logging that records user and system activities.