Transfer Format. Transfers may include, but are not limited to, conversion of all Data into or from an industry standard format or providing application programmable interface. Data must be encrypted at all times unless specifically outlined otherwise in the Authorized User Agreement. At a minimum, encryption must be carried out at the most current NYS Encryption Standard (NYS-S14-007), (or successor policy with key access restricted to the Authorized User only, unless with the express written permission of the Authorized User. All Data in transit must be handled in accordance with ITS Policy NYS-S14-007 (or successor) or the National Institute of Standards and Technology (NIST) Federal Institute Processing Standard (FIPS)-140-2 or Transport Layer Security (TLS) 1, or TLS2 (or successor). The Authorized User Agreement shall specify the respective responsibilities of the Authorized User and the Contractor for the encryption of Data.
Appears in 95 contracts
Samples: Contract for the Acquisition of Information Technology Commodities and/or Services, Contract for the Acquisition of Information Technology Commodities and/or Services, Contract for the Acquisition of Information Technology Commodities and/or Services