Usage Control. A documented, role-based authorization concept must be provided for use of personal data which limits the use so that only authorized individuals can use the personal data necessary for their task (De Minimis Principal). The password rules for access control must also be followed for usage control. Administrative activities must be limited to a small group of administrators. Administrator activities must be monitored and logged to the extent that the effort involved is technically supportable.
Appears in 4 contracts
Samples: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement
Usage Control. A documented, role-based authorization concept must be provided for use of personal data which limits the use so that only authorized individuals can use the personal data necessary for their task (De Minimis Principal). The password rules for access control must also be followed for usage control. Administrative activities must be limited to a small group of administrators. Administrator activities must be monitored and logged to the extent that the effort effort involved is technically supportable.
Appears in 2 contracts
Samples: Data Processing Agreement, Data Processing Agreement
