Compliance and Third-Party Certification Clause Samples

Compliance and Third-Party Certification. The Solution shall comply with relevant standards like General Data Protection Regulation (GDPR), Criminal Justice Information Services (CJIS), Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act, Personally Identifiable Information (PII) data requirements, Driver Privacy Protection Act, and third-party certifications such as Systems and Organizations Controls 2 (SOC 2) and International Organization for Standardization (ISO) 27001. The Department, Purchaser, or Customer may require Contractor(s) to execute security agreements, including but not limited to, CJIS riders or Business Associate Agreements as a condition of performance or purchase order issuance.
View SourceView Similar (6)
Compliance and Third-Party Certification. The Solution shall comply with relevant state and federal laws and standards such as the Health Insurance Portability and Accountability Act, Family Educational Rights and Privacy Act, Driver Privacy Protection Act, General Data Protection Regulation, and third-party certifications such as SOC 2 and ISO 27001.The Department, Purchaser, or Customer may require awarded Vendors(s) to execute security agreements, including but not limited to, Criminal Justice Information System (CJIS) riders or Business Associate Agreements as a condition of performance or purchase order issuance.
View SourceView Similar (3)
Compliance and Third-Party Certification. ‌ Chronicle Sec Ops SIEM/SOAR platform architecture currently meets CJIS, ISO 27001, CJIS and FedRAMP Moderate accreditation standards, and is scheduled to meet DoD IL4 and FedRAMP High accreditation levels in 2024. The State of Florida Department of Management Services May 2023
View Source
Compliance and Third-Party Certification. The Solution shall comply with relevant standards like General Data Protection Regulation (GDPR), Criminal Justice Information Services (CJIS), Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act, Personally Identifiable Information (PII) Endpoint Detection and Response Solution data requirements, Driver Privacy Protection Act, and third-party certifications such as Systems and Organizations Controls 2 (SOC 2) and International Organization for Standardization (ISO) 27001. The Department, Purchaser, or Customer may require Contractor(s) to execute security agreements, including but not limited to, CJIS riders or Business Associate Agreements as a condition of performance or purchase order issuance. SentinelOne Response: Singularity XDR supports these requirements and can be validated in our FedRAMP, ISO27001 and SOC2 reports, Privacy Policy and Data Sharing Agreements. We would entertain signing of Riders or BAA’s as needed.
View Source
Compliance and Third-Party Certification. The Solution shall comply with relevant state and federal laws and standards such as the Health Insurance Portability and Accountability Act, Family Educational Rights and Privacy Act, Driver Privacy Protection Act, General Data Protection Regulation, and third-party certifications such as SOC 2 and ISO 27001. The Department, Purchaser, or Customer may require awarded Vendors(s) to execute security agreements, including but not limited to, Criminal Justice Information System (CJIS) riders or Business Associate Agreements as a condition of performance or purchase order issuance. Armis is compliant with the Freedom of Information and Protection of Privacy Act - Armis does not store any personal information, PHI, or other type of traffic that would otherwise violate HIPAA, PCI, GLBA, etcetera. The company and the product is compliant with ISO 27001-2022, ISO 27018, SOC 2, UK Cyber Essentials, FedRAMP Moderate, DISA Impact Level 4*, TxRAMP, CJIS and CSA STAR Level 1. In terms of internal security governance, formal risk assessment processes have been embedded in our release management process. Our code and product environments are assessed weekly, and findings brought forward for remediation as part of the monthly release process. Exposure and risk levels are presented to executive leadership every two weeks. Armis employees handling personal data or systems storing and/or processing them are instructed and bound to abide by all relevant laws and contracts (e.g., General Data Protection).
View Source
Compliance and Third-Party Certification. Yes CRITICALSTART only ingests alerts. All logs and data remain within the client’s environment. We will provide a SOC2 Type II and PCI-DSS report. Additionally, we comply with GDPR and NIST CSF
View Source

Related to Compliance and Third-Party Certification

  • COMPLIANCE AND CERTIFICATION 25.1 Each Party shall comply at its own expense with all Applicable Laws that relate to that Party’s obligations to the other Party under this Agreement. Nothing in this Agreement shall be construed as requiring or permitting either Party to contravene any mandatory requirement of Applicable Law. 25.2 Each Party warrants that it has obtained all necessary state certification required in each state covered by this Agreement prior to ordering any Interconnection, Resale Services, Network Elements, functions, facilities, products and services from the other Party pursuant to this Agreement. Upon request, each Party shall provide proof of certification. 25.3 Each Party shall be responsible for obtaining and keeping in effect all approvals from, and rights granted by, Governmental Authorities, building and property owners, other carriers, and any other Third Parties that may be required in connection with the performance of its obligations under this Agreement. 25.4 Each Party represents and warrants that any equipment, facilities or services provided to the other Party under this Agreement comply with the CALEA.

  • Third-Party Certifications and Audits Upon Client’s written request at reasonable intervals, and subject to the confidentiality obligations set forth in the Agreement and this DPA, Securiti shall make available to Client that is not a competitor of Securiti (or Client’s independent, third-party auditor that is not a competitor of Securiti) a copy of Securiti’s then most recent third-party audits or certifications, as applicable (provided, however, that such audits, certifications and the results therefrom, including the documents reflecting the outcome of the audit and/or the certifications, shall only be used by Client to assess compliance with this DPA and/or with applicable Data Protection Laws and Regulations, and shall not be used for any other purpose or disclosed to any third party without Securiti’s prior written approval and, upon Securiti’s first request, Client shall return all records or documentation in Client’s possession or control provided by Securiti in the context of the audit and/or the certification). At Client’s cost and expense, Securiti shall allow for and contribute to audits, including inspections of Securiti’s systems and physical premises, conducted by the controller or another auditor mandated by the controller (who is not a direct or indirect competitor of Securiti) provided that the parties shall agree on the scope, methodology, timing and conditions of such audits and inspections. Subject to Section 2.3.2, Client may request measures to be taken by Securiti following the results of the audit or inspection.

  • E-VERIFY CERTIFICATION Pursuant to Executive Order RP-80, Engineer certifies and ensures that for all contracts for services, Engineer shall, to the extent permitted by law, utilize the United States Department of Homeland Security’s E-Verify system during the term of this agreement to determine the eligibility of: 1. All persons employed by Engineer during the term of this agreement to perform duties within the State of Texas; and 2. All persons, including subcontractors, assigned by Engineer to perform work pursuant to this agreement. Violation of this provision constitutes a material breach of this agreement.

  • Notification of Breach / Compliance Reports The Adviser shall notify the Trust’s CCO promptly upon detection of: (i) any material failure to manage any Fund in accordance with its investment objectives and policies or any applicable law; or (ii) any material breach of any of each Fund’s or the Adviser’s policies, guidelines or procedures with respect to the Fund. In addition, the Adviser shall respond to quarterly requests for information concerning the Fund’s compliance with its investment objectives and policies, applicable law, including, but not limited to the 1940 Act and Subchapter M of the Code, and the Fund’s policies, guidelines or procedures as applicable to the Adviser’s obligations under this Agreement. The Adviser agrees to correct any such failure promptly and to take any action that the Board may reasonably request in connection with any such breach. Upon request, the Adviser shall also provide the officers of the Trust with supporting certifications in connection with such certifications of Fund financial statements and disclosure controls pursuant to the S▇▇▇▇▇▇▇-▇▇▇▇▇ Act. The Adviser will promptly notify the Trust in the event: (x) the Adviser is served or otherwise receives notice of any action, suit, proceeding, inquiry or investigation, at law or in equity, before or by any court, public board, or body, involving the affairs of the Trust (excluding class action suits in which a Fund is a member of the plaintiff class by reason of the Fund’s ownership of shares in the defendant) or the compliance by the Adviser with the federal or state securities laws; or (y) of an actual change in control of the Adviser resulting in an “assignment” (as defined in Section 15) that has occurred or is otherwise proposed to occur.

  • Certification of Compliance The Recipient shall complete and submit the following Notice of Completion and, if applicable, Engineer’s Certification of Compliance to the Department upon completion of the construction phase of the Project.