Data Policies. A policy must be in place to cover data classifications, encryption use, key and certificate lifecycle management, cryptographic algorithms and associated key lengths. This policy must be documented, reviewed, and approved with management oversight, on a periodic basis.
Appears in 11 contracts
Sources: Call Off Contract, Master Subscription Agreement, Data Processing Agreement