Data Security and Integrity Sample Clauses
POPULAR SAMPLE Copied 1 times
Data Security and Integrity. All facilities, whether Vendor hosted or Third-Party Hosted, used to store and process City Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to provide the requested Service(s) availability and to secure City Data from unauthorized access, destruction, use, modification, or disclosure appropriate for City Data. Such measures, when applicable due to the presence of Protected Information, include, but are not limited to, all applicable laws, rules, policies, publications, and guidelines including, without limitation: (i) the most recently promulgated IRS Publication 1075 for all Tax Information, (ii) the most recently updated PCI Data Security Standard from the PCI Security Standards Council for all PCI, (iii) the most recently issued version of the U.S. Department of Justice, Federal Bureau of Investigation, Criminal Justice Information Services Security Policy for all CJI, (iv) the Colorado Consumer Protection Act, (v) the Children’s Online Privacy Protection Act (COPPA), (vi) the Family Education Rights and Privacy Act (FERPA), (vii) §▇▇-▇▇-▇▇▇ et seq., (viii) the Telecommunications Industry Association (TIA) Telecommunications Infrastructure Standard for Data Centers (TIA-942); (ix) the federal Health Insurance Portability and Accountability Act for all PHI and the HIPAA Business Associate Addendum attached to this Agreement, if applicable. Vendor shall submit to ▇▇▇▇▇▇▇▇, within fifteen (15) Calendar Days of ▇▇▇▇▇▇▇▇’▇ written request, copies of Vendor’s policies and procedures to maintain the confidentiality of protected health information to which Vendor has access, and if applicable, Vendor shall comply with all HIPAA requirements contained herein or attached as an exhibit. Vendor warrants that all City Data will be encrypted in transmission (including via web interface) and in storage by a mutually agreed upon National Institute of Standards and Technology (NIST) approved strong encryption method and standard. Vendor shall use industry-standard and up-to-date security tools, technologies and procedures including, but not limited to, anti-virus and anti-malware protections and intrusion detection and reporting in providing Services under this Agreement. Vendor shall ensure that any underlying or integrated software employed by the Service(s) is updated on a regular basis and does not pose a threat to the security of the Service(s). Vendor shall, and shall cause it...
Data Security and Integrity. 6.1. All HRTec facilities used to store and process [Customer/Agency] and End User Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure HRTec’s own Data of a similar type, and in no event less than reasonable in view of the type and nature of the Data involved.
6.2. HRTec shall maintain the administrative, physical, technical, and procedural infrastructure associated with the provision of the Cloud Computing Services to the [Customer/Agency] in a manner that is, at all times during the term of this Agreement, at a level equal to or more stringent than those specified in Exhibit , which is incorporated herein by reference.
6.3. Without limiting the foregoing, HRTec warrants that all [Customer/Agency] Data and End User Data will be encrypted in transmission (including via web interface) and in storage at a level equivalent to or stronger than 256-bit level encryption
6.4. HRTec shall at all times use industry-standard and up-to-date security tools, technologies and procedures including, but not limited to anti-virus and anti-malware protections and intrusion detection and reporting methods [List additional specifically required security mechanisms here as appropriate.] in providing Services under this Agreement.
6.5. HRTec will configure the Services to filter spam while permitting communications from Third Party Internet Protocol addresses identified by the [Customer/Agency] as legitimate, as specified in Exhibit .
6.6. Prior to the Effective Date of this Agreement, HRTec will at its expense conduct or have conducted the following, and thereafter, HRTec will at its expense conduct or have conducted the following at least once per year, and immediately after any actual or reasonably suspected Data Compromise:
(a) A Third-Party Assessment Organization (3PAO) audit of Supplier’s security policies, procedures and controls
(b) Certification under FedRAMP and/or Cloud Security Alliance Security Trust and Assurance Registry (CSA STAR) attestation and certification
(c) A vulnerability scan, performed by a HRTec and [Customer/Agency]-approved Third Party scanner, of HRTec’s systems and facilities that are used in any way to deliver Cloud Computing Services under this Agreement
(d) A formal penetration test, performed by the pr...
Data Security and Integrity. 6.1 Customer shall ensure that Market Data is protected to prevent unauthorized access. In addition, Customer shall ensure that its employees and agents observe the requirements of the Data Protection ▇▇▇ ▇▇▇▇ and any amendments or revisions thereto and all subordinate legislation in the performance of their obligations under this Addendum and shall comply with any request made or direction given by ▇▇▇▇ or the Disseminating Party which is directly due to the requirements of such Act.
6.2 Customer shall bear all responsibility for the confidentiality and use of all mnemonics, identifications or passwords including (without limitation) Users use of the same. Customer shall notify ▇▇▇▇ immediately if Customer learns of any loss, theft or unauthorized use of any mnemonics, identifications or passwords.
6.3 Customer may only receive such categories of Market Data as the applicable Disseminating Parties have approved for Customer’s receipt and use. Except as otherwise set forth in an agreement between Customer and a Disseminating Party, Customer shall receive Market Data solely for its own internal use and shall not retransmit or otherwise furnish Market Data to any third party. Customer shall not misrepresent Market Data or deface or remove any trademarks or proprietary rights notices transmitted with the Market Data. Customer shall not use Market Data for any unlawful or unauthorized purpose. Customer’s use of Market Data shall comply with all applicable laws and regulations and all applicable agreements with Disseminating Parties.
6.4 Customer shall ensure that Customer or, as applicable, Customer’s partners or officers and employees, have sole control or physical possession of, and sole access to Market Data through, Market Data Equipment. For the purposes of this Addendum, “Market Data Equipment” shall mean any display device, computer, software, wires, transmission facility or other equipment by which Customer receives, displays or otherwise uses Market Data. Customer understands that this Section 6 requires Customer to carefully locate and protect Market Data Equipment so that to the extent reasonably possible, no person can have unauthorized access to Market Data. Customer shall abide by any requirements that ▇▇▇▇ specifies in writing, either directly or through ▇▇▇▇, to regulate the location or connection of Market Data Equipment or otherwise to assure the safeguarding of access to Market Data and compliance with this Section 6. Customer shall ensure t...
Data Security and Integrity. 1. Canada shall implement regulatory, procedural or technical measures to protect PNR data against accidental, unlawful or unauthorized access, processing or loss.
2. Canada shall ensure compliance verification and the protection, security, confidentiality, and integrity of the data. Canada shall:
(a) apply encryption, authorization, and documentation procedures to the PNR data;
(b) limit access to PNR data to authorized officials;
(c) hold PNR data in a secure physical environment that is protected with access controls; and
(d) establish a mechanism that ensures that PNR data queries are conducted in a manner consistent with Article 3.
3. If an individual's PNR data is accessed or disclosed without authorization, Canada shall take measures to notify that individual, to mitigate the risk of harm, and to take remedial action.
4. Canada shall ensure that the Canadian Competent Authority promptly informs the European Commission of any significant incidents of accidental, unlawful or unauthorized access, processing or loss of PNR data.
5. Canada shall ensure that any breach of data security, in particular leading to accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, or any unlawful forms of processing, is subject to effective and dissuasive corrective measures which might include sanctions.
Data Security and Integrity. The SI shall maintain and design the NFPS to maintain the security of NFPS Data in accordance with Section 23 (Security). The SI shall similarly design the NFPS to maintain the integrity of NFPS Data in accordance with applicable Key Performance Indicators (including those set out in Technical Specifications Section 5.14 (Performance Requirements)) and to otherwise ensure that the collection, processing, storage, management, and use of collected NFPS Data is done in a manner that complies with all Applicable Laws. Where the Technical Specifications do not establish a specific integrity requirement for components of NFPS Data, then the SI shall maintain, and shall cause the NFPS to maintain, the integrity of NFPS Data in accordance with Good Industry Practices, and throughout the data lifecycle, including collection, processing, storage and archiving of such NFPS Data.
Data Security and Integrity. Broadsign will maintain a commercially reasonable level of physical, administrative and technical data security consistent with industry practices. In the event of a breach of this provision, Broadsign will use commercially reasonable efforts to correct and restore Company data within a seventy-two (72) hour period.
Data Security and Integrity. 1. All facilities used by ASYSCO and its subcontractors to store and process the Data must implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure ASYSCO’s own Data of a similar type, and in no event less than reasonable in view of the type and nature of the Data involved.
2. ASYSCO shall maintain the administrative, physical, technical, and procedural infrastructure associated with the provision of the Services to the A&M System in a manner that is, at all times during the term of this Agreement, at a level equal to or more stringent than those specified in ISO, NIST FIPS, or SSAC-16/SOC2.
3. Without limiting the foregoing, ASYSCO warrants that all Data will be encrypted in transmission (including via web interface) and in storage at a level equivalent to or stronger than 128-bit level encryption or 3DES.
4. ASYSCO shall at all times use industry-standard and up-to-date security tools, technologies and procedures including, but not limited to anti-virus and anti-malware protections and intrusion detection and reporting methods in providing Services under this Agreement.
5. Prior to the Effective Date of this Agreement, ASYSCO will at its expense conduct or have conducted the following, and thereafter, ASYSCO will at its expense conduct or have conducted the following upon request by the A&M System and immediately after any actual or reasonably suspected Data Compromise:
(a) A SSAE 16/SOC 2 audit of ASYSCO’s security policies, procedures and controls and certification under NIST FIPS 200 AND SP 800-53 or ISO 27001/27002.
(b) A vulnerability scan, performed by an A&M System-approved third-party scanner, of ASYSCO’s systems and facilities that are used in any way to deliver Services under this Agreement;
(c) A formal penetration test, performed by process and qualified personnel approved by the A&M System, of ASYSCO’s systems and facilities that are used in any way to deliver Services under this Agreement.
6. ASYSCO will provide the A&M System the reports or other documentation resulting from the above audits, certifications, scans and tests within seven (7) business days of ASYSCO’s receipt of such results.
7. Based on the results of the above audits, certifications, scans and tests, ASYSCO will, within thirty (30) calendar days o...
Data Security and Integrity a. All facilities used to store, and process Personal Data will employ commercial best practices, including appropriate administrative, physical, and technical safeguards, to secure such data from unauthorized access, disclosure, alteration, and use. Such measures will be no less protective than those used to secure Concord University’s own data of a similar type, and in no event less than reasonable in view of the type and nature of the data involved. Without limiting the foregoing, Concord University warrants that all Personal Data will be encrypted in transmission (including via web interface) and storage at no less than 128-bit level encryption, and that Concord University will comply with all other technical specifications as provided in writing to Concord University by the LEA from time to time.
b. Concord University will use industry-standard and up-to-date security tools and technologies such as anti-virus protections and intrusion detection methods in providing Services under this Agreement.
c. Concord University will take commercially reasonable measures, including regular integrity audits of Personal Data, to protect Personal Data against deterioration or degradation of data quality and authenticity.
d. Except as otherwise expressly prohibited by law, Concord University will:
i. immediately notify the LEA of any subpoenas, warrants, or other legal orders, demands or requests received by Concord University seeking Personal Data;
ii. consult with the LEA regarding its response;
iii. cooperate with the LEA’s reasonable requests in connection with efforts by the LEA to intervene and quash or modify the legal order, demand or request; and
iv. upon the LEA’s request, provide the LEA with a copy of its response.
Data Security and Integrity. 6.1 All facilities used to store and process End User Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure Cybersoft’s own data of a similar type and in no event less than reasonable in view of the type and nature of the data involved.
6.2 Except as required by law or as agreed upon previously in writing between parties, Cybersoft does not allow for any sharing of Data with any other party and affirms that the Data will be used for the purpose only as outlined in this Agreement.
Data Security and Integrity. All facilities used to store and process Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure Cybersoft’ s own data of a similar type and in no event less than reasonable in view of the type and nature of the data involved.