Data Security Controls Sample Clauses

Data Security Controls. Vendor must document and maintain adequate: a) Data security controls, such as but not limited to * . Vendor must ensure at each site that appropriate data controls are implemented and that no shared environments exist with other businesses for all WANs, LANs, network connections, dial-up connections, DASD, distributed systems, or any other computer systems. b) Retention processes and policies for all security data events (i.e., reports) in accordance with legal and regulatory requirements. Examples include: * c) Controls in configuring and operating voice systems, especially as regards * .
View SourceView Similar (4)
Data Security Controls. 1 Programme
View Source
Data Security Controls. Pursuant to Section 2054.138 of the Texas Government Code, if Contractor will be authorized to access, transmit, use, or store data for MD ▇▇▇▇▇▇▇▇, Contractor is required to meet the security controls MD ▇▇▇▇▇▇▇▇ determines are proportionate with MD ▇▇▇▇▇▇▇▇’▇ risk under this Agreement based on the sensitivity of MD ▇▇▇▇▇▇▇▇’▇ data. Contractor must periodically provide to MD ▇▇▇▇▇▇▇▇ evidence that Contractor meets the security controls required under this Agreement.
View Source
Data Security Controls. 1. Contractor will implement the following standards for County staff passwords: a. Passwords must include 3 of the following 4 types of characters: upper case, lower case, number, special character; b. Passwords must be 12 characters long; c. Passwords must be reset every 90 days; d. Passwords cannot be reused until 24 other passwords have been used. 2. Contractor shall use encryption for its Active Directories. 3. Contractor shall use encryption for data at rest and in transit. 4. Contractor shall maintain detailed User Activity Logs. 5. Contractor shall maintain 24-hour security, alarms, and access restrictions at its data centers. 6. Contractor will subject all staff with access to its data centers to background checks and implement periodic rechecks. 7. The ICS and ISTP shall not receive, store, transport, or otherwise interact with any County data labeled Criminal Justice Information (“CJI”) and County acknowledges that the ICS and ISTP are not Criminal Justice Information Services (“CJIS”) compliant.
View Source
Data Security Controls. 1. Within six (6) months of go live, Contractor will implement the following standards for County staff passwords: a. Passwords for users that have not logged in for 60 days will be disabled; b. Passwords must include 3 of the following 4 types of characters: upper case, lower case, number, special character; c. Passwords must be 12 characters long; d. Passwords must be reset every 90 days; e. Passwords cannot be reused until 24 other passwords have been used. 2. Contractor shall use encryption for its Active Directories.
View Source

Related to Data Security Controls

  • Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.

  • Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.

  • Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who ▇▇▇ may contact if there are any data security concerns or questions.

  • Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).

  • Data Integrity Control Personal Data will remain intact, complete and current during processing activities.