Data Security Procedures Sample Clauses

Data Security Procedures. Subcontractor shall maintain appropriate policies and procedures to respond to incidents of unauthorized or suspected unauthorized access to or disclosure of Customer Data. Such policies and procedures shall equal or exceed the Advanta Data Security Standards and Payment Card Industry Standards. Subcontractor shall reasonably monitor, evaluate and adjust its information security system and procedures in response to relevant changes in technology, changes in the sensitivity of Customer Data and internal and external threats to information security and shall adopt such changes to its information security system and procedures as reasonably requested by Advanta. Subcontractor agrees to take appropriate actions to address any security breach involving such information. Subcontractor shall notify the Advanta General Program Manager promptly, and in any event as soon as reasonably possible after Subcontractor reasonably suspects or has concluded that any security incident or breach (which shall include any such breach caused by any employee of Subcontractor) has occurred or is about to occur that, in Subcontractor’s reasonable judgment, is likely to put any data, including any Customer Data, or network of Advanta at risk. Upon the occurrence of any such security incident or breach, (a) Subcontractor shall, as soon as practicable and at its sole expense, implement an action plan to correct the incident or breach and prevent the continuation of such security incident or breach, and shall promptly notify Advanta of the corrective action and measures taken and (b) Advanta may audit to determine whether the corrective action has been implemented and is effective. If there is any such security breach relating to Customer Data under Subcontractor’s ****** — Denotes material that has been omitted and filed separately with the Commission. control or the control of an entity with which Subcontractor has contracted, then Subcontractor shall pay the out of pocket expenses incurred by Advanta in responding to the security breach, including paying the cost of notifying customers that information about them was subject to a security breach. Any notice sent concerning a security breach shall be subject to the prior written approval of Advanta.
View SourceView Similar (2)
Data Security Procedures. The Contractor shall develop data security procedures to ensure only authorized access to data and databases by Contractor Representatives for purposes of performing the Agreement and to ensure no unauthorized access to data or databases by individuals or entities. The Contractor shall ensure that access to data and databases by Contractor Representatives will be provided on a need to know basis and will adhere to the principle of least privilege. (The principle of least privilege means giving a user account only those privileges which are essential to perform its intended function.)
View Source
Data Security Procedures. StarCompliance shall Representatives for purposes of performing the Agreement and to ensure no unauthorized access to data or databases by individuals or entities other than those authorized by the Agreement or the Client. . ( which are essential to perform its intended function.)
View Source
Data Security Procedures. Participating Provider undertakes solely in its own independent capacity to (and will procure that all Provider Personnel will) maintain reasonable operating standards and security procedures, and shall use their best efforts to secure Personal Data and Confidential Information (collectively, “Confidential Data”) through the use of reasonable and appropriate administrative, physical, and technical safeguards including, but not limited to, appropriate network security and encryption technologies governed by an established set of policies and procedures (an “Information Security Management System”). Participating Provider shall maintain and regularly update the Information Security Management System based upon a formal change control process that governs how security controls are adjusted over time ensuring at all times that it maintains a comparable or better level of security than that defined in this Exhibit B. Such Information Security Management System shall: (A) ensure the ongoing confidentiality, integrity, availability, and resilience of Participating Provider systems and services processing Confidential Data and those of subcontractors that have been authorized by Apple to process Confidential Data; (B) enable Participating Provider to restore the availability and access to Confidential Data in a timely manner in the event of a physical or technical incident; (C) maintain a process for regularly testing, assessing, and evaluating the effectiveness of all technical and organizational measures for ensuring the security of Confidential Data at all times; and (D) shall also include the following: (i) Implementation of controls to manage access to Confidential Data, including: (a) Preventing access to Confidential Data other than by those Provider Personnel that must access Confidential Data to perform Participating Provider’s obligations under the Terms and Conditions (hereinafter, the “Services”); (b) Immediately terminating access privileges to Confidential Data for any Provider Personnel that no longer need such access, and conducting regular reviews of access lists in accordance with high industry standards to ensure that access privileges have been appropriately provisioned and terminated; (c) Requiring Provider Personnel the use of multi-factor authentication to access Confidential Data; and (d) Providing regular training on data security to all Provider Personnel that may have access to Confidential Data; (ii) Maintenance of firewalls to segregat...
View Source
Data Security Procedures. Though the SDPBC data provided to the individual/organization does not contain “personally identifiable information” as defined in 34 CFR § 99.3, it is still critical that the data be kept secure and confidential. Therefore, all SDPBC student level data must be stored securely so that only authorized users within the organization have access to it. This means that computer data bases should be password protected; that precautions are taken to ensure that access through modems, networks, and the Internet is carefully monitored and limited to authorized users; and that data tapes, disks, paper files and other storage media are kept in secure locations.
View Source
Data Security Procedures. The first point of security is access to the computer system and its data via the local network of users. To enhance security and reduce the risk of unauthorized access, the following guidelines shall be followed: A. Users will be assigned one unique account for access to the system. B. Each user account shall require a password with a minimum of 6 characters. This password shall be treated as confidential information by the users. Users are responsible to safeguard their passwords, other access protocols, and district and Computer Center information, in whatever form. No list of passwords shall be maintained by the Computer Center or the District. C. All users will be required by the system to change their password or at least every 90 days; "captive" accounts (accounts which have access to only limited, non-system programs and commands) must have their passwords assigned by the Computer Center and shall be changed at least every year. D. A review of user account activity will be performed quarterly by the computer staff. User accounts that have not been accessed in the previous 180 days will be disabled; users not accessing their account in the previous 90 days will be notified that such inactivity may cause their account to be disabled. Users should ensure their terminals, when not in use, are properly logged off the system. E. Users shall be granted only those privileges consistent with the duties and responsibilities of their position. Authorized privileges shall be grouped in a "normal" and "extended" category: "normal" privileges are granted by the system when a user logs onto the system and represent the privileges required to perform the users normal duties; "extended" privileges are those privileges which the user may be authorized to use, but which must be specifically enabled by user before being utilized. F. Access to the computer system via an electronic network outside the Computer Center area will be restricted to the minimum level of access necessary for authorized users. No "general access" accounts shall be maintained. G. Access to privileged or system accounts shall only occur with the authorization of the Computer Center Director. Following outside access to a privileged account, the account password shall be changed to prevent further access without the Computer Center staff's knowledge. H. Audit Log Sufficient audit alarms shall be enabled to track attempts to break into a user or system account and other security-related events. The...
View Source
Data Security Procedures. We restrict access to non-public personal information about you to those persons who need to know that information in connection with providing products or services to you. We may from time to time provide the retailer(s) where you may make purchases using your credit card issued by us with access to your non-public personal information. We maintain physical, electronic, and procedural safeguards to guard your non-public personal information.
View Source

Related to Data Security Procedures

  • Security Procedures The Fund shall comply with data access operating standards and procedures and with user identification or other password control requirements and other security procedures as may be issued from time to time by State Street for use of the System on a remote basis and to access the Data Access Services. The Fund shall have access only to the Fund Data and authorized transactions agreed upon from time to time by State Street and, upon notice from State Street, the Fund shall discontinue remote use of the System and access to Data Access Services for any security reasons cited by State Street; provided, that, in such event, State Street shall, for a period not less than 180 days (or such other shorter period specified by the Fund) after such discontinuance, assume responsibility to provide accounting services under the terms of the Custodian Agreement.

  • Safety and Security Procedures Contractor shall maintain and enforce, at the Contractor Work Locations, industry-standard safety and physical security policies and procedures. While at each JBE Work Location, Contractor shall comply with the safety and security policies and procedures in effect at such JBE Work Location.

  • Security Procedure The Client acknowledges that the Security Procedure it has designated on the Selection Form was selected by the Client from Security Procedures offered by State Street. The Client agrees that the Security Procedures are reasonable and adequate for its wire transfer transactions and agrees to be bound by any payment orders, amendments and cancellations, whether or not authorized, issued in its name and accepted by State Street after being confirmed by any of the selected Security Procedures. The Client also agrees to be bound by any other valid and authorized payment order accepted by State Street. The Client shall restrict access to confidential information relating to the Security Procedure to authorized persons as communicated in writing to State Street. The Client must notify State Street immediately if it has reason to believe unauthorized persons may have obtained access to such information or of any change in the Client’s authorized personnel. State Street shall verify the authenticity of all instructions according to the Security Procedure.

  • Safety Procedures The Contractor shall: (a) comply with all applicable safety regulations according to Attachment H; (b) take care for the safety of all persons entitled to be on the Site; (c) use reasonable efforts to keep the Site and Works clear of unnecessary obstruction so as to avoid danger to these persons; (d) provide fencing, lighting, guarding and watching of the Works until completion and taking over under clause 10 [Employer's Taking Over]; and (e) provide any Temporary Works (including roadways, footways, guards and fences) which may be necessary, because of the execution of the Works, for the use and protection of the public and of owners and occupiers of adjacent land.

  • Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who ▇▇▇ may contact if there are any data security concerns or questions.