Data Security Program Sample Clauses

Data Security Program. (a) The Supplier will maintain and comply with a comprehensive Security Program that conforms to (a) VITA Rules, including all VITA Rules comprising the then-current Commonwealth security procedures, including those found at: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/resources/vita-rules/ or successor URL(s), and (b) the Federal Information Security Management Act (or FISMA), 44 U.S.C. § 3541, et seq., and any other applicable Laws, and (c) Exhibit 2.1
View SourceView Similar (3)
Data Security Program. Service Provider shall maintain a documented security program that has reasonable administrative, technical, and physical safeguards that are commensurate with the laws and industry standards relevant to Service Provider’s business activities and protects AbbVie Data according to its sensitivity. The minimum standards for Service Provider’s security controls that shall apply to the Services are set forth in Schedule A (AbbVie Third Party Security Controls).
View SourceView Similar (2)
Data Security Program. Company will maintain a comprehensive written information security program that includes technical, physical, and administrative/organizational safeguards designed to (i) ensure the security and confidentiality of Ministerio de Hacienda Data and Personal Data, (H) protect against any anticipated threats or hazards to the security and integrity of Ministerio de Hacienda Data and of Personal Data, (Hi) protect against any actual or suspected unauthorized processing, loss, or acquisition of any Ministerio de Hacienda Data and any Personal Data, and (iv) ensure the proper disposal of Ministerio de Hacienda Data and Personal Data. Company will ensure that such program satisfies all of the requirements set forth in this Exhibit B and that Company complies with all such requirements, as well as any other written information security policies, procedures, and guidelines that are applicable to the Services. As used in this Exhibit B, the terms "systems", "information systems", and the like, include all information technology systems and all other Technology. Capitalized terms used but not defined in this Exhibit B will have the meanings set forth in the MSA.
View SourceView Similar (2)
Data Security Program. ACS shall at all times maintain in effect a comprehensive data security program that includes reasonable and appropriate technical, organizational and physical security measures designed to protect against the destruction, loss, unauthorized access and/or alteration of data, including Symetra Data, in ACS’ possession, and which shall be: (a) no less rigorous than those measures maintained (or required to be maintained) by Symetra as of the Restatement Date (or required or implemented by Symetra in the future); (b) no less rigorous than those measures maintained by ACS for its own information of a similar nature; (c) no less rigorous than those measures that generally are implemented by providers of outsourcing services; and (d) compliant with all Symetra policies and procedures with which Symetra advises ACS it is required to comply (provided that ACS’ compliance with any such Symetra policies and procedures that are implemented and/or modified following the Restatement Date shall be effected through the Change Management Procedures), including those relating to the privacy, security, preservation and retention of data. The content and implementation of such data security program and associated technical, organizational and security measures shall be fully documented by ACS in the Service Delivery Reference Manual. From time to time, but not less frequently than annually, ACS proactively shall provide to Symetra information regarding industry-leading security best practices and ACS’ recommendations for implementing any of such practices. If Symetra wants to implement any of such practices, the Parties shall do so in accordance with the Change Management Procedures.
View SourceView Similar (2)
Data Security Program. Vendor shall maintain in effect at all times a comprehensive data security program that includes reasonable and appropriate administrative, technical and physical security measures designed to detect, prevent and mitigate the risk of identity theft and protect against the destruction, loss, unauthorized access, disclosure, use and/or alteration of data (whether or not encrypted), including but not limited to Confidential Information, Customer Data, and Data, in Vendor's possession or under Vendor's control, and which shall be no less rigorous than those measures that are required to be maintained by Vendor to comply with applicable Laws and Regulations, including but not limited to, the current State of Washington Office of the Chief Information Officer (OCIO) IT Security Standards (OCIO 141.10) relating to Securing Information Technology Assets Standards, and shall ensure that all such safeguards, including the manner in which Confidential Information, Customer Data, and Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Contract. At WSDOT’s request, Vendor will provide the data security program to WSDOT for its review, and WSDOT shall have the right to provide feedback and comment on Vendor's data security program. If Vendor recommends certain security features that WSDOT does not approve, the matter will be escalated to the WSDOT and Vendor Contracting Officers for final resolution.
View Source
Data Security Program. Administrator has in place and shall maintain (and shall provide in summary format via Administrator’s due diligence package to Company upon Company’s reasonable request) a written comprehensive data security program, which shall include reasonable and appropriate administrative, physical, and technical safeguards and security measures (including, but not limited to, encryption, where appropriate or required by law) designed to (i) ensure the security and confidentiality of all Company Data, (ii) protect against any anticipated threats or hazards to the security or integrity of such data, (iii) protect against unauthorized access or use of such data, and (iv) prevent the destruction, loss or alteration of Company Data in the possession of; and which is and shall be no less rigorous than those maintained by Administrator for its own information of a similar nature (such written data security program, the “Data Security Program”). The Data Security Program (including any “cloud-based” product/service offering of the Service Provider) shall incorporate appropriate security measures to protect Company Data consistent with applicable federal and state laws.
View Source
Data Security Program. Company will maintain a comprehensive written information security program that includes technical, physical, and administrative/organizational safeguards designed to (i) ensure the security and confidentiality of Republic Data and Personal Data, (ii) protect against any anticipated threats or hazards to the security and integrity of Republic Data and of Personal Data, (iii) protect against any actual or suspected unauthorized processing, loss, or acquisition of any Republic Data and any Personal Data, and (iv) ensure the proper disposal of Republic Data and Personal Data. Company will ensure that such program satisfies all of the requirements set forth in this Exhibit B and that Company complies with all such requirements, as well as any other written information security policies, procedures, and guidelines that are applicable to the Services. As used in this Exhibit B, the terms "systems", "information systems", and the like, include all information technology systems and all other Technology. Capitalized terms used but not defined in this Exhibit B will have the meanings set forth in the MSA.
View Source
Data Security Program. The Center shall implement maintain and comply with komplexní programy, praktiky a postupy pro zabezpečení informací a sítí, které upravují provádění Studie (souhrnně „Program zabezpečení údajů“), které: (i) splňují současné nejlepší standardy v oboru; a (ii) jsou v souladu se všemi Platnými zákony o ochraně osobních údajů a zabezpečení údajů. Centrum písemně zdokumentuje svůj Program zabezpečení údajů a na vyžádání CRO nebo Zadavatele zpřístupní tyto dokumenty CRO nebo Zadavateli ke kontrole. Centrum bude udržovat svůj Program zabezpečení údajů aktuální. comprehensive information and network security programs, practices and procedures that govern the conduct of the Study (collectively, “Data Security Program”) that: (i) meets current best industry standards; and (ii) complies with all Applicable Privacy and Data Security Laws. The Center shall document its Data Security Program in written form and shall make those documents available to CRO or Sponsor for review upon CRO’s or Sponsor’s request. The Center shall keep its Data Security Program current and up- to-date.
View Source
Data Security Program. Provider shall maintain through the Term of the Agreement a comprehensive written data security program (“Data Security Program”) that satisfies the requirements under this Section 3. Without limiting the generality of Section 3.3, Provider’s Data Security Program must, at a minimum, comply with the most recently published version of the Center for Internet Security’s Critical Security Controls for Effective Cyber Defense (IG3), and provide for: (a) protection of business facilities, paper files, servers, computing equipment, including all mobile devices and other equipment with information storage capability, and backup systems containing any Company Personal Data; (b) network, application (including databases) and platform security; (c) business systems segmentation designed to optimize security; (d) secure transmission and storage of Company Personal Data (whether by strong encryption or other equally protective measures); (e) authentication and access control mechanisms (including strong password management practices); and (f) personnel security and integrity requirements. Provider shall provide annual training to personnel and subcontractors on how to comply with the Provider’s Data Security Program. Provider shall regularly test and monitor the effectiveness of its Data Security Program and shall evaluate and adjust its Data Security Program in light of the results of such testing and monitoring. Provider shall notify Company of: (i) any material changes to its Data Security Program, and (ii) any other changes that may have a material effect on its Data Security Program.
View Source

Related to Data Security Program

  • Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who ▇▇▇ may contact if there are any data security concerns or questions.

  • Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.

  • Safety and Security Procedures Contractor shall maintain and enforce, at the Contractor Work Locations, industry-standard safety and physical security policies and procedures. While at each JBE Work Location, Contractor shall comply with the safety and security policies and procedures in effect at such JBE Work Location.