Data Security Requirements Compliance Clause Samples

The Data Security Requirements Compliance clause mandates that parties adhere to specific standards and protocols for protecting sensitive data. Typically, this clause outlines the technical and organizational measures that must be implemented, such as encryption, access controls, and regular security audits, and may reference compliance with laws like GDPR or industry standards like ISO 27001. Its core function is to ensure that all parties maintain a high level of data security, thereby reducing the risk of data breaches and ensuring legal and contractual obligations regarding data protection are met.
Data Security Requirements Compliance. (i) Customer represents and warrants that it is, and during the Term of this Agreement will remain, in compliance with all applicable material Data Security Requirements at its expense. (ii) Without liability, FDMS has the right to withhold Services, in whole or in part, and immediately suspend connectivity to the FDMS System with respect to Customer, any of Customer’s Merchants, or any of Customer’s or its Merchants’ agents or third party service providers if Customer, such Merchant, or such agent or third party service provider, as applicable, is not in compliance with all applicable Data Security Requirements until Customer, such Merchant, or such agent and third party service provider, as applicable, is in compliance with all applicable Data Security Requirements. If FDMS withholds Services or suspends connectivity pursuant to this Section 11.2(b)(ii), FDMS will give prompt notice of such to Customer. (iii) In addition to the obligations set forth in Exhibit E of this Agreement, Customer shall indemnify and hold FDMS harmless from and against any and all Claims to the extent that the Claim is caused by, relates to or arises out of (1) any security breach in or intrusion into Customer’s computer system, or (2) the actual loss or theft of any of its information or records containing Cardholder or Transaction Card data or any bank account information of a payee or payor that is generated or stored by, or on behalf of, Customer. (iv) As promptly as possible after it first obtains knowledge thereof, Customer shall notify FDMS of any security breach or data compromise of Customer’s computer system or the computer system of any of its Merchants or any of Customer’s or its Merchants’ agents or third party service providers. As promptly as possible after it first obtains knowledge thereof, Customer shall notify FDMS of any suspected or actual loss or theft of any information or records containing Cardholder or Transaction Card data or any bank account information of a payee or payor that is generated or stored by, or on behalf of, Customer, any of its Merchants, or any of Customer’s or its Merchants’ agents or third party service providers.
View SourceView Similar (4)
Data Security Requirements Compliance. FDMS represents and warrants that it is, and during the Term of this Agreement will remain, in compliance with all applicable material Data Security Requirements at its expense. (ii) In addition to the obligations set forth in Exhibit E of this Agreement, FDMS shall indemnify and hold Customer harmless from and against any and all liabilities, claims, suits, damages, losses, costs and expenses, including any fines, penalties, reasonable attorney fees and costs of settlement, whether third party claims, indemnity claims or otherwise (“collectively, “Claims”) to the extent that the Claim is caused by, relates to or arises out of (1) any security breach in or intrusion into FDMS’s computer system, or (2) the actual loss or theft of any of Customer’s information or records containing Cardholder or Transaction Card data or any bank account information of a payee or payor that is generated or stored by, or on behalf of, FDMS. FDMS shall not have any liability for any Claim to the extent such Claim is caused by, relates to or arises out of any security breach in the computer system of Customer, Customer’s Merchants, or Customer’s or its Merchants’ agents or third party service providers, or the actual loss or theft of any information or records containing Cardholder or Transaction Card data or any bank account information of a payee or payor that is generated or stored by, or on behalf of, Customer, Customer’s Merchants, or Customer’s or its Merchants’ agents or third party service providers.
View Source
Data Security Requirements Compliance. Customer represents and warrants that it is, and during the Term of this Agreement will remain, in compliance with all applicable material Data Security Requirements at its expense. (ii) Without liability, FDMS has the right to withhold Services, in whole or in part, and immediately suspend connectivity to the FDMS System with respect to Customer, any of Customer’s Merchants, or any of Customer’s or its Merchants’ agents or third party service providers if Customer, such Merchant, or such agent or third party service provider, as applicable, is not in compliance with all applicable Data Security Requirements until Customer, such Merchant, or such agent and third party service provider, as applicable, is in compliance with all applicable Data Security Requirements. If FDMS withholds Services or suspends connectivity pursuant to this Section 11.2(b)(ii), FDMS will give prompt notice of such to Customer. (iii) In addition to the obligations set forth in Exhibit E of this Agreement, Customer shall indemnify and hold FDMS harmless from and against any and all Claims to the extent that the Claim is caused by, relates to or arises out of (1) any security breach in or intrusion into Customer’s computer system, or (2) the actual loss or theft of any of its information or records containing Cardholder or Transaction Card data or any bank account information of a payee or payor that is generated or stored by, or on behalf of, Customer.
View Source

Related to Data Security Requirements Compliance

  • Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).

  • Federal Medicaid System Security Requirements Compliance Party shall provide a security plan, risk assessment, and security controls review document within three months of the start date of this Agreement (and update it annually thereafter) in order to support audit compliance with 45 CFR 95.621 subpart F, ADP System Security Requirements and Review Process.

  • Facility Requirements 1. Maintain wheelchair accessibility to program activities according to governing law, including the Americans With Disabilities Act (ADA), as applicable. 2. Provide service site(s) that will promote attainment of Contractor’s program objectives. Arrange the physical environment to support those activities. 3. Decrease program costs when possible by procuring items at no cost from County surplus stores and by accepting delivery of such items by County.

  • New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.

  • Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.