Information Security Safeguards. Partner Organization shall, at all times that it accesses, stores, transmits, maintains or processes Confidential District Information have in place reasonable and appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of such information. These industry standard controls will include at a minimum: access controls, including multifactor authentication to the systems and accounts which will house the Student Records; audit records; malware and virus protection; system, network, computer, and application protections; employee training as to cybersecurity threats; and encryption of all data at rest, including on any device or system including USB drive, internal or removable hard drive, or any cloud-based platform; and, encryption of all data in transit, including the transfer of any data via email or to/from cloud storage platform. Any encryption processes or procedures shall meet the requirements of Federal Information Processing Standard 140-2.
Appears in 3 contracts
Sources: Data Protection Agreement, Data Protection Agreement, Data Protection Agreement