Common use of INFORMATION TECHNOLOGY, SECURITY AND PRIVACY REQUIREMENTS Clause in Contracts

INFORMATION TECHNOLOGY, SECURITY AND PRIVACY REQUIREMENTS. ‌ 9.17.1 In the course of completing the Work and providing Services under this Subaward, Subrecipient shall use any Information Technology Systems (ITS) as designated by County. This Subparagraph 9.17 sets forth the requirements for the ITS which Subrecipient shall use. This Subparagraph 9.17 also sets forth the security procedures for these systems which Subrecipient shall have in place by the effective date of this Subaward and which Subrecipient shall maintain throughout the Subaward term. They present a minimum standard only. Subrecipient shall implement appropriate administrative, physical and technical measures to secure its systems and data to protect and ensure the privacy, confidentiality, integrity and availability of County Information Assets as defined in Subparagraph 9.17.5 (County Information Assets) (which consists of but is not limited to confidential County data, Personally Identifiable Information, Protected Health Information and Medical Information) against internal and external threats, vulnerabilities and risks. Subrecipient shall also continuously review and revise those measures to address ongoing threats, vulnerabilities and risks. 9.17.2 Subrecipient's failure to comply with the minimum standards set forth herein will constitute a material, non-curable breach of this Subaward, entitling County, in addition to and cumulative of all other remedies available to it at law, in equity, or under this Subaward, to immediately terminate this Subaward.

INFORMATION TECHNOLOGY, SECURITY AND PRIVACY REQUIREMENTS. ‌ 9.17.1 In the course of completing the Work and providing Services under this Subaward, Subrecipient shall use any Information Technology Systems (ITS) as designated by County. This Subparagraph 9.17 sets forth the requirements for the ITS which Subrecipient shall use. This Subparagraph 9.17 also sets forth the security procedures for these systems which Subrecipient shall have in place by the effective date of this Subaward and which Subrecipient shall maintain throughout the Subaward term. They present a minimum standard only. Subrecipient shall implement appropriate administrative, physical and technical measures to secure its systems and data to protect and ensure the privacy, confidentiality, integrity and availability of County Information Assets as defined in Subparagraph 9.17.5 (County Information Assets) (which consists of but is not limited to confidential County data, Personally Identifiable Information, Protected Health Information and Medical Information) against internal and external threats, vulnerabilities and risks. Subrecipient shall also continuously review and revise those measures to address ongoing threats, vulnerabilities and risks. 9.17.2 Subrecipient's failure to comply with the minimum standards set forth herein will constitute a material, non-curable breach of this Subaward, entitling County, in addition to and cumulative of all other remedies available to it at law, in equity, or under this Subaward, to immediately terminate this Subaward.