Privacy and Security Requirements. The Parties are required to protect the CMHC Information in accordance with applicable direction and guidelines from the Treasury Board of Canada (“TBS”), or their equivalent in the case of the Contractor, with respect to the protection of “Protected B” data, including guidance from CSE (ITSG‐33) which aligns with the ISO 27001 framework. Further as a federal government institution, the Contractor acknowledges that CMHC is subject to the Access to Information Act (Canada) and the Privacy Act (Canada) and therefore the Contractor agrees to submit to whatever measures are necessary in order to ensure that CMHC can comply with these laws and their related regulations, policies, and directives (“ATIP Legislation”). As such, the Contractor agrees: (i) to protect any Personal Information that it may access from CMHC Information provided through this Agreement in a manner that is compatible with provisions of ATIP Legislation; and (ii) will ensure that it has in place appropriate privacy protection measures to safeguard all CMHC Information that it has access to under this Agreement. More specifically, Contractor shall, as required by the provisions of Article VII of this Agreement, comply with the security requirements described below at all times:
Appears in 1 contract
Sources: Services Agreement
Privacy and Security Requirements. The Parties parties to the CPTA Agreement are required to protect the CMHC Confidential Information in accordance with applicable direction and guidelines from the Treasury Board of Canada (“TBS”)Canada, or their equivalent in the case of the ContractorCPTA, with respect to the protection of “Protected B” data, including guidance from CSE (ITSG‐33ITSG-33) which aligns with the ISO 27001 framework. Further as a federal government institution, the Contractor CPTA acknowledges that CMHC is subject to the Access to Information Act (Canada) and the Privacy Act (Canada) and therefore the Contractor CPTA agrees to submit to whatever reasonable measures are necessary in order to ensure that CMHC can comply with these laws and their related regulations, policies, and directives (“ATIP Legislation”). As such, the Contractor CPTA agrees: (i) to protect any Personal Information that it may access from CMHC Information provided through the course of providing CPTA Services under this CPTA Agreement in a manner that is compatible with provisions of ATIP Legislation; and (ii) will ensure that it has in place appropriate privacy protection measures to safeguard all CMHC the Confidential Information that it has access to under this CPTA Agreement. More specifically, Contractor the CPTA shall, as required by the provisions of Article VII of this Agreement, comply with the security requirements described below at all times:Sections 5.1 and
Appears in 1 contract