SECURE PROTECTION AND HANDLING OF STATE DATA Clause Samples

The "Secure Protection and Handling of State Data" clause establishes requirements for safeguarding and managing data owned or provided by the state. It typically mandates that contractors or service providers implement specific security measures, such as encryption, access controls, and regular audits, to prevent unauthorized access, disclosure, or loss of sensitive information. This clause ensures that state data is handled responsibly and securely, thereby minimizing the risk of data breaches and maintaining public trust in the state's data management practices.
SECURE PROTECTION AND HANDLING OF STATE DATA. 29.1. If Contractor is given State Data as part of this Contract, the protection of State Data shall be an integral part of the business activities of Contractor to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Contractor is given State Data, Contractor shall safeguard the confidentiality, integrity, and availability of the State Data. Contractor agrees to not to copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contract. The improper use or disclosure of confidential information is strictly prohibited. 29.2. Any and all transmission or exchange of State Data shall take place via secure means. Contractor shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. Contractor agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designated, network firewall provisioning, and intrusion detection. Contractor agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. Contractor shall: (a) limit disclosure of any State Data to Authorized Person who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract relates, and only for that purpose; (b) advise its Authorized Persons of the proprietary nature of 29.4. Contractor will promptly notify the Department of any misuse or misappropriation of State Data that comes to Contractor’s attention. Contractor shall be responsible for any breach of this duty of confidentiality by any of their officers, agents, subcontractors at any tier, and any of their respective representatives, including any required remedies and/or notifications under applicable law (Utah Code ▇▇▇. §§ ▇▇-▇▇-▇▇▇ through 301). This duty of confidentiality shall be ongoing and survive the term of the Contract. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall take precedence.
View SourceView Similar (45)
SECURE PROTECTION AND HANDLING OF STATE DATA. 29.1. If Subrecipient is given State Data as part of this Contract, the protection of State Data shall be an integral part of the business activities of Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. Subrecipient agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contract. The improper use or disclosure of confidential information is strictly prohibited. 29.2. Any and all transmission or exchange of State Data shall take place via secure means. Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designated, network firewall provisioning, and intrusion detection. Subrecipient agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. Subrecipient shall: (a) limit disclosure of any State Data to Authorized Person who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract relates, and only for that purpose; (b) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract and require such Authorized Persons to keep the State Data confidential; (c) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (d) not disclose any State Data received by it to any third parties, except as permitted by the Contract or otherwise agreed to in writing by the Department. 29.4. Subrecipient will promptly notify the Department of any misuse or misappropriation of State Data that comes to Subrecipient’s attention. Subrecipient shall be responsible for any breach of this duty of confidentia...
View SourceView Similar (18)
SECURE PROTECTION AND HANDLING OF STATE DATA. If Contractor is given access to State Data, the protection of State Data shall be an integral part of the business activities of Contractor, and Contractor shall ensure that there is no inappropriate or unauthorized use of State Data. Contractor shall safeguard the confidentiality, integrity, and availability of the State Data and comply with the conditions outlined below. The Eligible User reserves the right to verify Contractor’s adherence to the following conditions to ensure they are met: Network Security: Contractor shall maintain network security that, at a minimum, includes: network firewall provisioning, intrusion detection, and regular third-party penetration testing. Contractor shall maintain network security and ensure that Contractor network security policies conform to one of the following: Those standards the State of Utah applies to its own network, found outlined in DTS Policy 5000-0002 Enterprise Information Security Policy; Current standards set forth and maintained by the National Institute of Standards and Technology, includes those at: ▇▇▇▇://▇▇▇▇▇▇▇.▇▇▇▇.▇▇▇/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf; or Any generally recognized comparable standard that Contractor then applies to its own network and pre-approved by the Eligible User in writing. State Data Security: Contractor shall protect and maintain the security of State Data with protection that is at least as good as or better than that maintained by the State of Utah which will be provided by an Eligible User upon Contractor’s request (DTS Policy 5000-0002). These security measures included but are not limited to maintaining secure environments that are patched and up to date with all appropriate security updates as designated (ex. Microsoft Notification). The Eligible User reserves the right to determine if Contractor’s level of protection meets the Eligible User’s security requirements. State Data Transmission: Contractor shall ensure all transmission or exchange of system application data with the Eligible User and State of Utah and/or any other parties expressly designated by the State of Utah, shall take place via secure means (ex. HTTPS or FTPS).
View SourceView Similar (12)
SECURE PROTECTION AND HANDLING OF STATE DATA. If Contractor is given access to State Data, the protection of State Data shall be an integral part of the business activities of Contractor, and Contractor shall ensure that there is no inappropriate or unauthorized use of State Data. Contractor shall safeguard the confidentiality, integrity, and availability of the State Data and comply with the conditions outlined below. The Eligible User reserves the right to verify Contractor’s adherence to the following conditions to ensure they are met:
View SourceView Similar (11)
SECURE PROTECTION AND HANDLING OF STATE DATA. 29.1. If the Contractor is given access to or stores State Data as part of this contract, the protection of State Data must be an integral part of the business activities of the Contractor to ensure that there is no inappropriate or unauthorized use of State Data. The Contractor shall safeguard the confidentiality, integrity, and availability of the State Data. The Contractor agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of this contract. The improper use or disclosure of confidential information is strictly prohibited. 29.2. Any and all transmission or exchange of State Data must take place via secure means. The Contractor shall create, store, and maintain any State Data on secure or encrypted computing devices or portable storage mediums. The Contractor agrees to protect and maintain the security of State Data with security measures including, but not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates, network firewall provisioning, and intrusion detection. The Contractor agrees that any computing device or portable medium that has access to DHHS’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. The Contractor shall: (i) limit disclosure of any State Data to Authorized Persons who have a need to know such information in connection with the current or contemplated business relationship between the parties to which this contract relates, and only for that purpose;
View SourceView Similar (2)
SECURE PROTECTION AND HANDLING OF STATE DATA. If Contractor is given State Data as part of this Contract, the protection of State Data shall be an integral part of the business activities of Contractor to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Contractor is given State Data, Contractor shall safeguard the confidentiality, integrity and availability of the State Data and comply with the following conditions: Network Security: Contractor agrees at all times to maintain network security that - at a minimum - includes: network firewall provisioning, intrusion detection, and regular third party penetration testing. Contractor also agrees to maintain network security that conforms to one of the following: (1) Those standards the State of Utah applies to its own network, found outlined in DTS Policy 5000-0002 Enterprise Information Security Policy (copy available upon request); (2) Current standards set forth and maintained by the National Institute of Standards and Technology, includes those at: ▇▇▇▇://▇▇▇▇▇▇▇.▇▇▇▇.▇▇▇/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf; or (3) Any generally recognized comparable standard that Contractor then applies to its own network and approved by DTS in writing. State Data Security: Contractor agrees to protect and maintain the security of State Data with protection that is at least as good as or better than that maintained by the State of Utah. These security measures included but are not limited to maintaining secure environments that are patched and up to date with all appropriate security updates as designated (ex. Microsoft Notification).
View Source
SECURE PROTECTION AND HANDLING OF STATE DATA. If Contractor is given access to Data, the protection of Data shall be an integral part of the business activities of Contractor, and Contractor shall ensure that there is no inappropriate or unauthorized use of Data. Contractor shall safeguard the confidentiality, integrity, and availability of the Data and comply with the conditions outlined below. USBE reserves the right to verify Contractor’s adherence to the following conditions to ensure they are met.
View Source

Related to SECURE PROTECTION AND HANDLING OF STATE DATA

  • Freedom of Information and Protection of Privacy Act Any information provided on this contract may be subject to release under the Freedom of Information and Protection of Privacy Act. The Contractor may be consulted prior to release of any information.

  • System Protection To prevent compromise of systems which contain DSHS Data or through which that Data passes: a. Systems containing DSHS Data must have all security patches or hotfixes applied within 3 months of being made available. b. The Contractor will have a method of ensuring that the requisite patches and hotfixes have been applied within the required timeframes. c. Systems containing DSHS Data shall have an Anti-Malware application, if available, installed. d. Anti-Malware software shall be kept up to date. The product, its anti-virus engine, and any malware database the system uses, will be no more than one update behind current.

  • Introduction and Statement of Policy The National Institutes of Health (NIH) has established NIH-designated data repositories (e.g., database of Genotypes and Phenotypes (dbGaP), Sequence Read Archive (SRA), NIH Established Trusted Partnerships) for securely storing and sharing controlled-access human data submitted to NIH under the NIH Genomic Data Sharing (GDS)

  • DATA PROTECTION AND SECURITY 14.1 The Supplier must not remove any ownership or security notices in or relating to the Government Data. 14.2 The Supplier must make accessible back-ups of all Government Data, stored in an agreed off-site location and send the Buyer copies via secure encrypted method upon reasonable request. 1 ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/ppn-0223-tackling-modern-slavery-in-government-supply-chains 14.3 The Supplier must ensure that any Supplier, Subcontractor, or Subprocessor system holding any Government Data, including back-up data, is a secure system that complies with the security requirements specified in the Order Form or otherwise in writing by the Buyer (where any such requirements have been provided). 14.4 If at any time the Supplier suspects or has reason to believe that the Government Data is corrupted, lost or sufficiently degraded, then the Supplier must immediately notify the Buyer and suggest remedial action. 14.5 If the Government Data is corrupted, lost or sufficiently degraded so as to be unusable the Buyer may either or both: 14.5.1 tell the Supplier to restore or get restored Government Data as soon as practical but no later than 5 Working Days from the date that the Buyer receives notice, or the Supplier finds out about the issue, whichever is earlier; and/or 14.5.2 restore the Government Data itself or using a third party. 14.6 The Supplier must pay each Party's reasonable costs of complying with clause 14.5 unless the Buyer is at fault.