Common use of Security and Data Management Clause in Contracts

Security and Data Management. 8.1 Signatories to this protocol must ensure they have adequate security arrangements in place to protect the integrity and confidentiality of the information held. 8.2 Signatory agencies agree that personal information disclosed must: (a) not be emailed over internet links without appropriate protection, where this is practical. (b) be protected by back-up rules. (c) when stored on a computer system, it must be password protected with provisions to ensure system security. (d) paper copies must be stored securely. (e) be located in a geographically secure environment. (f) not be inputted/accessed without industry standard security devices as defined by BS7666. 8.3 Each partner agrees that where practicable information shared under this Protocol will be processed using the Empowering-Communities Inclusion & Neighbourhood management System (“E-CINS”). 8.4 Each partner will be responsible for agreeing and implementing their own organisation’s retention policy to ensure the secure disposal of information in accordance with best practice and statutory obligations as referred to in paragraph 7.6 above. 8.5 Signatory agencies understand that all these measures need to be taken to ensure the security of our partners and to protect the general public. 8.6 The parties undertake to regularly, but at least annually, audit their processes under this Protocol to ensure that its requirements are being met.