Common use of Security and Data Management Clause in Contracts

Security and Data Management. a) At Live2bfit Pty Ltd., data is stored in secure databases within the Live2bfit Pty Ltd.’s managed server framework. User access is managed by named user identification authorised by the relevant manager or nominated officer and on receipt of an emailed security and data protection agreement. It is backed up on a daily basis and the system is fully recoverable. b) At the School, data is stored in its own secure database and server. It is backed up on a daily basis and the system is fully recoverable. Access to the data is password protected with access privileges extended to the senior team and to those operational staff whose role is to keep the system up to date or manage the ICT aspect of the system. Access to particular sets of data is restricted on a need to know basis. Although all passwords are maintained by the ICT manager they are confidential to the user, with separate unique passwords being required for access to confidential systems. c) Where applicable, data will be transferred as a secure, encrypted password protected file via the Internet where appropriate. There will be no paper or email transfer of data. d) Data at individual level will be deleted according to record management protocols following use. Aggregated data will be held as long as they are of use to the respective parties. At the school data, which is not retained for legal reasons, is destroyed using file-shredding software when no longer required.

Security and Data Management. a) At Live2bfit Pty DT Attendance Consultancy Ltd., data is stored in secure databases within the Live2bfit Pty DT Attendance Consultancy Ltd.’s managed server framework. User access is managed by named user identification authorised by the relevant manager or nominated officer and on receipt of an emailed security and data protection agreement. It is backed up on a daily basis and the system is fully recoverable. b) At the The School, data is stored in its own secure database and server. It is backed up on a daily basis and the system is fully recoverable. Access to the data is password protected with access privileges extended to the senior team and to those operational staff whose role is to keep the system up to date or manage the ICT aspect of the system. Access to particular sets of data is restricted on a need to know basis. Although all passwords are maintained by the ICT manager they are confidential to the user, with separate unique passwords being required for access to confidential systems. c) Where applicable, data will be transferred as a secure, encrypted password protected file via the Internet where appropriate. There will be no paper or email transfer of data. d) Data at individual level will be deleted according to record management protocols following use. Aggregated data will be held as long as they are of use to the respective parties. At the school data, which is not retained for legal reasons, is destroyed using file-shredding software when no longer required.