Security Policies. Vendor will maintain written security policies that are fully implemented and applied to the processing of Personal Data. At a minimum, these policies must include assignment of internal responsibility for information security management, devoting adequate personnel resources to information security, carrying out appropriate background checks on permanent staff who will have access to the Personal Data, requiring employees, vendors and others with access to Personal Data to enter into written confidentiality agreements, and conducting training to make employees and others with access to the Personal Data aware of information security risks presented by the processing.
Appears in 4 contracts
Sources: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement