SOV Cybersecurity Standard 2022-01 Clause Samples

The SOV Cybersecurity Standard 2022-01 clause establishes baseline cybersecurity requirements that parties must adhere to when handling sensitive data or operating within a digital environment. It typically outlines specific technical and organizational measures, such as encryption protocols, access controls, and incident response procedures, that must be implemented to protect against cyber threats. By setting clear expectations for cybersecurity practices, this clause helps ensure data integrity and confidentiality, reducing the risk of breaches and clarifying each party’s responsibilities in maintaining a secure information environment.
SOV Cybersecurity Standard 2022-01. Contractor confirms that all products and services provided to or for the use of the State under this Agreement shall be in compliance with State of Vermont Cybersecurity Standard Update 2022-01, which prohibits the use of certain branded products in State information systems or any vendor system that is supporting State information systems, and is available on-line at: ▇▇▇▇▇://▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇▇▇▇▇.▇▇▇/cybersecurity/cybersecurity-standards-and-directives.
View SourceView Similar (12)
SOV Cybersecurity Standard 2022-01. All products and service provided to or for the use of the State under this Contract shall be in compliance with State of Vermont Cybersecurity Standard 2022-01, which Contractor acknowledges has been provided to it, and is available on-line at the following URL: ▇▇▇▇▇://▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇▇▇▇▇.▇▇▇/cybersecurity/cybersecurity-standards-and- directives SOV CONTRACT No. 44269 CONTRACT EFFECTIVE DATE: _October 1, 2022 THIS BUSINESS ASSOCIATE AGREEMENT (“AGREEMENT”) IS ENTERED INTO BY AND BETWEEN THE STATE OF VERMONT AGENCY OF HUMAN SERVICES, OPERATING BY AND THROUGH ITS DEPARTMENT OF VERMONT HEALTH ACCESS (“COVERED ENTITY”) AND PARTY IDENTIFIED IN THIS AGREEMENT AS CONTRACTOR OR GRANTEE ABOVE (“BUSINESS ASSOCIATE”). THIS AGREEMENT SUPPLEMENTS AND IS MADE A PART OF THE CONTRACT OR GRANT (“CONTRACT OR GRANT”) TO WHICH IT IS ATTACHED. Covered Entity and Business Associate enter into this Agreement to comply with the standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the Standards for the Privacy of Individually Identifiable Health Information, at 45 CFR Parts 160 and 164 (“Privacy Rule”), and the Security Standards, at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act (HITECH), and any associated federal rules and regulations.
View Source

Related to SOV Cybersecurity Standard 2022-01

  • NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.

  • Security Standards The Provider shall implement and maintain commercially reasonable security procedures and practices that otherwise meet or exceed industry standards designed to protect Student Data from unauthorized access, destruction, use, modification, or disclosure, including but not limited to the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of the Student Data (a "Security Breach"). For purposes of the DPA and this Exhibit G, "Security Breach" does not include the good faith acquisition of Student Data by an employee or agent of the Provider or LEA for a legitimate educational or administrative purpose of the Provider or LEA, so long as the Student Data is used solely for purposes permitted by SOPPA and other applicable law, and so long as the Student Data is restricted from further unauthorized disclosure.

  • Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.

  • Vlastnictví Zdravotnické zařízení si ponechá a bude uchovávat Zdravotní záznamy. Zdravotnické zařízení a Zkoušející převedou na Zadavatele veškerá svá práva, nároky a tituly, včetně práv duševního vlastnictví k Důvěrným informacím (ve smyslu níže uvedeném) a k jakýmkoli jiným Studijním datům a údajům.

  • STATEWIDE CONTRACT MANAGEMENT SYSTEM If the maximum amount payable to Contractor under this Contract is $100,000 or greater, either on the Effective Date or at any time thereafter, this section shall apply. Contractor agrees to be governed by and comply with the provisions of §§▇▇-▇▇▇-▇▇▇, ▇▇-▇▇▇-▇▇▇, ▇▇-▇▇▇-▇▇▇, and ▇▇- ▇▇▇-▇▇▇, C.R.S. regarding the monitoring of vendor performance and the reporting of contract information in the State’s contract management system (“Contract Management System” or “CMS”). Contractor’s performance shall be subject to evaluation and review in accordance with the terms and conditions of this Contract, Colorado statutes governing CMS, and State Fiscal Rules and State Controller policies.