Technical Security Clause Samples

Technical Security. Encryption

Technical Security.  I understand that after completing work at a computer that has access to the Heart IS application, I will logoff from the computer. If I have to leave a computer unattended, I will logoff or use a password protected screen saver to prevent unauthorized access to the system.  I understand and agree that I am responsible for maintaining the confidentiality of my Heart IS user ID and password, and that any misuse of my user ID and password, intentional or unintentional, violates PHC and Heart IS Policy and this Agreement and could subject me to disciplinary, legal and/or other actions, including suspension or revocation of my access to the Heart IS application by CSBC.  I will be accountable for any access to Information performed using my Heart IS user ID and password. I will not share these with anyone else under any conditions. I will inform the Heart IS Administrator at my hospital immediately upon loss of my password or suspected disclosure of my password to another person.  I will treat all electronically stored Heart IS personal and confidential Information as strictly confidential and will ensure that they are kept in a secure location and not subject to access by unauthorized persons. I will not store Heart IS confidential and personal identifiable Information on the hard drive of a home computer or other personal computing device.  I understand that personal identifiable Information from the Heart IS application should only be stored on secure PHSA servers. If there is an essential business need to store personal identifiable Information on a mobile device the Information will be stored for the absolute minimum time required, the device will be password protected and the sensitive Information will be encrypted following PHC standards.  I will not knowingly open or send confidential or personal identifiable Information via email over a public network unless it is encrypted with encryption software that adheres to PHC policies.  I understand that I must not leave my device, device screen or any Heart IS personal and confidential Information in any place where unauthorized viewers can access it.  I understand that I must use proper data removal software/technology and practice to remove any identifiable personal health data/Information from mobile devices after it is no longer required for data transmission. By signing this Agreement, I acknowledge that I have read and understood the terms set out above. I further acknowledge that this Agreeme...

Technical Security. 3.1 Firewalls and anti-virus The systems are protected by firewalls, anti-virus software has been installed on relevant servers and the systems are protected against malicious code execution, in accordance with current industry standards.

Technical Security. In the event User Agency utilizes a computer system or network to store or transmit criminal justice information it shall implement or ensure implementation of the following technical security controls in order to safeguard criminal justice information received from DCIN: 1. Designate an individual within the User Agency as the Local Agency Security Officer (LASO). The LASO shall have the following duties: a. serve as a point-of-contact for the North Carolina Department of Justice Information Security Officer (ISO); b. identify who within the User Agency uses devices that access criminal justice information and ensure no unauthorized individuals, computer systems, or networks have access to these devices or their respective networks; c. ensure that personnel security screening measures are being followed in accordance with the current CJIS Security Policy; d. ensure that CJIS and SBI-approved security measures are in place and working properly; and e. support policy compliance and ensure the ISO is promptly informed of security incidents. 2. Protect the boundary of its networks and information system(s) by: a. controlling access to networks processing criminal justice information; b. monitoring and controlling communications at the external boundary of the information system and at key internal boundaries within the system; c. ensuring any connections to the Internet, other external networks, or information systems occur through controlled interface (e.g. proxies, gateways, routers, firewalls, encrypted tunnels); d. employing tools and techniques to monitor network events, detect attacks, and provide identification of unauthorized use; e. ensuring the operational failure of the boundary protection mechanisms do not result in any unauthorized release of information outside of the information system boundary (i.e. the device shall fail “close”); and f. allocating publicly accessible information system components (e.g. Web Servers) to separate sub networks with separate, network interfaces. Publicly accessible information systems residing on a virtual hot shall follow guidelines for virtualization set forth in the current version of the CJIS Security Policy. 3. Ensure proper encryption standards are met by: a. ensuring encryption is, at a minimum, 128-bit; b. ensuring criminal justice information is protected via cryptographic mechanisms (encryption) when transmitted outside the boundary of a physically secure location under the User Agency’s management and c...

Technical Security. Controls With respect to information technology infrastructure, servers, databases, or networks that Process Data, Supplier shall remain in alignment with industry security standards and shall use the following technical security controls where applicable (keeping them current by incorporating and using all updates commercially available): V.

Technical Security. Munters has adequate and sufficient anti-virus systems and firewalls in place.

Technical Security. Protection of personal data during transmission

Technical Security. The establishment of a method to communicate and/or push security patch updates for operating systems, software, and applications deployed in its environments. Critical patches and or updates must be deployed within thirty (30) days of release.

Technical Security. DS Security Engineering Officers (SEOs) will include post DOC offices in routine technical security countermeasures (TSCM) inspections of controlled access areas at post, where the technical threat warrants such routine inspections.