Computer Security Safeguards Sample Clauses
The Computer Security Safeguards clause requires parties to implement and maintain appropriate measures to protect computer systems and data from unauthorized access, breaches, or other security threats. Typically, this involves using firewalls, encryption, secure passwords, and regular security audits to ensure sensitive information is kept safe. The core function of this clause is to reduce the risk of data breaches and cyberattacks, thereby protecting both parties’ confidential information and ensuring compliance with relevant data protection laws.
POPULAR SAMPLE Copied 1 times
Computer Security Safeguards. The Contractor agrees to comply with the general computer security safeguards, system security controls, and audit controls in this section. In order to comply with the following general computer security safeguards, the Contractor agrees to:
A. Encrypt portable computer devices, such as laptops and notebook computers that process and/or store Medi-Cal PII, with a solution using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution. One source of recommended solutions is specified on the California Strategic Sourced Initiative (CSSI) located at the following link: ▇▇▇.▇▇.▇▇▇.▇▇.▇▇▇/▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇▇. The Contractor shall use an encryption solution that is full-disk unless otherwise approved by DHCS.
B. Encrypt workstations where Medi-Cal PII is stored using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI.
C. Ensure that only the minimum necessary amount of Medi-Cal PII is downloaded to a laptop or hard drive when absolutely necessary for current business purposes.
D. Encrypt all electronic files that contain Medi-Cal PII when the file is stored on any removable media type device (i.e. USB thumb drives, floppies, CD/DVD, etc.) using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI.
E. Ensure that all emails sent outside the Contractor’s e-mail environment that include Medi-Cal PII are sent via an encrypted method using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution, such as products specified on the CSSI.
F. Ensure that all workstations, laptops and other systems that process and/or store Medi-Cal PII have a commercial third-party anti-virus software solution and are updated when a new anti-virus definition/software release is available. G.Ensure that all workstations, laptops and other systems that process and/or store Medi-Cal PII have current security patches applied and up-to-date.
Computer Security Safeguards. The Contractor agrees to comply with the general computer security safeguards, system security controls, and audit controls in this section. In order to comply with the following general computer security safeguards, the Contractor agrees to:
A. Encrypt portable computer devices, such as laptops and notebook computers that process and/or store Medi-Cal PII, with a solution using a vendor product that is recognized as an industry leader in meeting the needs for the intended solution. One source of recommended solutions is specified on the California Strategic Sourced Initiative (CSSI) located at the following link: ▇▇▇.▇▇.▇▇▇.▇▇.
Computer Security Safeguards. Requesting Program agrees to comply with the general computer security safeguards, system security controls, and audit controls in this section. General Computer Security Safeguards:
1. Encrypt portable computer devices, such as but not limited to laptops and notebook computers that process and/or store NJDOH data with a solution of using a product that is recognized as an industry leader in meeting the needs for the intended solution. Use an encryption solution that is full disk unless otherwise approved by NJDOH Information Security.
2. Encrypt workstations where NJDOH data is stored using a product that is recognized as an industry leader in meeting the needs for the intended solution.
3. Ensure that only the minimum necessary amount of NJDOH data is downloaded to a laptop or hard drive when necessary for current business purposes.
4. Encrypt all electronic files that contain NJDOH data when the file is stored on any removable media type device (i.e., USB thumb drives, floppies, CD/DVD, portable hard drives, etc.) using a product that is recognized as an industry leader in meeting the needs for the intended solution.
5. Ensure that all emails sent outside Requesting Program’s e-mail environment that include NJDOH data are sent via an encrypted method using a product that is recognized as an industry leader in meeting the needs of the intended solution.
6. Ensure that all workstations, laptops and other systems that process and/or store NJDOH data have a commercial third-party anti-virus software solution and are updated when a new ant-virus definition/software release is available.
7. Ensure that all workstations, laptops and other systems that process and/or store NJDOH data have current security patches applied and up to date.
8. Ensure that all NJDOH data is wiped from all systems and backups when the data is no longer legally required. Ensure in writing that the wipe method conforms to the US Department of Defense standards for data destruction.
9. Ensure that any remote access to NJDOH data is established over an encrypted session protocol using a product that is recognized as an industry leader in meeting the needs of the intended solution. Ensure all remote access is limited to minimum necessary and least privilege principles.