Data Privacy and Information Security Program. Without limiting Agency’s obligation of confidentiality as further described herein, Agency shall be responsible for establishing and maintaining a data privacy and information security program, including physical, technical, administrative, and organizational safeguards, that is designed to: (i) ensure the security and confidentiality of the City Data; (ii) protect against any anticipated threats or hazards to the security or integrity of the City Data; (iii) protect against unauthorized disclosure, access to, or use of the City Data; (iv) ensure the proper disposal of City Data; and, (v) ensure that all of Agency’s employees, agents, and subcontractors, if any, comply with all of the foregoing. In no case shall the safeguards of Agency’s data privacy and information security program be less stringent than the safeguards and standards recommended by the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Health Information Technology for Economic and Clinical Health Act (HITECH).
Appears in 4 contracts
Samples: Grant Agreement, www.stoplhhdownsize.com, www.stoplhhdownsize.com
