Data Security Plan Sample Clauses

A Data Security Plan clause outlines the requirements and procedures for protecting sensitive data handled under an agreement. It typically mandates that the parties implement specific security measures, such as encryption, access controls, and regular audits, to safeguard information from unauthorized access or breaches. This clause ensures that both parties are clear on their obligations to maintain data confidentiality and integrity, thereby reducing the risk of data loss or misuse.
Data Security Plan. The Contractor shall deliver and maintain a security incident plan in accordance with the criteria set forth in the Contractor’s privacy and security policy and shall implement the procedures required under such security incident plan on the occurrence of a Security incident, in compliance with the requirements of Texas Business and Commerce Code § 521.053 (“Notification Required Following Breach of Security of Computerized Data”). This plan shall be delivered in writing to the OAG within 14 Business Days following the award of this contract (Please refer to Form G Data Security Plan Outline). The contractor shall report, in writing, to the OAG any Security Incident within 24 hours after discovery. The report shall identify the nature of the event, a list of the affected individuals and the types of data, and the mitigation and investigation efforts of the Contractor. It shall also include the stages of the data security plan that has been implemented along with the next steps to mitigate the current and future risks. The contractor shall provide investigation updates to the OAG daily.
View SourceView Similar (3)
Data Security Plan. Please provide responses to the questions below. If further space is required, please use the final page.
View SourceView Similar (2)
Data Security Plan. Within a reasonable time after the Effective Date, State Street will implement, maintain and update a data security plan with respect to BTC Data provided to it that is consistent with the standards set forth in Exhibit E (which will include both physical and electronic measures) or, following the Effective Date, such other generally accepted industry standards as are reasonably likely to be as protective of BTC Data as Exhibit E, which standards shall be applicable to the parts within State Street that have access to BTC Data. Any changes to the safeguards in Exhibit E that are specifically designated as safeguards that State Street has agreed to adopt specifically for the BTC Recipients will require prior review and approval from the affected BTC Recipients, which approval shall not be unreasonably withheld.
View SourceView Similar (2)
Data Security Plan. Within a reasonable time after the Effective Date, State Street will implement, maintain and update a data security plan with respect to BGI Data provided to it that is consistent with the standards set forth in Exhibit E (which will include both physical and electronic measures) or, following the Effective Date, such other generally accepted industry standards as are reasonably likely to be as protective of BGI Data as Exhibit E, which standards shall be applicable to the parts within State Street that have access to BGI Data. Any changes to the safeguards in Exhibit E that are specifically designated as safeguards that State Street has agreed to adopt specifically for the BGI Recipients will require prior review and approval from the affected BGI Recipients, which approval shall not be unreasonably withheld.
View Source
Data Security Plan. Within a reasonable time after the Service Commencement Date, ▇.▇. ▇▇▇▇▇▇ will implement, maintain and update (on an annual basis) a data security plan with respect to Customer Data provided to it that is consistent with the standards set forth in the Security Principles (which will include both physical and electronic measures) or, following the Service Commencement Date, such other generally accepted industry standards as are reasonably likely to be as protective of Customer Data as the Security Principles, which standards shall be applicable to the parts within ▇.▇. ▇▇▇▇▇▇ that have access to Customer Data. Any changes to the safeguards in the Security Principles will require prior review and approval from the Customer.
View Source

Related to Data Security Plan

  • Security Plan The Business Continuity Plan and the Disaster Recovery Plan may be combined into one document. Additionally, at the beginning of each State Fiscal Year, if the MCO modifies the following documents, it must submit the revised documents and corresponding checklists for HHSC’s review and approval:

  • Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Management Plan The Management Plan is the description and definition of the phasing, sequencing and timing of the major Individual Project activities for design, construction procurement, construction and occupancy as described in the IPPA.

  • Implementation Plan The Authority shall cause to be prepared an Implementation Plan meeting the requirements of Public Utilities Code Section 366.2 and any applicable Public Utilities Commission regulations as soon after the Effective Date as reasonably practicable. The Implementation Plan shall not be filed with the Public Utilities Commission until it is approved by the Board in the manner provided by Section 4.9.