Data Security Program Sample Clauses

Data Security Program. Company will maintain a comprehensive written information security program that includes technical, physical, and administrative/organizational safeguards designed to (i) ensure the security and confidentiality of Ministerio de Hacienda Data and Personal Data, (H) protect against any anticipated threats or hazards to the security and integrity of Ministerio de Hacienda Data and of Personal Data, (Hi) protect against any actual or suspected unauthorized processing, loss, or acquisition of any Ministerio de Hacienda Data and any Personal Data, and (iv) ensure the proper disposal of Ministerio de Hacienda Data and Personal Data. Company will ensure that such program satisfies all of the requirements set forth in this Exhibit B and that Company complies with all such requirements, as well as any other written information security policies, procedures, and guidelines that are applicable to the Services. As used in this Exhibit B, the terms "systems", "information systems", and the like, include all information technology systems and all other Technology. Capitalized terms used but not defined in this Exhibit B will have the meanings set forth in the MSA.

Data Security Program. ACS shall at all times maintain in effect a comprehensive data security program that includes reasonable and appropriate technical, organizational and physical security measures designed to protect against the destruction, loss, unauthorized access and/or alteration of data, including Symetra Data, in ACS’ possession, and which shall be: (a) no less rigorous than those measures maintained (or required to be maintained) by Symetra as of the Restatement Date (or required or implemented by Symetra in the future); (b) no less rigorous than those measures maintained by ACS for its own information of a similar nature; (c) no less rigorous than those measures that generally are implemented by providers of outsourcing services; and (d) compliant with all Symetra policies and procedures with which Symetra advises ACS it is required to comply (provided that ACS’ compliance with any such Symetra policies and procedures that are implemented and/or modified following the Restatement Date shall be effected through the Change Management Procedures), including those relating to the privacy, security, preservation and retention of data. The content and implementation of such data security program and associated technical, organizational and security measures shall be fully documented by ACS in the Service Delivery Reference Manual. From time to time, but not less frequently than annually, ACS proactively shall provide to Symetra information regarding industry-leading security best practices and ACS’ recommendations for implementing any of such practices. If Symetra wants to implement any of such practices, the Parties shall do so in accordance with the Change Management Procedures.

Data Security Program. Service Provider shall maintain a documented security program that has reasonable administrative, technical, and physical safeguards that are commensurate with the laws and industry standards relevant to Service Provider’s business activities and protects AbbVie Data according to its sensitivity. The minimum standards for Service Provider’s security controls that shall apply to the Services are set forth in Schedule A (AbbVie Third Party Security Controls).

Data Security Program. Administrator has in place and shall maintain (and shall provide in summary format via Administrator’s due diligence package to Company upon Company’s reasonable request) a written comprehensive data security program, which shall include reasonable and appropriate administrative, physical, and technical safeguards and security measures (including, but not limited to, encryption, where appropriate or required by law) designed to (i) ensure the security and confidentiality of all Company Data, (ii) protect against any anticipated threats or hazards to the security or integrity of such data, (iii) protect against unauthorized access or use of such data, and (iv) prevent the destruction, loss or alteration of Company Data in the possession of; and which is and shall be no less rigorous than those maintained by Administrator for its own information of a similar nature (such written data security program, the “Data Security Program”). The Data Security Program (including any “cloud-based” product/service offering of the Service Provider) shall incorporate appropriate security measures to protect Company Data consistent with applicable federal and state laws.

Data Security Program. Vendor shall maintain in effect at all times a comprehensive data security program that includes reasonable and appropriate administrative, technical and physical security measures designed to detect, prevent and mitigate the risk of identity theft and protect against the destruction, loss, unauthorized access, disclosure, use and/or alteration of data (whether or not encrypted), including but not limited to Confidential Information, Customer Data, and Data, in Vendor's possession or under Vendor's control, and which shall be no less rigorous than those measures that are required to be maintained by Vendor to comply with applicable Laws and Regulations, including but not limited to, the current State of Washington Office of the Chief Information Officer (OCIO) IT Security Standards (OCIO 141.10) relating to Securing Information Technology Assets Standards, and shall ensure that all such safeguards, including the manner in which Confidential Information, Customer Data, and Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Contract. At WSDOT’s request, Vendor will provide the data security program to WSDOT for its review, and WSDOT shall have the right to provide feedback and comment on Vendor's data security program. If Vendor recommends certain security features that WSDOT does not approve, the matter will be escalated to the WSDOT and Vendor Contracting Officers for final resolution.

Data Security Program. Neither the Company nor any of the Company Subsidiaries is a “covered person” as that term is defined in Executive Order 14117 and rules and regulations issued thereunder, including 28 C.F.R. Part 202, as implemented or amended from time to time (the “DSP”). Since April 8, 2025, neither the Company nor any of the Company Subsidiaries has engaged in any “covered data transaction,” as that term is defined in the DSP, except in full compliance with the DSP.

Data Security Program. Company will maintain a comprehensive written information security program that includes technical, physical, and administrative/organizational safeguards designed to (i) ensure the security and confidentiality of Republic Data and Personal Data, (ii) protect against any anticipated threats or hazards to the security and integrity of Republic Data and of Personal Data, (iii) protect against any actual or suspected unauthorized processing, loss, or acquisition of any Republic Data and any Personal Data, and (iv) ensure the proper disposal of Republic Data and Personal Data. Company will ensure that such program satisfies all of the requirements set forth in this Exhibit B and that Company complies with all such requirements, as well as any other written information security policies, procedures, and guidelines that are applicable to the Services. As used in this Exhibit B, the terms "systems", "information systems", and the like, include all information technology systems and all other Technology. Capitalized terms used but not defined in this Exhibit B will have the meanings set forth in the MSA.

Data Security Program. The Center shall implement maintain and comply with komplexní programy, praktiky a postupy pro zabezpečení informací a sítí, které upravují provádění Studie (souhrnně „Program zabezpečení údajů“), které: (i) splňují současné nejlepší standardy v oboru; a (ii) jsou v souladu se všemi Platnými zákony o ochraně osobních údajů a zabezpečení údajů. Centrum písemně zdokumentuje svůj Program zabezpečení údajů a na vyžádání CRO nebo Zadavatele zpřístupní tyto dokumenty CRO nebo Zadavateli ke kontrole. Centrum bude udržovat svůj Program zabezpečení údajů aktuální. comprehensive information and network security programs, practices and procedures that govern the conduct of the Study (collectively, “Data Security Program”) that: (i) meets current best industry standards; and (ii) complies with all Applicable Privacy and Data Security Laws. The Center shall document its Data Security Program in written form and shall make those documents available to CRO or Sponsor for review upon CRO’s or Sponsor’s request. The Center shall keep its Data Security Program current and up- to-date.

Data Security Program. Provider shall maintain through the Term of the Agreement a comprehensive written data security program (“Data Security Program”) that satisfies the requirements under this Section 3. Without limiting the generality of Section 3.3, Provider’s Data Security Program must, at a minimum, comply with the most recently published version of the Center for Internet Security’s Critical Security Controls for Effective Cyber Defense (IG3), and provide for: (a) protection of business facilities, paper files, servers, computing equipment, including all mobile devices and other equipment with information storage capability, and backup systems containing any Company Personal Data; (b) network, application (including databases) and platform security; (c) business systems segmentation designed to optimize security; (d) secure transmission and storage of Company Personal Data (whether by strong encryption or other equally protective measures); (e) authentication and access control mechanisms (including strong password management practices); and (f) personnel security and integrity requirements. Provider shall provide annual training to personnel and subcontractors on how to comply with the Provider’s Data Security Program. Provider shall regularly test and monitor the effectiveness of its Data Security Program and shall evaluate and adjust its Data Security Program in light of the results of such testing and monitoring. Provider shall notify Company of: (i) any material changes to its Data Security Program, and (ii) any other changes that may have a material effect on its Data Security Program.