Common use of Encryption of Data Clause in Contracts

Encryption of Data. (a) Contractor and Contractor Parties, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-state owned or managed devices that the State, in accordance with its existing state policies classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture (EWTA) as it may be amended from time to time. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time. (b) In the event of a breach of security or loss of State data, the Contractor or Contractor Parties shall notify the client agency which owns the data, the Connecticut Department of Information Technology and the Connecticut Office of the Attorney General as soon as practical but no later than 24 hours after the discovery of suspicion of such breach or loss that such data has been compromised through breach or loss.

Encryption of Data. (a) Contractor and Contractor Parties, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-state owned or managed devices that the State, in accordance with its existing state policies classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture (EWTA) as it may be amended from time to time. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time. (b) . In the event of a breach of security or loss of State data, the Contractor or Contractor Parties shall notify the client agency which owns the data, the Connecticut Department of Information Technology and the Connecticut Office of the Attorney General as soon as practical but no later than 24 hours after the discovery of or suspicion of such breach or loss that such data has been compromised through breach or loss.. THE REST OF THIS PAGE IS INTENTIONALLY LEFT BLANK

Encryption of Data. (a) Contractor and Contractor Parties, at its own expense, shall encrypt keep and maintain in an encrypted state any and all electronically stored data now or hereafter in its possession or control located on non-state owned or managed devices that the State, in accordance with its existing state policies classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture (EWTA) as it may be amended from time to time). This shall be a continuing obligation for compliance with the EWTA standard as it may change be amended or supplemented from time to time. (b) In the event of a breach of security or loss of State data, the Contractor or and Contractor Parties shall notify the client state agency which owns the data, the Connecticut Department of Information Technology and the Connecticut Office of the Attorney General as soon as practical but no later than 24 hours after the discovery of suspicion of or reason to believe such breach or loss that such data has been compromised through breach or loss.