{"component": "clause", "props": {"groups": [{"snippet_links": [{"key": "customer-shall", "type": "clause", "offset": [0, 14]}, {"key": "access-to", "type": "definition", "offset": [31, 40]}, {"key": "related-to", "type": "clause", "offset": [54, 64]}, {"key": "cloud-services", "type": "clause", "offset": [69, 83]}, {"key": "by-customer", "type": "clause", "offset": [93, 104]}, {"key": "period-of", "type": "definition", "offset": [151, 160]}, {"key": "in-place", "type": "definition", "offset": [189, 197]}, {"key": "method-of-handling", "type": "clause", "offset": [200, 218]}, {"key": "in-accordance-with", "type": "definition", "offset": [282, 300]}, {"key": "the-requirements", "type": "clause", "offset": [301, 317]}, {"key": "under-section-9", "type": "clause", "offset": [318, 333]}, {"key": "the-regulations", "type": "clause", "offset": [337, 352]}], "snippet": "Customer shall assure that any access to any database related to the Cloud Services, whether by Customer or SAP, is automatically disconnected after a period of no-activity and that it has in place a method of handling malfunctions connected with identification authentication, all in accordance with the requirements under Section 9 of the Regulations.", "size": 8, "samples": [{"hash": "f0XywSwYUlv", "uri": "/contracts/f0XywSwYUlv#identification-and-authentication", "label": "Personal Data Processing Agreement", "score": 29.555289389, "published": true}, {"hash": "jXHgk7cPWaG", "uri": "/contracts/jXHgk7cPWaG#identification-and-authentication", "label": "Personal Data Processing Agreement", "score": 29.4950673023, "published": true}, {"hash": "lO6Dy9AB0G", "uri": "/contracts/lO6Dy9AB0G#identification-and-authentication", "label": "Personal Data Processing Agreement", "score": 29.4321078479, "published": true}], "hash": "ff6faf0d8f7a803e25558c2efbe6c42a", "id": 1}, {"snippet_links": [{"key": "access-to", "type": "definition", "offset": [4, 13]}, {"key": "individual-users", "type": "clause", "offset": [138, 154]}, {"key": "individual-ownership", "type": "definition", "offset": [163, 183]}, {"key": "service-accounts", "type": "definition", "offset": [194, 210]}], "snippet": "For access to In-Scope Information and for host devices that support it, assign unique credentials (eg. UserIDs, passwords) to authorized individual users, assign individual ownership to system service accounts, and ensure that system service accounts are not shared by administrators.", "size": 6, "samples": [{"hash": "gL53wtFUmfg", "uri": "/contracts/gL53wtFUmfg#identification-and-authentication", "label": "Mso Dealer Agreement", "score": 24.8083504449, "published": true}, {"hash": "iAKXQ36AuhA", "uri": "/contracts/iAKXQ36AuhA#identification-and-authentication", "label": "Commercial Fulfillment Dealer Agreement", "score": 24.6988364134, "published": true}, {"hash": "4NBLE6h0fSf", "uri": "/contracts/4NBLE6h0fSf#identification-and-authentication", "label": "Directv Smatv Dealer Agreement", "score": 24.6988364134, "published": true}], "hash": "451d0aa1b71e75079579fa2b43e427f2", "id": 2}, {"snippet_links": [{"key": "purpose-of", "type": "clause", "offset": [4, 14]}, {"key": "to-provide", "type": "definition", "offset": [33, 43]}, {"key": "access-to-data", "type": "clause", "offset": [72, 86]}, {"key": "information-systems", "type": "definition", "offset": [90, 109]}, {"key": "active-users", "type": "definition", "offset": [148, 160]}], "snippet": "The purpose of authentication is to provide reliable identification for access to data or information systems. Entity must maintain the identity of active users, linking actions to specific users, and all other identification and authentication requirements. Non-repudiation must be maintained for each user accessing DPS data.", "size": 3, "samples": [{"hash": "gbClQdl2Tpx", "uri": "/contracts/gbClQdl2Tpx#identification-and-authentication", "label": "User Agreement to Purchase Driver Records or Driver Record Monitoring Services", "score": 26.1526351814, "published": true}, {"hash": "e69xY9t9iXv", "uri": "/contracts/e69xY9t9iXv#identification-and-authentication", "label": "User Agreement to Purchase Driver Records or Driver Record Monitoring Services", "score": 26.1526351814, "published": true}, {"hash": "bD0WnvWANlP", "uri": "/contracts/bD0WnvWANlP#identification-and-authentication", "label": "User Agreement to Purchase Driver Records or Driver Record Monitoring Services", "score": 25.3285420945, "published": true}], "hash": "9020724f8e106f7635f279c0e0caa4d6", "id": 3}, {"snippet_links": [{"key": "all-access", "type": "clause", "offset": [0, 10]}, {"key": "person-or-entity", "type": "definition", "offset": [211, 227]}, {"key": "access-to-customer-information", "type": "clause", "offset": [239, 269]}, {"key": "an-individual", "type": "clause", "offset": [510, 523]}, {"key": "unique-user", "type": "definition", "offset": [525, 536]}, {"key": "soft-token", "type": "definition", "offset": [623, 633]}, {"key": "written-approval", "type": "clause", "offset": [665, 681]}, {"key": "from-customer", "type": "clause", "offset": [682, 695]}, {"key": "prior-to", "type": "definition", "offset": [696, 704]}, {"key": "digital-certificates", "type": "definition", "offset": [711, 731]}, {"key": "to-ensure", "type": "clause", "offset": [824, 833]}, {"key": "created-by", "type": "definition", "offset": [892, 902]}, {"key": "in-connection-with", "type": "clause", "offset": [928, 946]}, {"key": "the-agreement", "type": "clause", "offset": [947, 960]}], "snippet": "All access to any Customer Information or any West Processing Resources shall be Identified and Authenticated as defined in this Section. \u201cIdentification\u201d refers to processes which establish the identity of the person or entity requesting access to Customer Information and/or West Processing Resources. \u201cAuthentication\u201d refers to processes which validate the purported identity of the requestor. For access to Customer Information or West Processing Resources, West shall require Authentication by the use of an individual, unique user ID and an individual password and/or other appropriate Authentication technique (e.g. soft token, pin, etc.). West shall obtain written approval from Customer prior to using digital certificates as part of West\u2019s Identification or Authorization processes. West shall maintain procedures to ensure the protection, integrity, and soundness of all passwords created by West and/or used by West in connection with the Agreement.", "size": 3, "samples": [{"hash": "75SDshNYMjN", "uri": "/contracts/75SDshNYMjN#identification-and-authentication", "label": "Standard Contractual Clauses Addendum", "score": 36.2331321501, "published": true}, {"hash": "1M3WudK7nWb", "uri": "/contracts/1M3WudK7nWb#identification-and-authentication", "label": "Standard Contractual Clauses Addendum", "score": 34.0298696815, "published": true}, {"hash": "ZhnCaoknK1", "uri": "/contracts/ZhnCaoknK1#identification-and-authentication", "label": "Data Processing Agreement", "score": 33.7550118833, "published": true}], "hash": "7d99367e3b34faf98386943e086ba775", "id": 4}, {"snippet_links": [{"key": "call-handling", "type": "clause", "offset": [78, 91]}, {"key": "software-system", "type": "definition", "offset": [92, 107]}, {"key": "password-requirements", "type": "clause", "offset": [155, 176]}, {"key": "minimum-standards", "type": "clause", "offset": [211, 228]}], "snippet": "User ID Requirements. The PSAP Manager shall require a unique logon ID to the Call Handling software system for every dispatcher (but not the PC Windows): Password Requirements. PSAP shall include the following minimum standards for establishing passwords:", "size": 2, "samples": [{"hash": "gTSyV0JOOFa", "uri": "/contracts/gTSyV0JOOFa#identification-and-authentication", "label": "Memorandum of Agreement", "score": 26.4100540395, "published": true}, {"hash": "kcvZz8ghiLv", "uri": "/contracts/kcvZz8ghiLv#identification-and-authentication", "label": "Memorandum of Agreement", "score": 26.1445293842, "published": true}], "hash": "87e56583555b0e4de66507ff424d0e18", "id": 5}, {"snippet_links": [{"key": "access-to", "type": "definition", "offset": [4, 13]}, {"key": "mercury-information", "type": "definition", "offset": [18, 37]}, {"key": "person-or-entity", "type": "definition", "offset": [212, 228]}, {"key": "each-party", "type": "clause", "offset": [465, 475]}, {"key": "to-ensure", "type": "clause", "offset": [542, 551]}, {"key": "in-connection-with", "type": "clause", "offset": [630, 648]}, {"key": "the-agreement", "type": "clause", "offset": [649, 662]}], "snippet": "All access to any Mercury Information or any Global Processing Resources shall be Identified and Authenticated as defined in this Section. \u201cIdentification\u201d refers to processes which establish the identity of the person or entity requesting access to Mercury Information and/or Global Processing Resources. \u201cAuthentication\u201d refers to processes which validate the purported identity of the requestor. For access to Mercury Information or Global Processing Resources, each party shall require *****. Each party shall maintain its own procedures to ensure the protection, integrity, and soundness of all passwords created and/or used in connection with the Agreement.", "size": 2, "samples": [{"hash": "8vauScMCGGY", "uri": "/contracts/8vauScMCGGY#identification-and-authentication", "label": "Global Master Service Agreement (Mercury Payment Systems, Inc.)", "score": 25.2354551677, "published": true}, {"hash": "hJ1mJ2mV9uT", "uri": "/contracts/hJ1mJ2mV9uT#identification-and-authentication", "label": "Global Master Service Agreement (Mercury Payment Systems Holdings, Inc.)", "score": 25.1204654346, "published": true}], "hash": "7dfb6a30647830e4bd847ae0115d0699", "id": 6}, {"snippet_links": [{"key": "prior-to", "type": "definition", "offset": [115, 123]}, {"key": "to-a-participant", "type": "clause", "offset": [140, 156]}], "snippet": "Each user who shares data as part of the eHealth Exchange shall be uniquely identified and their identity verified prior to granting access to a Participant\u2019s system.", "size": 2, "samples": [{"hash": "hGxfvzDW2QT", "uri": "/contracts/hGxfvzDW2QT#identification-and-authentication", "label": "Dursa Policy Assumptions", "score": 24.7796030116, "published": true}, {"hash": "2453TptYWmP", "uri": "/contracts/2453TptYWmP#identification-and-authentication", "label": "Data Use and Reciprocal Support Agreement (Dursa)", "score": 24.4236824093, "published": true}], "hash": "aa7493dadbce4667ac25d3090792535d", "id": 7}, {"snippet_links": [{"key": "data-importer", "type": "definition", "offset": [4, 17]}, {"key": "the-information-system", "type": "clause", "offset": [217, 239]}, {"key": "no-circumstances", "type": "clause", "offset": [360, 376]}, {"key": "in-force", "type": "definition", "offset": [453, 461]}], "snippet": "The data importer shall take the measures that ensures the identification and authentication of the users. The data importer shall establish a mechanism that permits the identification of any user who tries to access the information system and the verification of his authorization. The data importer\u2019s documentation shall establish the frequency, which under no circumstances shall be less than yearly, with which the passwords shall be changed. While in force, passwords shall be stored in an unintelligible way.", "size": 2, "samples": [{"hash": "9yrPe7xzcEF", "uri": "/contracts/9yrPe7xzcEF#identification-and-authentication", "label": "Data Processing Agreement", "score": 27.3299110198, "published": true}, {"hash": "jpAujUiD9RY", "uri": "/contracts/jpAujUiD9RY#identification-and-authentication", "label": "Data Processing Agreement", "score": 26.8425735797, "published": true}], "hash": "5963d6ac8aa99d2dff742d934c0dc0f2", "id": 8}, {"snippet_links": [{"key": "in-relation-to", "type": "clause", "offset": [5, 19]}, {"key": "access-to-\u2587", "type": "clause", "offset": [20, 31]}, {"key": "hard-copy", "type": "clause", "offset": [68, 77]}, {"key": "the-supplier-shall", "type": "clause", "offset": [103, 121]}, {"key": "strong-authentication", "type": "definition", "offset": [135, 156]}, {"key": "remote-access", "type": "definition", "offset": [200, 213]}, {"key": "use-of-non", "type": "clause", "offset": [214, 224]}, {"key": "information-resources", "type": "clause", "offset": [232, 253]}, {"key": "access-to-systems", "type": "clause", "offset": [270, 287]}, {"key": "identity-provider", "type": "definition", "offset": [348, 365]}, {"key": "industry-best", "type": "clause", "offset": [383, 396]}, {"key": "authentication-credentials", "type": "clause", "offset": [453, 479]}, {"key": "and-authentication", "type": "clause", "offset": [497, 515]}, {"key": "smart-cards", "type": "clause", "offset": [543, 554]}, {"key": "where-appropriate", "type": "definition", "offset": [560, 577]}, {"key": "authentication-mechanism", "type": "definition", "offset": [597, 621]}, {"key": "the-\u2587", "type": "clause", "offset": [706, 711]}, {"key": "form-of", "type": "definition", "offset": [764, 771]}, {"key": "personal-information", "type": "clause", "offset": [809, 829]}, {"key": "management-process", "type": "clause", "offset": [879, 897]}, {"key": "account-creation", "type": "clause", "offset": [932, 948]}, {"key": "on-termination", "type": "clause", "offset": [978, 992]}, {"key": "changes-to", "type": "clause", "offset": [1059, 1069]}, {"key": "all-information", "type": "clause", "offset": [1119, 1134]}, {"key": "review-of", "type": "clause", "offset": [1245, 1254]}, {"key": "access-privileges", "type": "clause", "offset": [1255, 1272]}], "snippet": "12.1 In relation to access to \u2587\u2587\u2587\u2587\u2587\u2587\u2587 Data, either in electronic or hard copy, by the Supplier\u2019s team, the Supplier shall:\n(a) Require Strong Authentication (i.e. Multi-factor authentication) for any remote access use of non-public Information Resources\n(b) Ensure that access to systems that process \u2587\u2587\u2587\u2587\u2587\u2587\u2587 Data is enforced through a centralized identity provider that conforms to industry best practise.\n(c) Use a secure method for the conveyance of authentication credentials (i.e. passwords) and authentication mechanisms (i.e. tokens or smart cards)\n(d) Where appropriate adopt a risk-based authentication mechanism such that authentication methods are tiered and proportionate to the sensitivity of the \u2587\u2587\u2587\u2587\u2587\u2587\u2587 Data to be accessed (i.e. the use of stronger form of authentication for accessing \u2587\u2587\u2587\u2587\u2587\u2587\u2587 Personal Information)\n(e) Have and use a documented User ID lifecycle management process including procedures for approved account creation, account removal immediately on termination or within 24 hours on role change, and account modification (i.e. changes to privileges, span of access, functions/roles) for all Information Resources and across all environments (e.g., production, test, development, etc.). Such process shall include review of access privileges and account validity to be performed at least quarterly.", "size": 1, "samples": [{"hash": "gkbnE2elE9F", "uri": "/contracts/gkbnE2elE9F#identification-and-authentication", "label": "Data Protection and Security Schedule", "score": 24.3127994524, "published": true}], "hash": "2f6cc563238eac598c5a79e02fe66a8e", "id": 9}, {"snippet_links": [{"key": "the-controller", "type": "clause", "offset": [0, 14]}, {"key": "the-information-system", "type": "clause", "offset": [139, 161]}, {"key": "authentication-mechanism", "type": "definition", "offset": [218, 242]}, {"key": "based-on", "type": "clause", "offset": [246, 254]}, {"key": "access-to-the-information", "type": "clause", "offset": [484, 509]}], "snippet": "The controller will establish a mechanism that allows the unequivocal and personalized identification of all those users who try to access the information system and the verification that they are authorized. When the authentication mechanism is based on the existence of passwords, these must meet minimum complexity requirements and must be changed at least every 6 months. The controller will establish a mechanism that limits the possibility of repeatedly attempting unauthorized access to the information system.", "size": 1, "samples": [{"hash": "3pPdXT6lkC3", "uri": "/contracts/3pPdXT6lkC3#identification-and-authentication", "label": "Specific Cooperation Agreement", "score": 33.4448893975, "published": true}], "hash": "149aabbecb23803783b2ae546c170c24", "id": 10}], "next_curs": "CmoSZGoVc35sYXdpbnNpZGVyY29udHJhY3RzckYLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IippZGVudGlmaWNhdGlvbi1hbmQtYXV0aGVudGljYXRpb24jMDAwMDAwMGEMogECZW4YACAA", "clause": {"children": [], "title": "Identification and Authentication", "size": 42, "parents": [["access-control", "Access Control"], ["definitions", "DEFINITIONS"], ["competent-supervisory-authority", "COMPETENT SUPERVISORY AUTHORITY"], ["miscellaneous", "MISCELLANEOUS"], ["acceptance-of-user-agreement", "Acceptance of User Agreement"]], "id": "identification-and-authentication", "related": [["execution-and-authentication", "Execution and Authentication", "Execution and Authentication"], ["execution-and-authentications", "Execution and Authentications", "Execution and Authentications"], ["execution-and-authentication-of-certificates", "Execution and Authentication of Certificates", "Execution and Authentication of Certificates"], ["executed-and-authenticated", "Executed and authenticated", "Executed and authenticated"], ["certificate-of-authentication", "Certificate of Authentication", "Certificate of Authentication"]], "related_snippets": [], "updated": "2025-07-07T12:37:48+00:00"}, "json": true, "cursor": ""}}