{"component": "clause", "props": {"groups": [{"samples": [{"hash": "aO8n1nT5NGO", "uri": "/contracts/aO8n1nT5NGO#information-security-protocols", "label": "Forensic Services Agreement", "score": 24.4127310062, "published": true}, {"hash": "9GgD7hm7AIr", "uri": "/contracts/9GgD7hm7AIr#information-security-protocols", "label": "Forensic Services Agreement", "score": 24.4127310062, "published": true}], "size": 2, "snippet_links": [{"key": "agency-shall", "type": "clause", "offset": [29, 41]}, {"key": "comply-with-applicable", "type": "clause", "offset": [42, 64]}, {"key": "court-orders-and-subpoenas", "type": "clause", "offset": [74, 100]}, {"key": "federal-statutes", "type": "definition", "offset": [115, 131]}, {"key": "federal-regulations", "type": "definition", "offset": [133, 152]}, {"key": "rules-regarding", "type": "clause", "offset": [182, 197]}, {"key": "confidential-records", "type": "clause", "offset": [198, 218]}, {"key": "other-information", "type": "definition", "offset": [222, 239]}, {"key": "the-parties-to-this-agreement", "type": "clause", "offset": [252, 281]}, {"key": "records-and-information", "type": "clause", "offset": [287, 310]}, {"key": "unauthorized-disclosure", "type": "clause", "offset": [368, 391]}, {"key": "breach-notification", "type": "definition", "offset": [397, 416]}, {"key": "completed-by", "type": "clause", "offset": [441, 453]}, {"key": "party-to-this-agreement", "type": "definition", "offset": [454, 477]}, {"key": "responsible-for", "type": "clause", "offset": [488, 503]}, {"key": "personally-identifiable-information", "type": "definition", "offset": [545, 580]}, {"key": "resulting-from", "type": "definition", "offset": [616, 630]}, {"key": "responsible-party", "type": "definition", "offset": [688, 705]}, {"key": "information-management-system", "type": "definition", "offset": [785, 814]}, {"key": "available-to", "type": "definition", "offset": [856, 868]}, {"key": "the-participating", "type": "clause", "offset": [869, 886]}, {"key": "information-technology", "type": "clause", "offset": [905, 927]}, {"key": "required-by", "type": "definition", "offset": [947, 958]}, {"key": "adhere-to", "type": "clause", "offset": [970, 979]}, {"key": "federal-bureau-of-investigation", "type": "definition", "offset": [984, 1015]}, {"key": "criminal-justice-information-services", "type": "clause", "offset": [1026, 1063]}, {"key": "telecommunications-systems", "type": "definition", "offset": [1148, 1174]}, {"key": "physically-secure", "type": "definition", "offset": [1218, 1235]}, {"key": "cjis-security-policy", "type": "definition", "offset": [1348, 1368]}, {"key": "security-and", "type": "clause", "offset": [1403, 1415]}, {"key": "secure-location", "type": "clause", "offset": [1644, 1659]}, {"key": "mobile-devices", "type": "definition", "offset": [1763, 1777]}, {"key": "in-accordance-with", "type": "definition", "offset": [1778, 1796]}, {"key": "state-police", "type": "definition", "offset": [1962, 1974]}], "snippet": "A. The DFS and Participating Agency shall comply with applicable Illinois court orders and subpoenas, Illinois and federal statutes, federal regulations, and Illinois administrative rules regarding confidential records or other information obtained by the parties to this Agreement. The records and information shall be protected by the parties to this Agreement from unauthorized disclosure. Any breach notification imposed by law shall be completed by party to this Agreement primarily responsible for said breach or improper dissemination of personally identifiable information or confidential records. Any costs resulting from a breach or improper dissemination shall be borne by the responsible party to this Agreement.\nB. The DFS will deploy and maintain its internal Laboratory Information Management System (LIMS), as well as the websites it makes available to the Participating Agency, utilizing information technology providers that are required by the DFS to adhere to the Federal Bureau of Investigation\u2019s current Criminal Justice Information Services (CJIS) Security Policy.\nC. The Participating Agency shall only utilize computer and telecommunications systems that are permanently maintained within its physically secure locations to access secure websites designated by the DFS.\nD. The DFS shall ensure its websites follow required CJIS Security Policy protocols relating to information security and encrypted communication.\nE. When the DFS makes multi-factor authentication available and Participating Agency elects to utilize it, they may access DFS websites from devices that are not permanently maintained within physically secure location. Alternatively, if the Participating Agency has already implemented multi-factor authentication on its mobile devices in accordance with Sections 5.6 and 5.13 of the CJIS Security Policy, they may utilize these devices if permission is obtained from the Illinois CJIS Systems Officer with the Illinois State Police.", "hash": "e61b8fe76db70bdf69961830c2b357e4", "id": 2}, {"samples": [{"hash": "2rpqfPgzzIe", "uri": "/contracts/2rpqfPgzzIe#information-security-protocols", "label": "Reseller Agreement", "score": 25.2056123042, "published": true}, {"hash": "kVOubnjq0O", "uri": "/contracts/kVOubnjq0O#information-security-protocols", "label": "Reseller Agreement", "score": 24.3378667813, "published": true}], "size": 7, "snippet_links": [{"key": "to-information", "type": "clause", "offset": [28, 42]}, {"key": "use-commercially-reasonable-efforts", "type": "clause", "offset": [62, 97]}, {"key": "to-maintain", "type": "clause", "offset": [98, 109]}, {"key": "the-security", "type": "clause", "offset": [110, 122]}, {"key": "availability-of", "type": "clause", "offset": [138, 153]}, {"key": "not-limited", "type": "clause", "offset": [210, 221]}, {"key": "comply-with-the", "type": "clause", "offset": [306, 321]}, {"key": "security-rule", "type": "clause", "offset": [352, 365]}, {"key": "iso-27001", "type": "definition", "offset": [371, 380]}, {"key": "information-security-program", "type": "definition", "offset": [408, 436]}, {"key": "management-procedures", "type": "clause", "offset": [479, 500]}, {"key": "principle-of-least-privilege", "type": "definition", "offset": [519, 547]}, {"key": "hitech-act-compliance", "type": "clause", "offset": [670, 691]}, {"key": "access-controls", "type": "definition", "offset": [751, 766]}, {"key": "its-data", "type": "definition", "offset": [771, 779]}, {"key": "network-security-controls", "type": "clause", "offset": [827, 852]}, {"key": "intrusion-prevention", "type": "clause", "offset": [876, 896]}, {"key": "health-and", "type": "clause", "offset": [1076, 1086]}, {"key": "infrastructure-components", "type": "clause", "offset": [1106, 1131]}, {"key": "data-encryption", "type": "definition", "offset": [1145, 1160]}, {"key": "manner-of", "type": "clause", "offset": [1189, 1198]}, {"key": "data-transmissions", "type": "clause", "offset": [1203, 1221]}, {"key": "ssl-encryption", "type": "clause", "offset": [1256, 1270]}, {"key": "access-and-use", "type": "clause", "offset": [1287, 1301]}, {"key": "user-accounts-and-passwords", "type": "clause", "offset": [1370, 1397]}, {"key": "requirements-for", "type": "clause", "offset": [1443, 1459]}, {"key": "managed-accounts", "type": "definition", "offset": [1468, 1484]}, {"key": "processes-and-procedures", "type": "clause", "offset": [1544, 1568]}, {"key": "data-protection-program", "type": "definition", "offset": [1601, 1624]}, {"key": "security-patches", "type": "definition", "offset": [1698, 1714]}, {"key": "in-accordance-with", "type": "definition", "offset": [1715, 1733]}, {"key": "generally-accepted", "type": "clause", "offset": [1734, 1752]}, {"key": "industry-best-practices", "type": "definition", "offset": [1753, 1776]}, {"key": "disaster-recovery-plan", "type": "definition", "offset": [1858, 1880]}, {"key": "system-backup", "type": "clause", "offset": [1904, 1917]}, {"key": "technology-replacement", "type": "clause", "offset": [1919, 1941]}, {"key": "vulnerability-management", "type": "definition", "offset": [2091, 2115]}, {"key": "third-party", "type": "clause", "offset": [2206, 2217]}, {"key": "vulnerability-assessments", "type": "clause", "offset": [2218, 2243]}, {"key": "security-project", "type": "definition", "offset": [2277, 2293]}, {"key": "application-development", "type": "definition", "offset": [2347, 2370]}, {"key": "management-practices", "type": "definition", "offset": [2425, 2445]}, {"key": "hardware-and-software-changes", "type": "clause", "offset": [2450, 2479]}, {"key": "to-ensure", "type": "clause", "offset": [2545, 2554]}, {"key": "customer-data-security", "type": "clause", "offset": [2631, 2653]}, {"key": "application-controls", "type": "clause", "offset": [2696, 2716]}, {"key": "access-to-customer-data", "type": "clause", "offset": [2759, 2782]}, {"key": "immediately-upon-discovery", "type": "clause", "offset": [2783, 2809]}, {"key": "section-83", "type": "clause", "offset": [2882, 2893]}, {"key": "security-practices", "type": "clause", "offset": [2927, 2945]}, {"key": "recognized-provider", "type": "definition", "offset": [2976, 2995]}], "snippet": "Aon uses a layered approach to information security. Aon will use commercially reasonable efforts to maintain the security, integrity and availability of all Customer Data to which it has access, including but not limited to commercially reasonable efforts reflecting changing technological approaches, to comply with the following measures: (a) HIPPA Security Rule; (b) ISO 27001; (c) maintain a documented Information Security Program which includes annual risk assessment and management procedures; (d) maintain the principle of least privilege; (e) classify and handle all Customer data as confidential and apply the necessary security and controls to support HIPAA/HITECH Act compliance; (f) maintain commercially customary physical security and access controls for its data center(s); (g) maintain commercially customary network security controls including firewall and intrusion prevention solutions; (h) maintain commercially customary redundancy at the demark, network and system layers; (i) maintain commercially customary monitoring solutions to continually manage health and capacity of the IT infrastructure components; (j) provide data encryption in a commercially customary manner of all data transmissions; (k) require a minimum of 128-bit SSL encryption for application access and use; (l) maintain and update anti-virus program; (m) require individual user accounts and passwords for any access; (n) maintain strong password requirements for all Aon-managed accounts; (o) maintain generally acceptable user account management processes and procedures; (p) maintain industry accepted data protection program; (q) maintain whole disk encryption for all laptops; (r) deploy software security patches in accordance with generally accepted industry best practices; (s) maintain and periodically test (at least annually) a commercially customary disaster recovery plan that provides adequate system backup, technology replacement, and alternate (backup-site) site capabilities; (t) follow commercially customary hardening procedures for system/device builds; (u) conduct ongoing vulnerability management through the use of commercially customary tools; (v) conduct periodic (at least annually) third party vulnerability assessments; (w) follow Open Web Application Security Project (OWASP) methodologies, guidelines and techniques for application development; (x) follow commercially customary change and release management practices for hardware and software changes; (y) follow commercially customary asset sanitization procedures to ensure decommissioned equipment is free of any and all Customer Data; (z) maintain Customer Data security using commercially customary database and application controls; (aa) notify Customer of any unauthorized access to Customer Data immediately upon discovery; and (bb) maintain at least one certification or attestation covered in Section 8.3 above or replacement standard on security practices from a nationally or globally recognized provider of such reports.", "hash": "b780d4310c5e1b77bacff4c9c98bac3f", "id": 1}, {"samples": [{"hash": "kHU09LIDHNB", "uri": "/contracts/kHU09LIDHNB#information-security-protocols", "label": "Information Technology Staff Augmentation Services", "score": 24.2977412731, "published": true}], "size": 1, "snippet_links": [{"key": "on-file", "type": "clause", "offset": [49, 56]}, {"key": "general-policies-and-procedures", "type": "definition", "offset": [70, 101]}, {"key": "with-respect-to", "type": "clause", "offset": [102, 117]}, {"key": "client-data", "type": "definition", "offset": [137, 148]}, {"key": "to-information", "type": "clause", "offset": [163, 177]}, {"key": "contractor-performance", "type": "clause", "offset": [201, 223]}, {"key": "state-of-florida", "type": "definition", "offset": [253, 269]}, {"key": "team-members", "type": "definition", "offset": [315, 327]}, {"key": "procedures-and-practices", "type": "clause", "offset": [347, 371]}, {"key": "by-the-state", "type": "clause", "offset": [380, 392]}, {"key": "information-technology-division", "type": "clause", "offset": [404, 435]}], "snippet": "SCONY ENTERPRISES has a documented HIPAA program on file, as well as, general policies and procedures with respect to handling sensitive client data. With respect to information security protocols and contractor performance while on assignment with the STATE OF FLORIDA, SCONY ENTERPRISES will adopt and advise our team members to conform to such procedures and practices advised by the STATE OF FLORIDA information technology division.", "hash": "c116581a499e977507dfc5339263fc44", "id": 3}, {"samples": [{"hash": "7KcfCqLP2bp", "uri": "/contracts/7KcfCqLP2bp#information-security-protocols", "label": "Information Technology Staff Augmentation Services", "score": 24.3059548255, "published": true}], "size": 1, "snippet_links": [{"key": "providing-services", "type": "clause", "offset": [20, 38]}, {"key": "having-a", "type": "definition", "offset": [90, 98]}, {"key": "of-information", "type": "definition", "offset": [111, 125]}, {"key": "payment-card-industry", "type": "clause", "offset": [188, 209]}, {"key": "hipaa-compliance", "type": "definition", "offset": [213, 229]}, {"key": "protection-of", "type": "definition", "offset": [439, 452]}, {"key": "our-clients", "type": "clause", "offset": [471, 482]}, {"key": "security-management-process", "type": "clause", "offset": [576, 603]}, {"key": "the-security", "type": "clause", "offset": [605, 617]}, {"key": "the-basis", "type": "clause", "offset": [640, 649]}, {"key": "assessment-of-the", "type": "clause", "offset": [698, 715]}, {"key": "potential-risks", "type": "definition", "offset": [716, 731]}, {"key": "availability-of", "type": "clause", "offset": [791, 806]}, {"key": "electronic-data", "type": "definition", "offset": [807, 822]}, {"key": "nature-of-the-project", "type": "clause", "offset": [844, 865]}, {"key": "security-responsibilities", "type": "clause", "offset": [900, 925]}, {"key": "attention-to", "type": "definition", "offset": [1010, 1022]}, {"key": "point-of-contact", "type": "clause", "offset": [1108, 1124]}, {"key": "subject-matter-expert", "type": "clause", "offset": [1130, 1151]}, {"key": "the-voice", "type": "clause", "offset": [1172, 1181]}, {"key": "security-concerns", "type": "clause", "offset": [1185, 1202]}, {"key": "information-access-management", "type": "clause", "offset": [1210, 1239]}, {"key": "to-control", "type": "definition", "offset": [1251, 1261]}, {"key": "secure-passwords", "type": "clause", "offset": [1335, 1351]}, {"key": "testing-environment", "type": "definition", "offset": [1441, 1460]}, {"key": "access-to-financial-information", "type": "clause", "offset": [1634, 1665]}, {"key": "and-information", "type": "clause", "offset": [1771, 1786]}, {"key": "the-world", "type": "definition", "offset": [1878, 1887]}, {"key": "field-of", "type": "definition", "offset": [1932, 1940]}, {"key": "years-of-experience", "type": "clause", "offset": [1980, 1999]}, {"key": "working-with", "type": "definition", "offset": [2003, 2015]}, {"key": "client-data", "type": "definition", "offset": [2031, 2042]}, {"key": "multiple-projects", "type": "clause", "offset": [2051, 2068]}, {"key": "department-of-health", "type": "definition", "offset": [2084, 2104]}, {"key": "other-businesses", "type": "clause", "offset": [2343, 2359]}, {"key": "private-clients", "type": "clause", "offset": [2423, 2438]}, {"key": "facility-access-controls", "type": "clause", "offset": [2485, 2509]}, {"key": "security-system", "type": "definition", "offset": [2531, 2546]}, {"key": "the-premises", "type": "clause", "offset": [2575, 2587]}, {"key": "during-business-hours", "type": "clause", "offset": [2627, 2648]}, {"key": "procedures-and-protocols", "type": "clause", "offset": [2668, 2692]}, {"key": "in-place", "type": "definition", "offset": [2697, 2705]}, {"key": "incident-response-team", "type": "definition", "offset": [2726, 2748]}, {"key": "the-team", "type": "definition", "offset": [2803, 2811]}, {"key": "risk-analysis", "type": "clause", "offset": [2838, 2851]}, {"key": "report-it", "type": "clause", "offset": [2891, 2900]}, {"key": "awareness-training", "type": "clause", "offset": [2996, 3014]}], "snippet": "A lengthy career of providing services to government organizations logically leads PCG to having a high degree of information security protocols. As such, PCG has successfully earned PCI (Payment Card Industry) & HIPAA compliance. As a regular collaborator with major state health organizations (i.e. \u2587\u2587\u2587\u2587 and DOH), constant vigilance and understanding of security threats are paramount to both business success and, more importantly, the protection of those people whom our clients work to keep healthy. This is accomplished through solidified processes. One of which is our security management process: The security management process is the basis upon which PCG Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic data, necessitated by the nature of the project, client, or data itself. Assigned security responsibilities allow PCG to compartmentalize security tasks, so they are executed with the highest attention to detail. A single individual is appointed to this position. This position acts as the point of contact, the subject matter expert, the instructor and the voice of security concerns. PCG\u2019s information access management enables it to control who sees what and when. This is accomplished by use of various levels of secure passwords, tokens and built in access controls. These access controls can be as simple as having a testing environment that isn\u2019t connected to any other computers or networks, or as complex as a multi-level, profile based, custom positive/negative item access. This way, if one analyst needs access to financial information, all analysts won\u2019t get access \u2013 only the one who needs it. This allows for confidentiality for projects and information. This scenario also allows for a single point of exit, should any information get out into the world. PCG employees are all knowledgeable in the field of technology, with technical degrees and years of experience of working with computers with client data. Due to multiple projects with the state Department of Health, security is at the forefront of all individual\u2019s minds, especially when there are public facing projects. PCG has earned the knowledge, experience and wherewithal to continue to stay abreast of all security compromises that may surprise other businesses. It is a part of the culture here at PCG to keep our state and private clients protected to the best of our abilities. PCG\u2019s facility access controls include an encrypted security system and locked doors throughout the premises. Doors remain locked before, after and during business hours. Security incident procedures and protocols are in place call for a Security Incident Response Team (SIRT) to conduct an investigation into the incident. The team is utilized to review the risk analysis made earlier, identify the compromise, report it, track any continued breach or where the compromised data has been transferred to, and conduct awareness training on such incident procedures.", "hash": "0ff671a4801644c26823f891f4bca24d", "id": 4}, {"samples": [{"hash": "66VghF8861b", "uri": "/contracts/66VghF8861b#information-security-protocols", "label": "Information Technology Staff Augmentation Services", "score": 24.2977412731, "published": true}], "size": 1, "snippet_links": [{"key": "on-file", "type": "clause", "offset": [40, 47]}, {"key": "general-policies-and-procedures", "type": "definition", "offset": [61, 92]}, {"key": "with-respect-to", "type": "clause", "offset": [93, 108]}, {"key": "client-data", "type": "definition", "offset": [128, 139]}, {"key": "to-information", "type": "clause", "offset": [154, 168]}, {"key": "contractor-performance", "type": "clause", "offset": [192, 214]}, {"key": "state-of-florida", "type": "definition", "offset": [244, 260]}, {"key": "team-members", "type": "definition", "offset": [297, 309]}, {"key": "procedures-and-practices", "type": "clause", "offset": [329, 353]}, {"key": "by-the-state", "type": "clause", "offset": [362, 374]}, {"key": "information-technology-division", "type": "clause", "offset": [386, 417]}], "snippet": "Tec-Link has a documented HIPAA program on file, as well as, general policies and procedures with respect to handling sensitive client data. With respect to information security protocols and contractor performance while on assignment with the STATE OF FLORIDA, Tec-Link will adopt and advise our team members to conform to such procedures and practices advised by the STATE OF FLORIDA information technology division.", "hash": "c5904e26130c337596d0e9225d94da13", "id": 5}, {"samples": [{"hash": "hhbGsyh3h5K", "uri": "/contracts/hhbGsyh3h5K#information-security-protocols", "label": "Information Technology Staff Augmentation Services", "score": 24.2977412731, "published": true}], "size": 1, "snippet_links": [{"key": "security-protocol", "type": "definition", "offset": [3, 20]}, {"key": "the-policy", "type": "clause", "offset": [85, 95]}, {"key": "all-staff", "type": "definition", "offset": [143, 152]}, {"key": "mobile-device-management", "type": "definition", "offset": [200, 224]}, {"key": "use-of-cell-phones", "type": "clause", "offset": [261, 279]}, {"key": "access-devices", "type": "definition", "offset": [303, 317]}, {"key": "network-security", "type": "definition", "offset": [321, 337]}, {"key": "sensitive-and-confidential-information", "type": "definition", "offset": [469, 507]}, {"key": "mail-services", "type": "clause", "offset": [535, 548]}, {"key": "licensed-software", "type": "clause", "offset": [560, 577]}, {"key": "access-limitation", "type": "clause", "offset": [587, 604]}, {"key": "the-year", "type": "definition", "offset": [693, 701]}, {"key": "infrastructure-security", "type": "clause", "offset": [703, 726]}, {"key": "to-generate", "type": "definition", "offset": [801, 812]}, {"key": "reports-of", "type": "clause", "offset": [817, 827]}, {"key": "video-surveillance", "type": "clause", "offset": [857, 875]}, {"key": "designation-of-a", "type": "clause", "offset": [944, 960]}, {"key": "special-trust", "type": "definition", "offset": [975, 988]}, {"key": "background-screening", "type": "clause", "offset": [1005, 1025]}, {"key": "employee-referrals", "type": "clause", "offset": [1171, 1189]}, {"key": "cost-factor", "type": "definition", "offset": [1433, 1444]}, {"key": "the-candidate", "type": "definition", "offset": [1455, 1468]}, {"key": "demand-flexibility", "type": "definition", "offset": [1488, 1506]}, {"key": "pay-scale", "type": "definition", "offset": [1514, 1523]}, {"key": "the-client", "type": "definition", "offset": [1529, 1539]}], "snippet": "IT Security Protocol is one other area that we stay uncompromised on. We ensure that the policy standards set forth are strictly adhered to by all staff involved with various operations. Ranging from Mobile Device management that calls for strict norms against use of cell phones and portable storage / access devices to network security involving restriction to uncertified sites for prevention of malware, IT security is strictly deployed in all areas that deal with sensitive and confidential information. Further, the use of pop 3 mail services, updated / licensed software and file access limitation to authorized teams / managers are few other IT protocols that we follow all throughout the year. Infrastructure security involving bio-metrics-reader/ access-card enabled entry is also installed to generate log reports of entry/exit by staff and 24/7 video surveillance. \uf0b7 DevCare Solutions\u2019 procedures to timely accommodate a Customer\u2019s designation of a job as one of special trust that requires a background screening. DevCare Solutions implements an elaborate method for requirement of high potential candidates. Our recruitment methodology employs the best of, employee referrals, own talent database and partners to source the ideal profile for the role. Hence, suitable candidates are selected, without the compromise of quality. More so, we are able to attract better resources primarily due to our lower margins on the cost factor, favoring the candidate, without having to demand flexibility on the pay scale from the client\u2019s end.", "hash": "0869dff84139d3823a2a6c34547905b2", "id": 6}, {"samples": [{"hash": "ehp0RQ12mdO", "uri": "/contracts/ehp0RQ12mdO#information-security-protocols", "label": "Forensic Services Agreement", "score": 32.9503867226, "published": true}], "size": 1, "snippet_links": [{"key": "for-informational-purposes-only", "type": "clause", "offset": [0, 31]}, {"key": "agency-shall", "type": "clause", "offset": [74, 86]}, {"key": "comply-with-applicable", "type": "clause", "offset": [87, 109]}, {"key": "court-orders-and-subpoenas", "type": "clause", "offset": [119, 145]}, {"key": "federal-statutes", "type": "definition", "offset": [160, 176]}, {"key": "federal-regulations", "type": "definition", "offset": [178, 197]}, {"key": "rules-regarding", "type": "clause", "offset": [227, 242]}, {"key": "confidential-records", "type": "clause", "offset": [243, 263]}, {"key": "other-information", "type": "definition", "offset": [267, 284]}, {"key": "the-parties-to-this-agreement", "type": "clause", "offset": [297, 326]}, {"key": "records-and-information", "type": "clause", "offset": [332, 355]}, {"key": "unauthorized-disclosure", "type": "clause", "offset": [413, 436]}, {"key": "breach-notification", "type": "definition", "offset": [442, 461]}, {"key": "completed-by", "type": "clause", "offset": [486, 498]}, {"key": "party-to-this-agreement", "type": "definition", "offset": [499, 522]}, {"key": "responsible-for", "type": "clause", "offset": [533, 548]}, {"key": "personally-identifiable-information", "type": "definition", "offset": [590, 625]}, {"key": "resulting-from", "type": "definition", "offset": [661, 675]}, {"key": "responsible-party", "type": "definition", "offset": [733, 750]}, {"key": "information-management-system", "type": "definition", "offset": [830, 859]}, {"key": "available-to", "type": "definition", "offset": [901, 913]}, {"key": "the-participating", "type": "clause", "offset": [914, 931]}, {"key": "information-technology", "type": "clause", "offset": [950, 972]}, {"key": "required-by", "type": "definition", "offset": [992, 1003]}, {"key": "adhere-to", "type": "clause", "offset": [1015, 1024]}, {"key": "federal-bureau-of-investigation", "type": "definition", "offset": [1029, 1060]}, {"key": "criminal-justice-information-services", "type": "clause", "offset": [1071, 1108]}, {"key": "telecommunications-systems", "type": "definition", "offset": [1193, 1219]}, {"key": "physically-secure", "type": "definition", "offset": [1263, 1280]}, {"key": "cjis-security-policy", "type": "definition", "offset": [1393, 1413]}, {"key": "security-and", "type": "clause", "offset": [1448, 1460]}, {"key": "secure-location", "type": "clause", "offset": [1689, 1704]}, {"key": "mobile-devices", "type": "definition", "offset": [1808, 1822]}, {"key": "in-accordance-with", "type": "definition", "offset": [1823, 1841]}, {"key": "state-police", "type": "definition", "offset": [2007, 2019]}], "snippet": "For Informational Purposes Only. Do Not Use.\nA. The DFS and Participating Agency shall comply with applicable Illinois court orders and subpoenas, Illinois and federal statutes, federal regulations, and Illinois administrative rules regarding confidential records or other information obtained by the parties to this Agreement. The records and information shall be protected by the parties to this Agreement from unauthorized disclosure. Any breach notification imposed by law shall be completed by party to this Agreement primarily responsible for said breach or improper dissemination of personally identifiable information or confidential records. Any costs resulting from a breach or improper dissemination shall be borne by the responsible party to this Agreement.\nB. The DFS will deploy and maintain its internal Laboratory Information Management System (LIMS), as well as the websites it makes available to the Participating Agency, utilizing information technology providers that are required by the DFS to adhere to the Federal Bureau of Investigation\u2019s current Criminal Justice Information Services (CJIS) Security Policy.\nC. The Participating Agency shall only utilize computer and telecommunications systems that are permanently maintained within its physically secure locations to access secure websites designated by the DFS.\nD. The DFS shall ensure its websites follow required CJIS Security Policy protocols relating to information security and encrypted communication.\nE. When the DFS makes multi-factor authentication available and Participating Agency elects to utilize it, they may access DFS websites from devices that are not permanently maintained within physically secure location. Alternatively, if the Participating Agency has already implemented multi-factor authentication on its mobile devices in accordance with Sections 5.6 and 5.13 of the CJIS Security Policy, they may utilize these devices if permission is obtained from the Illinois CJIS Systems Officer with the Illinois State Police.", "hash": "f4d0219f90c2c968ed8ff162f5f03a64", "id": 7}, {"samples": [{"hash": "2lmnNomWBqD", "uri": "/contracts/2lmnNomWBqD#information-security-protocols", "label": "Information Technology Staff Augmentation Services", "score": 24.3032169747, "published": true}], "size": 1, "snippet_links": [{"key": "proprietary-information", "type": "definition", "offset": [73, 96]}, {"key": "the-company-and-its-employees", "type": "clause", "offset": [156, 185]}, {"key": "standards-of-conduct", "type": "clause", "offset": [228, 248]}, {"key": "integral-to", "type": "definition", "offset": [286, 297]}, {"key": "hiring-process", "type": "definition", "offset": [358, 372]}, {"key": "employees-must", "type": "clause", "offset": [382, 396]}, {"key": "disclosure-agreement", "type": "definition", "offset": [415, 435]}, {"key": "this-agreement", "type": "clause", "offset": [437, 451]}, {"key": "in-full-force", "type": "definition", "offset": [458, 471]}, {"key": "employed-by", "type": "definition", "offset": [492, 503]}, {"key": "employee-plans", "type": "clause", "offset": [528, 542]}, {"key": "disclosure-form", "type": "clause", "offset": [642, 657]}, {"key": "obligation-to-protect", "type": "clause", "offset": [693, 714]}, {"key": "the-security", "type": "clause", "offset": [1013, 1025]}, {"key": "for-employees", "type": "clause", "offset": [1147, 1160]}, {"key": "seek-guidance", "type": "clause", "offset": [1164, 1177]}, {"key": "the-information", "type": "clause", "offset": [1205, 1220]}, {"key": "to-ensure", "type": "clause", "offset": [1279, 1288]}, {"key": "without-recourse", "type": "clause", "offset": [1330, 1346]}, {"key": "reporting-of-incidents", "type": "clause", "offset": [1381, 1403]}, {"key": "in-writing", "type": "clause", "offset": [1455, 1465]}, {"key": "in-order-to", "type": "clause", "offset": [1467, 1478]}, {"key": "action-by-the-company", "type": "clause", "offset": [1514, 1535]}, {"key": "information-provided", "type": "clause", "offset": [1541, 1561]}, {"key": "provide-a", "type": "definition", "offset": [1567, 1576]}, {"key": "description-of-the", "type": "definition", "offset": [1599, 1617]}, {"key": "factual-basis", "type": "clause", "offset": [1618, 1631]}, {"key": "the-report", "type": "clause", "offset": [1636, 1646]}, {"key": "data-systems", "type": "definition", "offset": [1682, 1694]}, {"key": "areas-of-concern", "type": "definition", "offset": [1709, 1725]}, {"key": "security-and", "type": "clause", "offset": [1748, 1760]}, {"key": "allow-employees", "type": "clause", "offset": [1825, 1840]}, {"key": "vital-information", "type": "definition", "offset": [1853, 1870]}, {"key": "collaborate-with", "type": "clause", "offset": [1924, 1940]}, {"key": "customer-service", "type": "definition", "offset": [1969, 1985]}, {"key": "computer-networks", "type": "definition", "offset": [1993, 2010]}, {"key": "business-process", "type": "definition", "offset": [2035, 2051]}, {"key": "the-risks", "type": "clause", "offset": [2053, 2062]}, {"key": "sensitive-information", "type": "definition", "offset": [2171, 2192]}, {"key": "at-any-time", "type": "clause", "offset": [2293, 2304]}, {"key": "most-important", "type": "clause", "offset": [2320, 2334]}, {"key": "the-process", "type": "clause", "offset": [2365, 2376]}, {"key": "additional-policies", "type": "definition", "offset": [2503, 2522]}, {"key": "roles-and-responsibilities-of-each", "type": "clause", "offset": [2534, 2568]}, {"key": "security-process", "type": "clause", "offset": [2597, 2613]}, {"key": "responsibility-of", "type": "clause", "offset": [2642, 2659]}, {"key": "health-safety", "type": "definition", "offset": [2723, 2738]}, {"key": "information-systems", "type": "definition", "offset": [2762, 2781]}, {"key": "company-assets", "type": "definition", "offset": [2817, 2831]}, {"key": "fiduciary-duty", "type": "definition", "offset": [2871, 2885]}, {"key": "for-the-company", "type": "clause", "offset": [2920, 2935]}, {"key": "privacy-violation", "type": "definition", "offset": [3223, 3240]}, {"key": "service-interruption", "type": "definition", "offset": [3242, 3262]}, {"key": "natural-disaster", "type": "clause", "offset": [3268, 3284]}, {"key": "security-measures", "type": "definition", "offset": [3395, 3412]}, {"key": "the-media", "type": "clause", "offset": [3440, 3449]}, {"key": "the-systems", "type": "clause", "offset": [3511, 3522]}, {"key": "voice-mail", "type": "definition", "offset": [3562, 3572]}, {"key": "electronic-mail", "type": "definition", "offset": [3626, 3641]}, {"key": "access-to-information", "type": "clause", "offset": [3714, 3735]}, {"key": "based-on", "type": "clause", "offset": [3736, 3744]}, {"key": "industry-standards", "type": "definition", "offset": [3865, 3883]}, {"key": "annual-reviews", "type": "clause", "offset": [3912, 3926]}, {"key": "major-security-incident", "type": "definition", "offset": [4024, 4047]}, {"key": "security-of-information", "type": "clause", "offset": [4067, 4090]}, {"key": "remedial-action", "type": "clause", "offset": [4157, 4172]}, {"key": "the-participation", "type": "clause", "offset": [4231, 4248]}, {"key": "and-support", "type": "clause", "offset": [4249, 4260]}, {"key": "reference-materials", "type": "definition", "offset": [4405, 4424]}, {"key": "information-assets", "type": "clause", "offset": [4488, 4506]}, {"key": "training-materials", "type": "definition", "offset": [4508, 4526]}, {"key": "qualified-staff", "type": "clause", "offset": [4626, 4641]}, {"key": "operational-reliance", "type": "clause", "offset": [4652, 4672]}, {"key": "performance-issues", "type": "definition", "offset": [4685, 4703]}, {"key": "state-of-florida", "type": "definition", "offset": [4798, 4814]}, {"key": "principal-personnel", "type": "clause", "offset": [4824, 4843]}, {"key": "for-services", "type": "clause", "offset": [4868, 4880]}, {"key": "future-information", "type": "clause", "offset": [4897, 4915]}, {"key": "services-contract", "type": "clause", "offset": [4946, 4963]}, {"key": "executive-management", "type": "clause", "offset": [5021, 5041]}, {"key": "operations-management", "type": "definition", "offset": [5043, 5064]}, {"key": "staff-positions", "type": "clause", "offset": [5100, 5115]}, {"key": "and-training", "type": "clause", "offset": [5273, 5285]}, {"key": "operational-oversight", "type": "clause", "offset": [5315, 5336]}, {"key": "current-state", "type": "clause", "offset": [5344, 5357]}, {"key": "support-contracts", "type": "clause", "offset": [5431, 5448]}, {"key": "services-provided-by", "type": "clause", "offset": [5462, 5482]}, {"key": "software-engineering", "type": "definition", "offset": [5497, 5517]}, {"key": "software-support", "type": "clause", "offset": [5530, 5546]}, {"key": "december-2009", "type": "clause", "offset": [5653, 5666]}, {"key": "when-\u2587", "type": "clause", "offset": [5667, 5673]}, {"key": "bachelor-of-science", "type": "clause", "offset": [5716, 5735]}, {"key": "computer-science", "type": "clause", "offset": [5803, 5819]}, {"key": "company-in", "type": "clause", "offset": [5946, 5956]}, {"key": "the-development", "type": "clause", "offset": [5990, 6005]}, {"key": "the-\u2587", "type": "clause", "offset": [6010, 6015]}, {"key": "a-senior", "type": "clause", "offset": [6094, 6102]}, {"key": "mission-planning", "type": "clause", "offset": [6132, 6148]}, {"key": "lead-role", "type": "clause", "offset": [6196, 6205]}, {"key": "the-team", "type": "definition", "offset": [6210, 6218]}, {"key": "lead-engineering", "type": "clause", "offset": [6243, 6259]}, {"key": "flight-planning", "type": "clause", "offset": [6333, 6348]}, {"key": "program-manager", "type": "clause", "offset": [6405, 6420]}, {"key": "management-positions", "type": "clause", "offset": [6474, 6494]}, {"key": "development-projects", "type": "definition", "offset": [6726, 6746]}, {"key": "commercial-customers", "type": "definition", "offset": [6772, 6792]}, {"key": "site-support", "type": "clause", "offset": [6927, 6939]}, {"key": "close-to", "type": "definition", "offset": [6970, 6978]}, {"key": "the-world", "type": "definition", "offset": [7028, 7037]}, {"key": "continue-to-provide", "type": "clause", "offset": [7079, 7098]}, {"key": "any-state", "type": "definition", "offset": [7124, 7133]}, {"key": "contracts-that", "type": "clause", "offset": [7145, 7159]}, {"key": "quality-and-timeliness", "type": "clause", "offset": [7210, 7232]}, {"key": "support-team", "type": "definition", "offset": [7260, 7272]}, {"key": "functional-areas", "type": "clause", "offset": [7298, 7314]}, {"key": "contracts-for", "type": "clause", "offset": [7370, 7383]}, {"key": "for-managing", "type": "clause", "offset": [7476, 7488]}, {"key": "florida-customers", "type": "clause", "offset": [7548, 7565]}, {"key": "single-point-of-contact", "type": "clause", "offset": [7592, 7615]}, {"key": "related-to", "type": "clause", "offset": [7632, 7642]}, {"key": "department-of-children-and-families", "type": "definition", "offset": [7698, 7733]}, {"key": "child-care", "type": "clause", "offset": [7740, 7750]}, {"key": "training-system", "type": "definition", "offset": [7751, 7766]}, {"key": "department-of-education", "type": "definition", "offset": [7799, 7822]}, {"key": "management-services", "type": "clause", "offset": [7852, 7871]}, {"key": "services-authorization", "type": "clause", "offset": [7934, 7956]}, {"key": "billing-system", "type": "definition", "offset": [7961, 7975]}, {"key": "insurance-company", "type": "definition", "offset": [8142, 8159]}, {"key": "software-developer", "type": "clause", "offset": [8248, 8266]}, {"key": "insurance-agents", "type": "clause", "offset": [8349, 8365]}, {"key": "lead-developer", "type": "definition", "offset": [8410, 8424]}, {"key": "team-lead", "type": "definition", "offset": [8445, 8454]}, {"key": "manufacturing-company", "type": "definition", "offset": [8460, 8481]}, {"key": "manufacturing-process", "type": "clause", "offset": [8581, 8602]}, {"key": "for-the-state", "type": "definition", "offset": [8970, 8983]}, {"key": "director-of-information-technology", "type": "definition", "offset": [9261, 9295]}, {"key": "management-and-oversight", "type": "clause", "offset": [9306, 9330]}, {"key": "it-solutions", "type": "definition", "offset": [9338, 9350]}, {"key": "associated-partners", "type": "clause", "offset": [9397, 9416]}, {"key": "maintenance-of", "type": "clause", "offset": [9472, 9486]}, {"key": "it-assets", "type": "clause", "offset": [9491, 9500]}, {"key": "the-organization", "type": "definition", "offset": [9512, 9528]}, {"key": "business-continuity", "type": "clause", "offset": [9603, 9622]}, {"key": "it-equipment", "type": "clause", "offset": [9626, 9638]}, {"key": "senior-leadership", "type": "definition", "offset": [9672, 9689]}, {"key": "industry-certifications", "type": "clause", "offset": [9781, 9804]}, {"key": "the-majority", "type": "clause", "offset": [9806, 9818]}, {"key": "services-provider", "type": "definition", "offset": [9895, 9912]}, {"key": "leadership-positions", "type": "clause", "offset": [9935, 9955]}, {"key": "advisory-boards", "type": "clause", "offset": [10140, 10155]}, {"key": "the-director-of-human-resources", "type": "clause", "offset": [10279, 10310]}, {"key": "related-activities", "type": "clause", "offset": [10501, 10519]}, {"key": "performance-development", "type": "clause", "offset": [10531, 10554]}, {"key": "employee-relations", "type": "clause", "offset": [10570, 10588]}, {"key": "organizational-development", "type": "definition", "offset": [10683, 10709]}, {"key": "succession-planning", "type": "clause", "offset": [10734, 10753]}, {"key": "change-management", "type": "definition", "offset": [10780, 10797]}, {"key": "the-division", "type": "definition", "offset": [10883, 10895]}, {"key": "september-2017", "type": "clause", "offset": [10918, 10932]}, {"key": "years-of-experience", "type": "clause", "offset": [10942, 10961]}, {"key": "aerospace-and-defense", "type": "clause", "offset": [10977, 10998]}, {"key": "hr-director", "type": "definition", "offset": [11042, 11053]}, {"key": "security-strategy", "type": "clause", "offset": [11076, 11093]}, {"key": "development-of", "type": "clause", "offset": [11165, 11179]}, {"key": "and-security", "type": "clause", "offset": [11183, 11195]}, {"key": "prior-to", "type": "definition", "offset": [11260, 11268]}, {"key": "organization-and", "type": "clause", "offset": [11344, 11360]}, {"key": "international-operations", "type": "definition", "offset": [11415, 11439]}, {"key": "business-product", "type": "definition", "offset": [11459, 11475]}, {"key": "other-positions", "type": "clause", "offset": [11513, 11528]}, {"key": "product-lines", "type": "definition", "offset": [11643, 11656]}, {"key": "the-compensation", "type": "clause", "offset": [11692, 11708]}, {"key": "business-segment", "type": "definition", "offset": [11728, 11744]}, {"key": "international-employees", "type": "clause", "offset": [11775, 11798]}, {"key": "corporate-headquarters", "type": "clause", "offset": [11843, 11865]}, {"key": "human-resources-management", "type": "clause", "offset": [11982, 12008]}, {"key": "business-administration", "type": "clause", "offset": [12118, 12141]}, {"key": "services-for", "type": "clause", "offset": [12249, 12261]}, {"key": "policies-and-procedures", "type": "clause", "offset": [12302, 12325]}, {"key": "employees-will", "type": "clause", "offset": [12339, 12353]}, {"key": "state-contract", "type": "clause", "offset": [12386, 12400]}], "snippet": "As a partner with our Customer we are entrusted with their Confidential, Proprietary information and it is expected this information will be kept secure by the Company and its employees. Information security is addressed in our Standards of Conduct, Integrity and Ethics Program and is integral to a successful relationship with our Customer. As part of our hiring process, all new employees must sign a Jacobs Non-Disclosure Agreement. This agreement stays in full force as long as they are employed by Jacobs. Likewise, if an employee plans to leave our employ, there are required to review and sign the debrief statement on the Jacobs Non-Disclosure form which states they have a continued obligation to protect this information even after they leave our employ. Another element of our Standards of Conduct, Integrity and Ethics Program is our confidential 24-hour Jacobs Integrity Hotline. Employees are encouraged to use the hotline to report possible violations of the Jacobs policies, possible breaches in the security of Confidential and/Proprietary information whether it be Jacobs or our Customers\u2019 information. The hotline is available for employees to seek guidance if they are unsure whether the information they have a concern with should be reported. In an effort to ensure employees feel they can report incidents without recourse, the hotline allows for anonymous reporting of incidents, or an employee can put the concern confidentially in writing. In order to allow for the appropriate level of action by the company, the information provided must provide a sufficiently detailed description of the factual basis for the report. The Company\u2019s networks and shared data systems are other key areas of concern regarding information security and are an indispensable business tool in today\u2019s environment. They allow employees to retrieve vital information quickly, improve communication while reducing costs, collaborate with partners and provide better customer service. While computer networks have revolutionized the business process, the risks they introduce could be fatal to a company. Attacks on networks can lead to lost money, time, products, and sensitive information. Systems, networks and sensitive information can be compromised by malicious or inadvertent actions at any time. The first and most important step to securing a network is the process of developing policies. Policies define what should be protected, why it should be protected, and how it should be protected. Additional policies define the roles and responsibilities of each employee in the information security process. Security is not solely the responsibility of IT staff; any more than safety is solely the responsibility of Health & Safety staff. Information and information systems are critical and vitally important Company assets. Accordingly, Jacobs\u2019 management has a fiduciary duty to preserve, improve, and account for the Company\u2019s information and information systems. This means that Jacobs\u2019 management take appropriate steps to ensure that information and information systems are properly protected from a variety of threats such as error, fraud, embezzlement, sabotage, terrorism, extortion, industrial espionage, privacy violation, service interruption, and natural disaster. Jacobs\u2019 information must be protected in a manner commensurate with its sensitivity, value, and criticality. Security measures are employed regardless of the media on which information is stored (paper, computer bits, etc.), the systems that process it (computers, firewalls, voice mail systems, etc.), or the methods by which it is moved (electronic mail, face-to-face conversation, etc.). Such protection includes restricting access to information based on the need-to-know. Additionally, Jacobs\u2019 management makes sure that information and information systems are protected to industry standards. To achieve this objective, annual reviews of the risks to Jacobs\u2019 information and information systems are conducted. Similarly, whenever a major security incident indicates that the security of information or information systems is insufficient, management promptly takes remedial action to reduce Jacobs\u2019 exposure. Information security requires the participation and support of all workers. All Jacobs\u2019 workers (employees, consultants, contractors, and temporaries) are provided with sufficient training and supporting reference materials to allow them to properly protect and otherwise manage Jacobs\u2019 information assets. Training materials communicate that information security is an important part of Jacobs\u2019 business. By providing you a qualified staff, ensuring operational reliance, addressing performance issues, and enforcing information security protocols, Jacobs will deliver a quality workforce to the state of Florida. Jacobs\u2019 principal personnel who will be responsible for services under potential future Information Technology Staff Augmentation Services contract are presented below. Included are personnel representing Executive Management, Operations Management, Functional Support Management and Staff positions. \u2587\u2587\u2587\u2587\u2587\u2587 \u2587\u2587\u2587\u2587\u2587\u2587 is Director of the Advanced Connected Enterprise Solutions (ACES) Division within Jacobs Technology\u2019s System Acquisition, Logistics, Testing, and Training (SALTT) segment. He provides operational oversight of the current State of Florida contracts within Jacobs as well as other USAF software and IT support contracts. Engineering services provided by ACES focus on software engineering and on-site software support. \u2587\u2587\u2587\u2587\u2587\u2587 joined TYBRIN Corporation as a software engineer in July. He transitioned to \u2587\u2587\u2587\u2587\u2587\u2587 Technology in December 2009 when \u2587\u2587\u2587\u2587\u2587\u2587 was acquired by Jacobs. \u2587\u2587\u2587\u2587\u2587\u2587 has a Bachelor of Science in Meteorology from Penn State (1987) and a Master\u2019s of Science in Computer Science from Boston University (2000). \u2587\u2587\u2587\u2587\u2587\u2587 spent the first 18 years of his career in a variety of positions with a leading weather company in Massachusetts, including leading the development for the \u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587 website (\u2587\u2587\u2587.\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587). In 2006, \u2587\u2587\u2587\u2587\u2587\u2587 joined TYBRIN as a senior software engineer working on mission planning products for the USAF. In 2007, he assumed the lead role for the team and in 2009 assumes the lead engineering role for TASM Spiral 1A, a $65 million upgrade to Air Mobility Command\u2019s flight planning and optimization system. In 2010 \u2587\u2587\u2587\u2587\u2587\u2587 transitioned to Program Manager for the TASM Spiral 1A effort and held other program management positions, including the initial mission planning development for the KC- 46 tanker. In 2016 \u2587\u2587\u2587\u2587\u2587\u2587 assumed the leadership of the \u2587\u2587\u2587\u2587\u2587\u2587 Software Engineering Center (JSEC) office in Nashua, NH and oversaw a $24 million portfolio of software development projects for a variety of DoD and commercial customers. In 2017, \u2587\u2587\u2587\u2587\u2587\u2587 was appointed as director of ACES and currently oversees a $46M portfolio of software development, IT support and on-site support contracts. ACES currently has close to 350 employees and has personnel stationed across the world in support of our contracts. \u2587\u2587\u2587\u2587\u2587\u2587 will continue to provide operational oversight of any State of Florida contracts that result from this solicitation and will ensure the quality and timeliness of support from the direct support team and all indirect Jacobs\u2019 functional areas. \u2587\u2587\u2587\u2587\u2587 \u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587 is Program Manager of State of Florida contracts for Jacobs Technology\u2019s Advanced Connected Enterprise Solutions (ACES) Group. He is responsible for managing and implementing projects performed in support of State of Florida customers, serving as the corporate single point of contact for all matters related to these contracts. Currently, these projects include the Department of Children and Families (DCF) Child Care Training System (which includes support for the Department of Education (DOE)) and the Department of Management Services (DMS) Division of Telecommunication\u2019s (DivTel) Communications Services Authorization and Billing system (CSAB). \u2587\u2587\u2587\u2587\u2587 has a Bachelor of Science in Mathematics from Georgetown College (1989). \u2587\u2587\u2587\u2587\u2587 spent the first 10 years of his career working as an actuary for a major insurance company in Louisville, Kentucky. While working as an actuary, he showed exceptional skills as a software developer and wrote many in-house pricing applications and one in-field application used by insurance agents. \u2587\u2587\u2587\u2587\u2587 spent the next 10 years working as a lead developer and eventually as a team lead in a manufacturing company in Shepherdsville, Kentucky. He created many in-house applications, optimizing many aspects of the manufacturing process. He led a team of developers to create an online digital magazine viewer. \u2587\u2587\u2587\u2587\u2587 joined TYBRIN Corporation in 2011 as a Senior Software Engineer in the Patriot Excalibur program, working as a middle layer developer and lead database developer. He joined the State of Florida team in 2017 as a senior database developer. In 2017, \u2587\u2587\u2587\u2587\u2587 was appointed as Program Manager for the State of Florida Operations. \u2587\u2587\u2587\u2587\u2587 will continue as Jacobs\u2019 Program Manager for State of Florida contracts under the new IT Staff Augmentation contract. The State will benefit from his understanding of DCF, DOE, and DMS applications and his proven leadership experience. \u2587\u2587\u2587\u2587 is the Director of Information Technology providing management and oversight of all IT solutions and assets for the System Lifecycle Group and associated partners. He is responsible for the implementation, support and maintenance of all IT assets throughout the organization. This includes networking, telephony, A/V, security, compute, storage and business continuity of IT equipment and processes. \u2587\u2587\u2587\u2587 has provided senior leadership in the IT field for 30 years. He holds a BS degree in Applied Mathematics and a variety of industry certifications. The majority of his career was spent with Kindred Healthcare, Inc., a Fortune 500 health services provider. His tenure in senior leadership positions spanned all facets of IT including Development, Support, Operations and Infrastructure. Most recently serving as the Divisional VP of Infrastructure for Kindred. He served on multiple advisory boards for both application and infrastructure vendors throughout his tenure. \u2587\u2587\u2587\u2587 joined the Jacobs team in 2018. \u2587\u2587\u2587 \u2587\u2587\u2587\u2587\u2587\u2587\u2587 is the Director of Human Resources (HR) for the team that provides direct support to the Jacobs Systems Acquisition Logistics Test and Training (SALTT) organization. In this capacity he is responsible for carrying out all HR related activities to include Performance Development, Compensation, Employee Relations, Compliance, Talent Acquisition, Talent Development/Management, Organizational Effectiveness, Organizational Development, Inclusion & Diversity, Succession Planning, Team/Leader Coaching and Change Management; as well as driving the development, execution and improvement of HR strategy across the division. \u2587\u2587\u2587 joined Jacobs in September 2017 with 15+ years of experience working in the Aerospace and Defense Industry. Most recently, \u2587\u2587\u2587 worked as the HR Director for Human Resources & Security Strategy for Raytheon\u2019s Integrated Defense Systems where he was responsible for development of HR and Security Strategy for leadership reviews and annual strategic dialogues. Prior to that, \u2587\u2587\u2587 was the HR Director for Raytheon\u2019s Seapower Capabilities Systems organization and was responsible for all facets of HR for domestic and international operations of the $1.3B naval business product line with ~3,500 matrixed employees. Other positions \u2587\u2587\u2587 has held include working as a multi-site and international HR lead, supporting varying business functions and product lines at the VP level, and performing as the compensation lead for an entire business segment covering 10,000+ domestic and international employees. He has worked in environments ranging from Corporate Headquarters to manufacturing floors with 24/7 shifts in unionized and non-unionized populations. \u2587\u2587\u2587 holds a Master\u2019s degree in Human Resources Management from Texas A&M University, as well as a Bachelor\u2019s degree in Science & Technology and a Bachelor\u2019s degree in Business Administration from Texas A&M University. The State will benefit from this very experienced support by having top quality services for recruiting, screening, and well defined policies and procedures that Jacobs\u2019 employees will follow as they are supporting a State contract.", "hash": "e7962fa5f34ed010d1e33e4769f25bc5", "id": 8}, {"samples": [{"hash": "kumT38Ij3Rs", "uri": "/contracts/kumT38Ij3Rs#information-security-protocols", "label": "Information Technology Staff Augmentation Services Contract", "score": 24.2963723477, "published": true}], "size": 1, "snippet_links": [{"key": "ability-to-ensure", "type": "clause", "offset": [22, 39]}, {"key": "confidential-information", "type": "clause", "offset": [62, 86]}, {"key": "ntt-data", "type": "definition", "offset": [88, 96]}, {"key": "disclosure-of-customer-data", "type": "clause", "offset": [192, 219]}, {"key": "business-operations", "type": "definition", "offset": [251, 270]}, {"key": "the-information", "type": "clause", "offset": [308, 323]}, {"key": "security-principles", "type": "clause", "offset": [324, 343]}, {"key": "every-employee", "type": "clause", "offset": [349, 363]}, {"key": "duty-to-protect", "type": "clause", "offset": [408, 423]}, {"key": "confidential-customer-information", "type": "clause", "offset": [424, 457]}, {"key": "each-year", "type": "definition", "offset": [459, 468]}, {"key": "our-employees", "type": "clause", "offset": [488, 501]}, {"key": "our-code-of-conduct", "type": "clause", "offset": [509, 528]}, {"key": "information-security-policy", "type": "clause", "offset": [549, 576]}, {"key": "specific-requirements", "type": "clause", "offset": [591, 612]}, {"key": "with-respect-to", "type": "clause", "offset": [613, 628]}, {"key": "data-security", "type": "clause", "offset": [629, 642]}, {"key": "employee-assigned", "type": "clause", "offset": [677, 694]}, {"key": "state-agency", "type": "definition", "offset": [700, 712]}, {"key": "acknowledgement-of", "type": "clause", "offset": [722, 740]}, {"key": "the-data", "type": "clause", "offset": [798, 806]}, {"key": "the-people", "type": "definition", "offset": [810, 820]}, {"key": "will-provide", "type": "clause", "offset": [838, 850]}, {"key": "our-staff", "type": "definition", "offset": [851, 860]}, {"key": "the-state", "type": "clause", "offset": [866, 875]}, {"key": "rules-and-procedures", "type": "clause", "offset": [892, 912]}, {"key": "onboarding-process", "type": "definition", "offset": [928, 946]}, {"key": "in-general", "type": "clause", "offset": [948, 958]}, {"key": "employees-must", "type": "clause", "offset": [969, 983]}, {"key": "applicable-security", "type": "definition", "offset": [991, 1010]}, {"key": "before-starting-work", "type": "clause", "offset": [1032, 1052]}, {"key": "security-briefings", "type": "clause", "offset": [1083, 1101]}, {"key": "if-applicable", "type": "clause", "offset": [1103, 1116]}, {"key": "contract-manager", "type": "clause", "offset": [1123, 1139]}, {"key": "protection-of-customer-data", "type": "clause", "offset": [1155, 1182]}, {"key": "the-candidates", "type": "definition", "offset": [1188, 1202]}, {"key": "state-agencies", "type": "clause", "offset": [1216, 1230]}, {"key": "security-incident", "type": "clause", "offset": [1241, 1258]}, {"key": "notify-the", "type": "clause", "offset": [1292, 1302]}, {"key": "in-writing", "type": "clause", "offset": [1309, 1319]}, {"key": "within-one-business-day", "type": "clause", "offset": [1320, 1343]}, {"key": "description-of-the", "type": "definition", "offset": [1378, 1396]}, {"key": "recommendations-for", "type": "clause", "offset": [1448, 1467]}, {"key": "mitigation-and-corrective-action", "type": "clause", "offset": [1468, 1500]}, {"key": "security-concerns", "type": "clause", "offset": [1588, 1605]}, {"key": "confidential-personal-information", "type": "definition", "offset": [1606, 1639]}, {"key": "responsible-for", "type": "clause", "offset": [1652, 1667]}, {"key": "affected-persons", "type": "definition", "offset": [1678, 1694]}], "snippet": "Describe Respondent\u2019s ability to ensure its employees protect confidential information. NTT DATA strives to earn the confidence of the clients we serve. We understand that unauthorized use or disclosure of customer data can be severely detrimental to business operations. NTT DATA\u2019s code of conduct lays out the information security principles that every employee must follow. One of these principles is the duty to protect confidential customer information. Each year, we require all of our employees review our code of conduct, which includes our information security policy. Depending on specific requirements with respect to data security, we will also have every NTT DATA employee assigned to a State agency, sign an acknowledgement of his or her obligations to protect that agency\u2019s data and the data of the people being served. We will provide our staff with the State\u2019s data security rules and procedures as part of our onboarding process. In general, NTT DATA employees must review applicable security rules and procedures before starting work. They must also attend agency security briefings (if applicable). Our contract manager will reinforce protection of customer data with the candidates we assign to State agencies. Should a security incident occur, our contract manager will notify the State in writing within one business day. This notification will include a description of the incident, the information affected, and NTT DATA\u2019s recommendations for mitigation and corrective action to make certain unauthorized use does not reoccur. We understand that if the breach of security concerns confidential personal information, we will be responsible for notifying affected persons.", "hash": "7ef23eb8152bfe17cb934d294689c412", "id": 9}, {"samples": [{"hash": "hbKUAYsqqxF", "uri": "/contracts/hbKUAYsqqxF#information-security-protocols", "label": "Information Technology Staff Augmentation Services Contract", "score": 24.2963723477, "published": true}], "size": 1, "snippet_links": [{"key": "information-technology", "type": "clause", "offset": [17, 39]}, {"key": "security-protocols", "type": "definition", "offset": [45, 63]}, {"key": "information-of", "type": "clause", "offset": [120, 134]}, {"key": "safeguarding-confidential-information", "type": "clause", "offset": [167, 204]}, {"key": "it-security", "type": "definition", "offset": [215, 226]}, {"key": "employees-and-contractors", "type": "clause", "offset": [262, 287]}, {"key": "best-practices", "type": "clause", "offset": [291, 305]}, {"key": "security-breaches", "type": "definition", "offset": [331, 348]}, {"key": "data-loss", "type": "definition", "offset": [353, 362]}, {"key": "staff-working", "type": "clause", "offset": [389, 402]}, {"key": "rules-and-requirements", "type": "clause", "offset": [433, 455]}, {"key": "project-documentation", "type": "definition", "offset": [535, 556]}, {"key": "employee-understands", "type": "clause", "offset": [602, 622]}, {"key": "for-business-use-only", "type": "clause", "offset": [708, 729]}, {"key": "failure-to", "type": "clause", "offset": [735, 745]}, {"key": "the-procedures", "type": "definition", "offset": [755, 769]}, {"key": "employee-handbook", "type": "clause", "offset": [787, 804]}, {"key": "termination-from-employment", "type": "clause", "offset": [830, 857]}, {"key": "company-orientation", "type": "clause", "offset": [900, 919]}, {"key": "a-non", "type": "clause", "offset": [921, 926]}, {"key": "confidentiality-statement", "type": "definition", "offset": [942, 967]}, {"key": "confidential-and-sensitive-information", "type": "definition", "offset": [989, 1027]}, {"key": "in-addition-to", "type": "clause", "offset": [1029, 1043]}, {"key": "safeguard-of-confidential-information", "type": "clause", "offset": [1057, 1094]}, {"key": "work-experience", "type": "definition", "offset": [1100, 1115]}, {"key": "department-of-education", "type": "definition", "offset": [1133, 1156]}, {"key": "department-of-health", "type": "definition", "offset": [1173, 1193]}], "snippet": "Enforcing strict Information Technology (IT) security protocols is important to safeguarding confidential and protected information of our customers. Our established \u201cSafeguarding Confidential Information\u201d standard IT security protocols, are used to educate our employees and contractors on best practices for reducing exposure to security breaches and data loss. We ensure: \u2022 Each of our staff working onsite or offsite follows the rules and requirements set forth by our customers as stated in their employee/operational handbook or project documentation, to protect confidential information. \u2022 Each employee understands that the company\u2019s and customer\u2019s protected and confidential information is strictly for business use only, and failure to abide by the procedures set forth in the employee handbook will result in immediate termination from employment. \u2022 Each of our staff sign, as part of the company orientation, a Non-Disclosure and Confidentiality statement to enforce protected confidential and sensitive information. In addition to ensuring the safeguard of confidential information, our work experience with the Florida Department of Education and the Florida Department of Health has familiarized us with standards such as HIPPA and FERPA and how to best enforce these, depending on project needs.", "hash": "7c31941af231fd876ddc9a4a0177c628", "id": 10}], "next_curs": "CmcSYWoVc35sYXdpbnNpZGVyY29udHJhY3RzckMLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IidpbmZvcm1hdGlvbi1zZWN1cml0eS1wcm90b2NvbHMjMDAwMDAwMGEMogECZW4YACAA", "clause": {"parents": [["customer-data-and-security", "Customer Data and Security"], ["amendments", "Amendments"], ["passwords", "Passwords"], ["duration-and-injunctive-relief", "Duration and Injunctive Relief"], ["staff-management", "Staff Management"]], "children": [["", ""], ["hosting-services", "Hosting Services"], ["additional-services", "Additional Services"], ["general-warranty", "General Warranty"], ["implementation-services", "Implementation Services"]], "title": "Information Security Protocols", "size": 26, "id": "information-security-protocols", "related": [["information-security-program", "Information Security Program", "Information Security Program"], ["security-protocols", "Security Protocols", "Security Protocols"], ["information-security", "Information Security", "Information Security"], ["personal-information-security-breach", "Personal Information security breach", "Personal Information security breach"], ["security-procedures", "Security Procedures", "Security Procedures"]], "related_snippets": [], "updated": "2025-07-07T16:38:45+00:00", "also_ask": [], "drafting_tip": "Specify required security standards to ensure compliance, mandate regular audits to verify adherence, and define breach notification procedures to enable prompt response.", "explanation": "The Information Security Protocols clause establishes the requirements and standards for protecting sensitive data and information within the scope of an agreement. It typically outlines the specific security measures that must be implemented, such as encryption, access controls, and regular security audits, and may apply to both digital and physical information. By clearly defining these protocols, the clause helps ensure that all parties maintain adequate safeguards against data breaches and unauthorized access, thereby reducing the risk of information loss or misuse."}, "json": true, "cursor": ""}}