Personnel Security 6.1 Staff recruitment in accordance with government requirements for pre- employment checks;
Network Security 10.1 Protection of Service and Property. Each Party shall exercise the same degree of care to prevent harm or damage to the other Party and any third parties, its employees, agents or End User Customers, or their property as it employs to protect its own personnel, End User Customers and property, etc.
Internet Security The Service utilizes a comprehensive security strategy to protect your accounts and transactions conducted over the Internet. Prior to activating your access to the Service, our Internet Banking Department will verify your identity and authorization against information associated with the Eligible Account (s) that you request to be linked to the Service. Access IDs and Passcodes - One of the main security features protecting the Service is the unique combination of your Access Identification Code (Access ID) and Passcode. During the enrollment process, you will be asked to select a unique Access ID, and then choose a Passcode that will be used to gain access to the Service. You determine your own Passcode, which is encrypted in our database. Neither this Institution nor its Service Providers have access to this information. The Service will automatically deactivate your account after three unsuccessful login attempts within a 24-hour time frame. You may reset your passcode online or you may contact this Institution for assistance. Because your Passcode is used to access your accounts, you should treat it as you would any other sensitive personal data. • You should carefully select a Passcode that is hard to guess. • You should not use words based on your name, address or other personal information. • Special characters may be used to increase security. • Do NOT use dictionary words. The “Help” link within the Service will offer tips on choosing a secure Passcode that you can remember. • Keep your Passcode safe. • Memorize your Passcode and do NOT write it down. • You should also change your Passcode occasionally, such as every 90 days. • A Passcode should be changed immediately if you suspect that your Passcode has been compromised. This can be done at any time from the “User Services” menu after you log on to the Service. NEITHER THIS INSTITUTION NOR ITS SERVICE PROVIDERS WILL CONTACT YOU VIA TELEPHONE OR EMAIL REQUESTING PERSONAL INFORMATION, YOUR ACCESS ID, OR YOUR PASSCODE. IF YOU ARE CONTACTED BY ANYONE REQUESTING THIS INFORMATION, PLEASE CONTACT US IMMEDIATELY.
Cybersecurity; Data Protection The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with its business, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification, except where the failure to be in compliance would not, individually or in the aggregate, have a Material Adverse Effect.
Privacy and Data Security (a) The parties will keep confidential any information regarding the Company, Nationwide, the Variable Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the fees payable to Nationwide under this Agreement.
System Security (a) If any party hereto is given access to the other party’s computer systems or software (collectively, the “Systems”) in connection with the Services, the party given access (the “Availed Party”) shall comply with all of the other party’s system security policies, procedures and requirements that have been provided to the Availed Party in advance and in writing (collectively, “Security Regulations”), and shall not tamper with, compromise or circumvent any security or audit measures employed by such other party. The Availed Party shall access and use only those Systems of the other party for which it has been granted the right to access and use.
Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.
Web Site Information on registration for and use of the E-Verify program can be obtained via the Internet at the Department of Homeland Security Web site: xxxx://xxx.xxx.xxx/E-Verify.
Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.
Safeguarding and Protecting Children and Vulnerable Adults The Supplier will comply with all applicable legislation and codes of practice, including, where applicable, all legislation and statutory guidance relevant to the safeguarding and protection of children and vulnerable adults and with the British Council’s Child Protection Policy, as notified to the Supplier and amended from time to time, which the Supplier acknowledges may include submitting to a check by the UK Disclosure & Barring Service (DBS) or the equivalent local service; in addition, the Supplier will ensure that, where it engages any other party to supply any of the Services under this Agreement, that that party will also comply with the same requirements as if they were a party to this Agreement.
